User avatar
Arimil
Posts: 4
Joined: Thu Mar 21, 2019 4:55 am

(Solved) Raspbian Kernel update removes nat support?

Fri Jun 07, 2019 7:01 am

I was able to solve this using netfilter-persistent.

Original Post:
Hey guys I'll start off by first mentioning that I'm following this guide: https://www.raspberrypi.org/documentati ... s-point.md. I've used it in the past without an issue.

However this time around after installing raspbian and running

Code: Select all

sudo apt-get update && sudo apt-get upgrade
I'm having a few issues, it appears iptables aren't persisting between reboots. Running the following command after a reboot causes the internet pass-through to work again.

Code: Select all

sudo iptables -t nat -A  POSTROUTING -o eth0 -j MASQUERADE
If I try to run:

Code: Select all

iptables-restore < /etc/iptables.ipv4.nat
Which was added to rc.local to restore the iptables it outputs the error:
iptables-restore v1.6.0: iptables-restore: unable to initialize table 'nat'

Error occurred at line: 2
Try `iptables-restore -h' or 'iptables-restore --help' for more information.
I've also tried installing iptables-persistent, but was met with similar results. Does anyone know what is going on?
Last edited by Arimil on Fri Jun 07, 2019 9:25 am, edited 2 times in total.

Ernst
Posts: 1334
Joined: Sat Feb 04, 2017 9:39 am
Location: Germany

Re: Raspbian Kernel update removes nat support?

Fri Jun 07, 2019 7:44 am

The first thing I would do is "cat /etc/iptables.ipv4.nat".
The road to insanity is paved with static ip addresses

User avatar
Arimil
Posts: 4
Joined: Thu Mar 21, 2019 4:55 am

Re: Raspbian Kernel update removes nat support?

Fri Jun 07, 2019 8:53 am

I've checked the file, it's laid out like this:
# Generated by iptables-save v1.6.0 on Fri Jun 7 09:52:06 2019
*nat
:PREROUTING ACCEPT [1865:427465]
:INPUT ACCEPT [1799:424165]
:OUTPUT ACCEPT [3766:769237]
:POSTROUTING ACCEPT [2321:449258]
-A POSTROUTING -o eth0 -j MASQUERADE
COMMIT
# Completed on Fri Jun 7 09:52:06 2019
# Generated by iptables-save v1.6.0 on Fri Jun 7 09:52:06 2019
*mangle
:PREROUTING ACCEPT [586188:388043096]
:INPUT ACCEPT [583969:387559983]
:FORWARD ACCEPT [380:24671]
:OUTPUT ACCEPT [448076:141809016]
:POSTROUTING ACCEPT [449937:142265364]
-A POSTROUTING -o wlan0 -p udp -m udp --dport 123 -j TOS --set-tos 0x00/0xff
COMMIT
# Completed on Fri Jun 7 09:52:06 2019
The line it has trouble with is "*nat".

bluenote
Posts: 116
Joined: Thu Feb 05, 2015 8:25 am

Re: (Solved) Raspbian Kernel update removes nat support?

Wed Aug 21, 2019 6:40 pm

Hi

I'm having a similar problem not having my rules persist. Can you elaborate on how you used netfilter-persistent to solve this?

Thanks

Return to “Raspberry Pi OS”