ERROR: Couldn't determine iptables version

After doing ufw status I get the error,

ERROR: Couldn’t determine iptables version

I’ve done

apt-get install reinstall iptables

and it always downloads iptables 1.8.7 despite the newest version being 1.8.9 I don’t know what’s up with that I’ve had this error since I first started using this OS. I’ve tried downloading the package using iptables=1.8.9 but no luck either. I checked online but there seems to be no good solution that works. I’ve tried purging it and installing and t doesn’t work. i do remember it did work for a day a while ago, before it stopped working, and I also remember fixing the problem using the legacy version, but that made everything crash. It might be why my domain doesn’t work after applying SSL cert. Is there any solution to this?

iptables/1.8.7 Failed to initialize nft: Protocol not supported

this is also another error I get.

The latest version for debian bullseye is 1.8.7., so that is fine.
You could upgrade to debian bookworm to get 1.8.9 but I think the reason for your problem lies somewhere else, your iptables does not support nftables.
Is it possible that you are still running the legacy version?

yes correct, version of iptables depends on Debian version Debian -- Package Search Results -- iptables

I guess you would need to switch to iptables-legacy raspberry pi - iptables/1.8.2 Failed to initialize nft: Protocol not supported - Super User

# update-alternatives --set iptables /usr/sbin/iptables-legacy
# update-alternatives --set ip6tables /usr/sbin/ip6tables-legacy
# update-alternatives --set arptables /usr/sbin/arptables-legacy
# update-alternatives --set ebtables /usr/sbin/ebtables-legacy

usually, SSL has nothing to do with iptables

ufw status
ERROR: problem running iptables: iptables v1.8.7 (legacy): can't initialize iptables table `filter': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.

also for some reason, I can’t reboot or the pi won’t turn on again until I manually remove the power cable. So is it necessary for me to reboot and try again or no?

no idea but I think it’s legacy now after running Joulinars commands.

can you share your system configuration. I would like to replicate your behaviour.


  • DietPi version | cat /boot/dietpi/.version
  • Distro version | echo $G_DISTRO_NAME $G_RASPBIAN
  • Kernel version | uname -a
  • Architecture | dpkg --print-architecture
  • SBC model | echo $G_HW_MODEL_NAME or (EG: RPi3)

DietPi version |

G_LIVE_PATCH_STATUS[0]=‘not applicable’

Distro version |

bullseye 0

Kernel version |

Linux iphone 5.15.84-v8+ #1613 SMP PREEMPT Thu Jan 5 12:03:08 GMT 2023 aarch64 GNU/Linux

Architecture |


SBC model |

-bash: syntax error near unexpected token `(’

@Joulinar did you manage to replicate it?

I need to know your SBC


I tried rebooting it again and disconnected and connected the power, but it looks like its not connecting anymore, let me connect a monitor and ill get back to you

I tested apt install ufw -y on a RPi4B and Orange Pi 5. On both systems iptables configured automatically during installation of ufw.

Setting up iptables (1.8.7-1) ...
update-alternatives: using /usr/sbin/iptables-legacy to provide /usr/sbin/iptables (iptables) in auto mode
update-alternatives: using /usr/sbin/ip6tables-legacy to provide /usr/sbin/ip6tables (ip6tables) in auto mode
update-alternatives: using /usr/sbin/iptables-nft to provide /usr/sbin/iptables (iptables) in auto mode
update-alternatives: using /usr/sbin/ip6tables-nft to provide /usr/sbin/ip6tables (ip6tables) in auto mode
update-alternatives: using /usr/sbin/arptables-nft to provide /usr/sbin/arptables (arptables) in auto mode
update-alternatives: using /usr/sbin/ebtables-nft to provide /usr/sbin/ebtables (ebtables) in auto mode

No issues to show status

root@DietPiOPi5:~# ufw status
Status: inactive
root@DietPi4:~# ufw status
Status: inactive

I assume you are running Raspberry Pi. Interesting point is your kernel version. It should be 6.1 already on RPI SBC.

That’s odd, I’ve now removed it, and purged it, I’ve also done the same to iptables and it does say Nftables is a recommended package, should I install that too? Also is it bad I’m on an old kernel? can I update it?

Also i still get this

root@iphone:~# ufw status
ERROR: Couldn't determine iptables version

@Joulinar im going to presume either I’ve done something very stupid and broken everything, or my pi hates me? I’d appreciate any help, if not I’m just going to deal with this in about a month and a half.

Try to purge the whole stuff first

apt purge ufw -y
apt autoremove -y

Reboot the system and check for available packages

apt update

So I’ll run these commands but I need to leave in a bit, is there any way to solve my reboot problem first because if I leave the house I won’t be able to reboot my pi because it will not turn on. Reboot -f apparently should work but it doesn’t either.

root@iphone:~# apt update
Hit:1 bullseye InRelease
Hit:2 bullseye InRelease
Hit:3 bullseye-updates InRelease
Hit:4 bullseye-security InRelease
Hit:5 bullseye-backports InRelease
Hit:6 InRelease
Hit:7 bullseye InRelease
Reading package lists... 
Done Building dependency tree... 
Done Reading state information... 
Done All packages are up to date. 

@MichaIng can you have a look why kernel is not updated to latest version?

@Tubz you could connect a screen to check why your system is not rebooting and where it stuck.

1 Like

well im out now but i ran a few test last night, when entering reboot command, it would shut down, i would see on the connected screen than some sort of output showed extremely quickly and then it turned off, network lights remained on, and the ssd light did not flash at all, the the light next to the power light on the pi did not flash either, but i did see the keyboard light turn off then on. This happened every time last night, this morning i tried again everything was the same except the network port lights were off, when i see network i mean the Ethernet port. As of right now im not able to physically access it as ive left home, but there was difference with reboot -f either.
Ive seen people on the raspberry pi forums report this same problem but no solutions, any ideas?