NETGEAR ReadyNAS

[thrane]

I was excited when I saw that iptables was compiled into the kernel, but dismayed to discover that it didn't include iptables_nat (and associated modules).

First I followed the howto guide at http://www.readynas.com/?p=145 for "Setting up a ReadyNAS Development Environment" and apt-get'ed:

apt-get update
apt-get install libc6-dev
apt-get install gcc

Next, I downloaded the GPL dist RNDP6xxx_4.2.5_WW (yes I'm running 4.2.5), configured the kernel to include the necessary modules as loadable modules and built the kernel and configured modules. I copied the built modules to:

/lib/modules/2.6.27.6.RNx86.2.1/kernel/net/ipv4/netfilter/iptable_nat.ko
/lib/modules/2.6.27.6.RNx86.2.1/kernel/net/ipv4/netfilter/ipt_MASQUERADE.ko
/lib/modules/2.6.27.6.RNx86.2.1/kernel/net/ipv4/netfilter/nf_conntrack_ipv4.ko
/lib/modules/2.6.27.6.RNx86.2.1/kernel/net/ipv4/netfilter/nf_nat.ko
/lib/modules/2.6.27.6.RNx86.2.1/kernel/net/netfilter/nf_conntrack.ko

ran 'depmod' and tried to do a 'modprobe':

FATAL: Error inserting nf_conntrack (/lib/modules/2.6.27.6.RNx86.2.1/kernel/net/netfilter/nf_conntrack.ko): Unknown symbol in module, or unknown parameter (see dmesg)

'dmesg' tells me:

nf_conntrack: disagrees about version of symbol skb_copy_bits
nf_conntrack: Unknown symbol skb_copy_bits
nf_conntrack: disagrees about version of symbol nf_afinfo
nf_conntrack: Unknown symbol nf_afinfo
nf_conntrack: Unknown symbol nf_conntrack_destroy
nf_conntrack: Unknown symbol nf_ct_destroy
nf_conntrack: disagrees about version of symbol nf_log_packet
nf_conntrack: Unknown symbol nf_log_packet
nf_conntrack: Unknown symbol ip_ct_attach

So I'm guessing that the version of the kernel that my ReadyNAS is running does not correspond to the one that I can build from the RNDP6xxx_4.2.5_WW distribution.

Just to check that I hadn't comletely messed things up, I did a diff between the config file found in arch/x86/configs (are described in this forum thread: viewtopic.php?f=35&t=26164&hilit=arch%2Fx86) and mine:

nas01:/usr/src/linux# diff .config arch/x86/configs/i386_defconfig
4c4
< # Thu Jun 11 07:49:02 2009
---
> # Wed Jan 14 11:49:25 2009
464,480c464
< CONFIG_NF_CONNTRACK=m
< # CONFIG_NF_CT_ACCT is not set
< # CONFIG_NF_CONNTRACK_MARK is not set
< # CONFIG_NF_CONNTRACK_EVENTS is not set
< # CONFIG_NF_CT_PROTO_DCCP is not set
< # CONFIG_NF_CT_PROTO_SCTP is not set
< # CONFIG_NF_CT_PROTO_UDPLITE is not set
< # CONFIG_NF_CONNTRACK_AMANDA is not set
< # CONFIG_NF_CONNTRACK_FTP is not set
< # CONFIG_NF_CONNTRACK_H323 is not set
< # CONFIG_NF_CONNTRACK_IRC is not set
< # CONFIG_NF_CONNTRACK_NETBIOS_NS is not set
< # CONFIG_NF_CONNTRACK_PPTP is not set
< # CONFIG_NF_CONNTRACK_SANE is not set
< # CONFIG_NF_CONNTRACK_SIP is not set
< # CONFIG_NF_CONNTRACK_TFTP is not set
< # CONFIG_NF_CT_NETLINK is not set
---
> # CONFIG_NF_CONNTRACK is not set
489,492d472
< # CONFIG_NETFILTER_XT_MATCH_CONNBYTES is not set
< # CONFIG_NETFILTER_XT_MATCH_CONNLIMIT is not set
< # CONFIG_NETFILTER_XT_MATCH_CONNMARK is not set
< # CONFIG_NETFILTER_XT_MATCH_CONNTRACK is not set
496d475
< # CONFIG_NETFILTER_XT_MATCH_HELPER is not set
509d487
< # CONFIG_NETFILTER_XT_MATCH_STATE is not set
520,521d497
< CONFIG_NF_CONNTRACK_IPV4=m
< # CONFIG_NF_CONNTRACK_PROC_COMPAT is not set
533,545d508
< CONFIG_NF_NAT=m
< CONFIG_NF_NAT_NEEDED=y
< CONFIG_IP_NF_TARGET_MASQUERADE=m
< # CONFIG_IP_NF_TARGET_REDIRECT is not set
< # CONFIG_IP_NF_TARGET_NETMAP is not set
< # CONFIG_NF_NAT_SNMP_BASIC is not set
< # CONFIG_NF_NAT_FTP is not set
< # CONFIG_NF_NAT_IRC is not set
< # CONFIG_NF_NAT_TFTP is not set
< # CONFIG_NF_NAT_AMANDA is not set
< # CONFIG_NF_NAT_PPTP is not set
< # CONFIG_NF_NAT_H323 is not set
< # CONFIG_NF_NAT_SIP is not set

