How do I add nftables manually?

sekai · September 6, 2022, 12:47pm

I installed nftables by sudo apt install nftables command, but nftables.service is failed. (all lines are not processable.)

lsmod | grep nf_tables command returns nothing, so it seems kernel doesn’t load nftables module correctly.

And I found CONFIG_NF_TABLES variable is not set on /proc/config.gz file.

How do I add nftables manually? Should I build kernel?
Please tell me the way to do this.

I use Jetson Xavier.

cat /etc/os-release command returns

NAME="Ubuntu"
VERSION="20.04.4 LTS (Focal Fossa)"
ID=ubuntu
ID_LIKE=debian
PRETTY_NAME="Ubuntu 20.04.4 LTS"
VERSION_ID="20.04"
HOME_URL="https://www.ubuntu.com/"
SUPPORT_URL="https://help.ubuntu.com/"
BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"
PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"
VERSION_CODENAME=focal
UBUNTU_CODENAME=focal

uname -srm command returns

Linux 5.10.104-tegra aarch64

thanks.

linuxdev · September 6, 2022, 8:47pm

Is this a TX2? Are you using JetPack/SDK Manager 5.x? If so, they are not considered compatible. However, if you do get a TX2 running under JP5 (or even if it still runs under JP4), then basically you would need to compile the kernel modules for your use. A list of candidate modules is long, but somewhere in documentation you would probably find that only one or two features would be needed in your situation. I want to emphasize that I do not know which modules are used for nftables, but the service which fails to start would be due to needing the kernel feature, and then it should work.

If this is not a TX2, then it should probably be moved to the appropriate forum, but I think (other than not being compatible with JP5) the instructions would be the same regardless of model of Jetson.

Here is a URL on the “gist” of building a kernel module (it isn’t as hard as it seems), or you could follow official docs for cross compile:
https://forums.developer.nvidia.com/t/problem-smb-jetson-nano/193640/11

Although the TX2 is not compatible with JP5 it does not stop me from being curious: If this is a TX2, then how well has the JP5 install worked? Was it difficult? Did you upgrade through JetPack/SDKM?

sekai · September 7, 2022, 1:47am

Thank you for your reply. I was wrong. I use Xavier NX.
I have moved this to the Xavier NX forum.

I will check your link.(I hope it’s easy!)

Many thanks.

sekai · September 8, 2022, 4:10am

Finally, I have load nftables module correctly.

Here is steps. Before you start steps, please backup /proc/config.gz and /boot/Image file.

$ sudo apt-get install libncurses5-dev 
for menuconfig

$ cd && mkdir kernel && cd kernel

$ wget https://developer.nvidia.com/embedded/l4t/r35_release_v1.0/sources/public_sources.tbz2 -O public_sources.tar.gz

chose correct source from https://developer.nvidia.com/embedded/jetson-linux-archive.

$ tar xvf public_sources.tar.gz

$ cd Linux_for_Tegra/source/public/

$ tar -xvjf kernel_src.tbz2

$ cd kernel/kernel-5.10

$ sudo zcat /proc/config.gz  > .config

$ make ARCH=arm64 O=/home/:yourname/kernel/Linux_for_Tegra/source/public/kernel/kernel-5.10 menuconfig

Pelase use this as a reference. https://linoxide.com/configure-nftables-serve-internet/

$ make oldconfig
$ make prepare
$ make modules_prepare
$ make -j4 Image && make -j4 modules
$ sudo make modules_install
$ sudo cp arch/arm64/boot/Image /boot/Image
$ sudo reboot

system · September 22, 2022, 4:11am

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.