ERROR: Couldn't determine iptables version

Tubz · May 2, 2023, 7:27pm

After doing ufw status I get the error,

ERROR: Couldn’t determine iptables version

I’ve done

apt-get install reinstall iptables

and it always downloads iptables 1.8.7 despite the newest version being 1.8.9 I don’t know what’s up with that I’ve had this error since I first started using this OS. I’ve tried downloading the package using iptables=1.8.9 but no luck either. I checked online but there seems to be no good solution that works. I’ve tried purging it and installing and t doesn’t work. i do remember it did work for a day a while ago, before it stopped working, and I also remember fixing the problem using the legacy version, but that made everything crash. It might be why my domain doesn’t work after applying SSL cert. Is there any solution to this?

iptables
iptables/1.8.7 Failed to initialize nft: Protocol not supported

this is also another error I get.

Jappe · May 2, 2023, 7:40pm

The latest version for debian bullseye is 1.8.7., so that is fine.
https://packages.debian.org/search?keywords=iptables
You could upgrade to debian bookworm to get 1.8.9 but I think the reason for your problem lies somewhere else, your iptables does not support nftables.
Is it possible that you are still running the legacy version?

Joulinar · May 2, 2023, 8:38pm

yes correct, version of iptables depends on Debian version Debian -- Package Search Results -- iptables

I guess you would need to switch to iptables-legacy raspberry pi - iptables/1.8.2 Failed to initialize nft: Protocol not supported - Super User

# update-alternatives --set iptables /usr/sbin/iptables-legacy
# update-alternatives --set ip6tables /usr/sbin/ip6tables-legacy
# update-alternatives --set arptables /usr/sbin/arptables-legacy
# update-alternatives --set ebtables /usr/sbin/ebtables-legacy

usually, SSL has nothing to do with iptables

Tubz · May 2, 2023, 9:21pm

ufw status
ERROR: problem running iptables: iptables v1.8.7 (legacy): can't initialize iptables table `filter': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.

Tubz · May 2, 2023, 9:22pm

also for some reason, I can’t reboot or the pi won’t turn on again until I manually remove the power cable. So is it necessary for me to reboot and try again or no?

Tubz · May 2, 2023, 9:23pm

no idea but I think it’s legacy now after running Joulinars commands.

Joulinar · May 2, 2023, 9:39pm

can you share your system configuration. I would like to replicate your behaviour.

Required

DietPi version | cat /boot/dietpi/.version
Distro version | echo $G_DISTRO_NAME $G_RASPBIAN
Kernel version | uname -a
Architecture | dpkg --print-architecture
SBC model | echo $G_HW_MODEL_NAME or (EG: RPi3)

Tubz · May 2, 2023, 10:02pm

DietPi version |

G_DIETPI_VERSION_CORE=8
G_DIETPI_VERSION_SUB=16
G_DIETPI_VERSION_RC=2
G_GITBRANCH=‘master’
G_GITOWNER=‘MichaIng’
G_LIVE_PATCH_STATUS[0]=‘not applicable’

Distro version |

bullseye 0

Kernel version |

Linux iphone 5.15.84-v8+ #1613 SMP PREEMPT Thu Jan 5 12:03:08 GMT 2023 aarch64 GNU/Linux

Architecture |

arm64

SBC model |

-bash: syntax error near unexpected token `(’

Tubz · May 2, 2023, 10:24pm

@Joulinar did you manage to replicate it?

Joulinar · May 2, 2023, 10:28pm

I need to know your SBC

echo $G_HW_MODEL_NAME

Tubz · May 2, 2023, 10:32pm

I tried rebooting it again and disconnected and connected the power, but it looks like its not connecting anymore, let me connect a monitor and ill get back to you

Joulinar · May 2, 2023, 10:36pm

I tested apt install ufw -y on a RPi4B and Orange Pi 5. On both systems iptables configured automatically during installation of ufw.

Setting up iptables (1.8.7-1) ...
update-alternatives: using /usr/sbin/iptables-legacy to provide /usr/sbin/iptables (iptables) in auto mode
update-alternatives: using /usr/sbin/ip6tables-legacy to provide /usr/sbin/ip6tables (ip6tables) in auto mode
update-alternatives: using /usr/sbin/iptables-nft to provide /usr/sbin/iptables (iptables) in auto mode
update-alternatives: using /usr/sbin/ip6tables-nft to provide /usr/sbin/ip6tables (ip6tables) in auto mode
update-alternatives: using /usr/sbin/arptables-nft to provide /usr/sbin/arptables (arptables) in auto mode
update-alternatives: using /usr/sbin/ebtables-nft to provide /usr/sbin/ebtables (ebtables) in auto mode

No issues to show status

root@DietPiOPi5:~# ufw status
Status: inactive
root@DietPiOPi5:~#

root@DietPi4:~# ufw status
Status: inactive
root@DietPi4:~#

I assume you are running Raspberry Pi. Interesting point is your kernel version. It should be 6.1 already on RPI SBC.

Tubz · May 2, 2023, 10:55pm

That’s odd, I’ve now removed it, and purged it, I’ve also done the same to iptables and it does say Nftables is a recommended package, should I install that too? Also is it bad I’m on an old kernel? can I update it?

Tubz · May 2, 2023, 10:56pm

Also i still get this

root@iphone:~# ufw status
ERROR: Couldn't determine iptables version

Tubz · May 2, 2023, 11:14pm

@Joulinar im going to presume either I’ve done something very stupid and broken everything, or my pi hates me? I’d appreciate any help, if not I’m just going to deal with this in about a month and a half.

Joulinar · May 3, 2023, 6:50am

Try to purge the whole stuff first

apt purge ufw -y
apt autoremove -y

Reboot the system and check for available packages

apt update

Tubz · May 3, 2023, 7:02am

So I’ll run these commands but I need to leave in a bit, is there any way to solve my reboot problem first because if I leave the house I won’t be able to reboot my pi because it will not turn on. Reboot -f apparently should work but it doesn’t either.

Tubz · May 3, 2023, 7:14am

root@iphone:~# apt update
Hit:1 https://deb.debian.org/debian bullseye InRelease
Hit:2 https://archive.raspberrypi.org/debian bullseye InRelease
Hit:3 https://deb.debian.org/debian bullseye-updates InRelease
Hit:4 https://deb.debian.org/debian-security bullseye-security InRelease
Hit:5 https://deb.debian.org/debian bullseye-backports InRelease
Hit:6 https://download.mono-project.com/repo/debianbuster InRelease
Hit:7 https://packagecloud.io/ookla/speedtest-cli/debian bullseye InRelease
Reading package lists... 
Done Building dependency tree... 
Done Reading state information... 
Done All packages are up to date.

Joulinar · May 3, 2023, 8:11am

@MichaIng can you have a look why kernel is not updated to latest version?

@Tubz you could connect a screen to check why your system is not rebooting and where it stuck.

Tubz · May 3, 2023, 8:34am

well im out now but i ran a few test last night, when entering reboot command, it would shut down, i would see on the connected screen than some sort of output showed extremely quickly and then it turned off, network lights remained on, and the ssd light did not flash at all, the the light next to the power light on the pi did not flash either, but i did see the keyboard light turn off then on. This happened every time last night, this morning i tried again everything was the same except the network port lights were off, when i see network i mean the Ethernet port. As of right now im not able to physically access it as ive left home, but there was difference with reboot -f either.
Ive seen people on the raspberry pi forums report this same problem but no solutions, any ideas?