$ | >

Support iptables

Originally posted on Github around a year ago: https://github.com/Microsoft/WSL/issues/767

Not sure how feasible this is to implement, but I've found myself in a couple of situations where it would've come in quite useful.

100 votes
Sign in
Check!
(thinking…)
Reset
or sign in with
  • facebook
  • google
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Ricky shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

    4 comments

    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      Signed in as (Sign out)
      Submitting...
      • Wyzeman commented  ·   ·  Flag as inappropriate

        needed to run docker.

        time="2018-06-04T09:27:23.460743100-04:00" level=warning msg="Running modprobe nf_nat failed with message: `modprobe: ERROR: ../libkmod/libkmod.c:586 kmod_search_moddep() could not open moddep file '/lib/modules/4.4.0-17134-Microsoft/modules.dep.bin'\nmodprobe: WARNING: Module nf_nat not found in directory /lib/modules/4.4.0-17134-Microsoft`, error: exit status 1"
        time="2018-06-04T09:27:23.482630900-04:00" level=warning msg="Running modprobe xt_conntrack failed with message: `modprobe: ERROR: ../libkmod/libkmod.c:586 kmod_search_moddep() could not open moddep file '/lib/modules/4.4.0-17134-Microsoft/modules.dep.bin'\nmodprobe: WARNING: Module xt_conntrack not found in directory /lib/modules/4.4.0-17134-Microsoft`, error: exit status 1"
        Error starting daemon: Error initializing network controller: error obtaining controller instance: failed to create NAT chain DOCKER: iptables failed: iptables -t nat -N DOCKER: iptables v1.6.2: can't initialize iptables table `nat': Table does not exist (do you need to insmod?)

      • Dustin Salmons commented  ·   ·  Flag as inappropriate

        If it is mainly an issue with iptables -L requiring root, maybe give power users a switch to change values such as:

        socket(PF_INET, SOCK_RAW, IPPROTO_RAW) = -1 EPERM (Operation not permitted)

      Feedback and Knowledge Base