Error starting csf with ip6tables

[jlea9378]

I installed CSF (8.01) on my new Debian 8 server. However, I am unable to start the csf service when IP6 is enabled in the csf configuration. I get the following error:
ip6tables v1.4.21: can't initialize ip6tables table `nat': Table does not exist (do you need to insmod?)
Perhaps ip6tables or your kernel needs to be upgraded.

Here's the full output from the restart:

Restarting csf...

Flushing chain `INPUT'
Flushing chain `FORWARD'
Flushing chain `OUTPUT'
Flushing chain `ALLOWIN'
Flushing chain `ALLOWOUT'
Flushing chain `DENYIN'
Flushing chain `DENYOUT'
Flushing chain `INVALID'
Flushing chain `INVDROP'
Flushing chain `LOCALINPUT'
Flushing chain `LOCALOUTPUT'
Flushing chain `LOGDROPIN'
Flushing chain `LOGDROPOUT'
Flushing chain `PREROUTING'
Flushing chain `INPUT'
Flushing chain `OUTPUT'
Flushing chain `POSTROUTING'
Deleting chain `ALLOWIN'
Deleting chain `ALLOWOUT'
Deleting chain `DENYIN'
Deleting chain `DENYOUT'
Deleting chain `INVALID'
Deleting chain `INVDROP'
Deleting chain `LOCALINPUT'
Deleting chain `LOCALOUTPUT'
Deleting chain `LOGDROPIN'
Deleting chain `LOGDROPOUT'
Flushing chain `INPUT'
Flushing chain `FORWARD'
Flushing chain `OUTPUT'
ip6tables v1.4.21: can't initialize ip6tables table `nat': Table does not exist (do you need to insmod?)
Perhaps ip6tables or your kernel needs to be upgraded.

ip6tables v1.4.21: can't initialize ip6tables table `nat': Table does not exist (do you need to insmod?)
Perhaps ip6tables or your kernel needs to be upgraded.
open3: pipe(GLOB(0x2665998), GLOB(0x26659b0)) failed: Too many open files at /usr/sbin/csf line 4620.
...Done.

Restarting lfd...

Job for lfd.service failed. See 'systemctl status lfd.service' and 'journalctl -xn' for details.
...Done.

lfd won't start because I haven't turned off testing mode yet. So I'm not concerned about that right now.

I tried doing some google searching about the ip6tables error but couldn't find a solution.
Version is: ip6tables v1.4.21

[ForumAdmin]

Are you running the latest kernel? We do not see any issues on our test server:

Code: Select all

# uname -a
Linux debian 3.16.0-4-686-pae #1 SMP Debian 3.16.7-ckt11-1 (2015-05-24) i686 GNU/L

[jlea9378]

I have no idea. It's Debian 8. Here's the output from that command:
Linux web.fosterclub.com 3.12.27-xenU #1 SMP Thu Aug 28 23:13:07 UTC 2014 x86_64 GNU/Linux

[ForumAdmin]

That is an old non-native kernel and why it is not working. You either need an updated kernel from your virtual server provider or disable IPV6.

[jlea9378]

Thanks, I'll get in touch with tech support. Their VPS management web interface has a kernel selector and I chose the most recent version offered except for a version 4.0 which was labeled as "experimental". I was afraid to choose that one since this server will go into production eventually...!

[ForumAdmin]

We'll put in a workaround in the next release of csf (due today) that will allow IPV6 support even if the nat table is missing.

[jlea9378]

Tech support at my host told me to try the 4.0 kernel and it works. No more issues with ip6tables. Thanks for your help!