The only that that worried me was the 'y' on ONFIG_NF_NAT_NEEDED=y as that could require changes in the kernel. However after a global search on the code, that flag does not affect the kernel just the nf_conntrack and related modules.

This leads me to two questions:

1) If I'm right that the kernel running on my box is different than what I'm able to build, where do I find the right kernel source? My uname returns:

Linux nas01 2.6.27.6.RNx86.2.1 #1 SMP Wed Apr 22 04:42:29 PDT 2009 i686 GNU/Linux

2) Assuming I can't get the "right" kernel source - how do I go about installing the newly built kernel?

I'd appreciate any help, thanks!

[trilly]

Hi!

I'm having the exact same issue. Has anyone successfully compiled IPSec, Bridging or PPP modules on the Pro yet?

Cheers,

Ralf

[chirpa]

Linux nas01 2.6.27.6.RNx86.2.1 #1 SMP Wed Apr 22 04:42:29 PDT 2009 i686 GNU/Linux

The 4.2.5 GPL package has the right kernel sources for that version.
arch/x86/configs/i386_defconfig:

# Linux kernel version: 2.6.27.6.RNx86.2.1

[Nikrep]

Sorry to resurrect an old thread but I am having problems trying to install the same modules on my ReadyNas Pro.

I have followed the guides that I have found and run

apt-get update
apt-get -f install
apt-get install build-essential
apt-get install lzma

downloaded RNDP6xxx_4.2.15_WW_src.zip
unzip RNDP6xxx_4.2.15_WW_src.zip
cd linux-2.6.33.7
cp /arch/x86/configs/defconfig.up .config
vi .config (configured modules required)
make -j3 (selected modules as 'm' where possible)
make modules
cd net/netfilter
insmod nf_conntrack.ko

Then I get an error telling me the module is an invalid format?
but modinfo shows the version of the module to be the same as the running kernel??

[Nikrep]

I guess i should also include the output of uname -a

Linux nas 2.6.33.7.RNx86_64.2.2 #1 SMP Fri Oct 15 13:20:46 PDT 2010 x86_64 GNU/Linux

[Nikrep]

Tried to re-compile using alternative config files in /arch/x86/configs/ and still cant load modules
modinfo output
filename: nf_conntrack.ko
license: GPL
vermagic: 2.6.33.7.RNx86_64.2.2 SMP mod_unload modversions
depends:
parm: acct:Enable connection tracking flow accounting. (bool)
parm: expect_hashsize:uint

and

insmod: error inserting 'nf_conntrack.ko': -1 Unknown symbol in module

[kvisle]

I'm having the exact same issue as well - if one of you earlier posters figured out how to work around it - I'd be very happy to know how.

