I wonder if the apt system thinks you are running the 2.4.x kernel instead?

What does it say when you run, 'dpkg -l ¦ grep kernel-image'

Important too, what does it say when running 'uname -a' ?

Maybe you're using a 2.4 kernel without noticing it.

You are going to need support for ipchains compiled into the kernel; if you compiled it yourself check for that option.

>What does it say when you run, 'dpkg -l ¦ grep kernel-image'

doesn't return anything. but dpkg -l ¦ grep kernel returns:

ii pciutils 2.1.9-4 Linux PCI Utilities (for 2.[1234].x kernels)

>uname -a
Linux eeyor 2.2.20-idepci #1 Sat Apr 20 12:45:19 EST 2002 i686 unknown

>doesn't return anything.
So, you compiled your own kernel then?

It was precompiled little, one of the minimal downloads which contains the kernel and enough packages to get started, then you retrieve the packages you want to complete your system. Maybe I should just go with the 2.4 kernel and iptables instead. I've been trying to fix this for a week and I just can't find what's wrong. All the modules that should be there seem to be there using modprobe.

You probably did this already, but if you haven't make sure your /etc/apt/sources.list is pointing to the right sources for woody and then run:
apt-get update
apt-get dist-upgrade
apt-get -f install -- would fix dependency problems in theory

And if that does anything maybe purge and reinstall ipchains, and see what happens.

It just feels sort of like a broken dependency database by the lack of a return from 'dpkg -l ¦ grep kernel-image'.

>apt-get update
>apt-get dist-upgrade
>apt-get -f install -- would fix dependency problems in theory

Yes I did try that, it reports 0's across the board, "0 packages upgraded, 0 newly installed, 0 to remove and 0 not upgraded."

I might just recompile the kernel to make sure that it isn't confused about something, failing that I think I'll go with the 2.4 kernel.

Well Air, I won't criticize, you're free to do as you want, but using a 1360kb kernel download and expecting that everything works is kind of expecting a little too much :)

My recomendation is to download kernel sources and kernel-package (apt-get install kernel-source-2.2.21 kernel-package) and zless debian.README.gz at /usr/doc/kernel-source-2.x.x to rebuild it easily using make-kpkg.

I don't use that kernel in particular, but more probably the support for ipchains at the configuration (make menuconfig or such) was disabled on your very basic kernel. I checked and there are not modules for that in the particular version reported by uname.

>....1360kb kernel download and expecting that everything works is kind of expecting a little too much

-hehehe yeah I guess it is a bit much to expect :)

I compiled a 2.4. kernel with necessary modules, iptables works just fine with it. I might go back an mess with the 2.2 kernel later (but I doubt it) ...

>I compiled a 2.4. kernel with necessary modules, iptables works just
>fine with it. I might go back an mess with the 2.2 kernel later (but I
>doubt it) ...

If I were you, I wouldn't bother revisiting the 2.2 kernel unless you are trying to set up a firewall on a machine too old to run the current version of the distribution. There are other reasons to go with a particular kernel version other than the latest release, but I think 2.4 and iptables is a good default. I know for a while I heard people complain that the 2.4 kernels weren't ready for production use, but the last time I managed to crash a 2.4 series kernel, the version number ended in 'testX-preY'.

Of course, the most heavily loaded systems I've been responsible for only had a couple hundred users (half of whom were in reality just entries in the password file.), which I'm sure is childs' play compared to the experience of at least a few others around. My oppinion is only slightly more definitive than my spelling. ;)

Dingman, welcome to WebmasterWorld, and to it's relatively fledgling *nix forum! I look forward to reading more of your posts.