After upgrading all the recommended packages via the package manager on virtualmin, FirewallD will no longer start. When I check its status, I get this ugly error message:
2019-09-20 15:46:27 ERROR: Failed to load nf_conntrack module: modprobe: ERROR: could not find module by name='nf_conntrack' modprobe: ERROR: could not insert 'nf_conntrack': Function not implemented modprobe: ERROR: Error running install command for nf_conntrack modprobe: ERROR: could not insert 'nf_conntrack': Operation not permitted
nf_conntrack is missing, and FirewallD depends on it!
[root@123 ~]
yum -q list installed kernel*Installed Packages kernel-debug-devel.x86_64 3.10.0-1062.1.2.el7 @updates kernel-headers.x86_64 3.10.0-1062.1.2.el7 @updates
[root@123 ~]# uname -r
4.19.62-mod-std-ipv6-64-rescue
[root@123 ~]
modinfo nf_conntrackmodinfo: ERROR: Module alias nf_conntrack not found.
What can I do to fix this? My server is vulnerable to vicious attacks. I tried asking on the Centos forum, but their response was simple: "Not a CentOS kernel and presumably missing the required module. You need to talk to the people that supply that kernel (which is not us)."
https://centos.org/forums/viewtopic.php?f=48&t=71716&sid=6a282b6c6a0d245...
I'm fairly certain that Webmin/Virtualmin is not providing your kernels. Check what repos you have set as you have probably enabled a 3rd party repo to gain access to some other package. You could use yum to try manually searching for and installing a different kernel. Preferably something that the CentOS community can support.
Howdy,
If CentOS was installed onto a dedicated server, unless another kernel was manually added, it would be a CentOS kernel that's being used there.
If it's on a VPS, it's possible the VPS provider is using their own kernels. A lot of VPS providers offer their own kernels.
As noisemarine mentioned though Virtualmin doesn't provide any kernels, we just use the kernel that comes with the OS.
-Eric
Centos is installed on a dedicated server. Those that are enabled are:
They were enabled originally when I installed virtualmin. Anyway, the issue remains, nf_conntrack is missing and preventing FirewallD from working. What do you suggest I do?
Re-reading your original post, you mentioned that your kernel shows up as "4.19.62-mod-std-ipv6-64-rescue".
I Google'd that name, and see some references to that being a custom OVH kernel.
Are you by chance using OVH as a provider?
This OVH user here seems to be having a similar problem:
https://centos.org/forums/viewtopic.php?t=71716
They changed the kernel that they're using to resolve it, switching back to the standard CentOS kernel.
I'm not sure how to do that at OVH, but if that's your provider, you may need to work with them to see see if they have alternate kernels you can boot into, or if they otherwise have an idea as to how to use that module you need.
-Eric
Hi Eric.
He mentions "With the CentOS kernel 3.10.0-1062.1.1.el7.x86_64, everything works well."
How the heck do I install a new kernel. I've never had to do something like this; I have 7 sites running on the server, perhaps install a new kernel will undo everything? Sounds like a stupid question, but I really don't know.
When I updated the packages via virtualmin, how did the virtualmin custom kernel come into the picture? How does that even work?
There is no Virtualmin custom kernel.
The kernel came from your provider or somewhere else. It gets installed in the same way that other software is installed - either at the time the system software is installed, or later by someone either upgrading or requesting it.