[ailas]

Same here. I got Ultra 2 with latest beta T40. Download T40 kernel-sources with "netgearize" patch. Applied to same version kernel 2.6.37.6. Make with ARCH="x68_64" ...
After that, I get insmod: error inserting './net/ipv4/netfilter/nf_nat.ko': -1 Unknown symbol in module

Code: Select all

nas:~/dev/kernel-build-tools-x86/2.6.37/linux-2.6.37.6# uname -a
Linux nas 2.6.37.6.RNx86_64.2.2 #1 SMP Wed Feb 1 12:47:30 PST 2012 x86_64 GNU/Linux

nas:~/dev/kernel-build-tools-x86/2.6.37/linux-2.6.37.6# modinfo /lib/modules/2.6.37.6.RNx86_64.2.2/kernel/drivers/scsi/scsi_wait_scan.ko
filename:       /lib/modules/2.6.37.6.RNx86_64.2.2/kernel/drivers/scsi/scsi_wait_scan.ko
description:    SCSI wait for scans
author:         James Bottomley
license:        GPL
vermagic:       2.6.37.6.RNx86_64.2.2 SMP mod_unload modversions
depends:

nas:~/dev/kernel-build-tools-x86/2.6.37/linux-2.6.37.6# modinfo ./net/ipv4/netfilter/nf_nat.ko
filename:       ./net/ipv4/netfilter/nf_nat.ko
license:        GPL
alias:          nf-nat-ipv4
vermagic:       2.6.37.6.RNx86_64.2.2 SMP mod_unload modversions
depends:        nf_conntrack,nf_conntrack_ipv4


If i try insmod nf_conntrack.ko I get -1 Invalid parameters, and nf_conntrack_ipv4.ko is -1 Unknown symbol in module.
Tried copy them to /lib/modules/2.6.37.6.RNx86_64.2.2/kernel/ but depmod -a gives me No space left on device even if on / where /lib is also is 1012M free. No quotas on /.
Just not enough INodes.

EDIT: Now modules are in /lib/modules/... but modprobe nf_nat:

Code: Select all

nas:~/dev/kernel-build-tools-x86/2.6.37/linux-2.6.37.6# modprobe nf_nat
WARNING: Error inserting nf_defrag_ipv4 (/lib/modules/2.6.37.6.RNx86_64.2.2/kernel/net/ipv4/netfilter/nf_defrag_ipv4.ko): Invalid argument
WARNING: Error inserting nf_conntrack (/lib/modules/2.6.37.6.RNx86_64.2.2/kernel/net/netfilter/nf_conntrack.ko): Invalid argument
WARNING: Error inserting nf_conntrack_ipv4 (/lib/modules/2.6.37.6.RNx86_64.2.2/kernel/net/ipv4/netfilter/nf_conntrack_ipv4.ko): Unknown symbol in module, or unknown parameter (see dmesg)
FATAL: Error inserting nf_nat (/lib/modules/2.6.37.6.RNx86_64.2.2/kernel/net/ipv4/netfilter/nf_nat.ko): Unknown symbol in module, or unknown parameter (see dmesg)


And dmegs is full of messages like unknown symbol

Code: Select all

...
nf_nat: Unknown symbol __nf_ct_l4proto_find (err 0)
nf_nat: Unknown symbol nf_ct_invert_tuplepr (err 0)
nf_nat: Unknown symbol nf_ct_l3proto_put (err 0)
nf_nat: disagrees about version of symbol skb_put
nf_nat: Unknown symbol skb_put (err -22)
...


EDIT LAST:

After flashing stable 4.2.19 and using GPL package with kernel and config for this version, I compiled it without any change to config. All (4 maybe) modules loaded (by insmod) OK. If just 3-4 NF_NAT needed modules were added, I got

Code: Select all

make "ARCH=x86_64" modules
...
Building modules, stage 2.
  MODPOST 9 modules
ERROR: "ip_ct_attach" [net/netfilter/nf_conntrack.ko] undefined!
ERROR: "nf_ct_destroy" [net/netfilter/nf_conntrack.ko] undefined!
ERROR: "nf_conntrack_destroy" [net/netfilter/nf_conntrack.ko] undefined!
ERROR: "nf_conntrack_destroy" [net/ipv4/netfilter/nf_conntrack_ipv4.ko] undefined!


Some other modules can be compiled and loaded though.
So I think whole kernel needs to be recompiled, if you want use NAT on your ReadyNAS device. Kernel is on NAND flash...

[marek_erban]

it looks NF_CONNTRACK needs some changes in kernel - I mean it doesn't matter if you build it as a module or into the kernel, you have to update kernel in NAS.

I did it, but I have different problem - I described it in
http://www.readynas.com/forum/viewtopic.php?f=65&t=69234