Xshield agent software prerequisites for Linux

The Xshield agent runs the iptables command to add/remove rules. For successful Xshield agent installation on a Linux-base system, following iptables should be available:

  • iptables user application
  • iptables kernel module

If the installation fails or to check if the iptables are available, you can install the iptables using the command-line.

iptables user application

You can manually install the iptables user application using the command-line.

  1. For Debian based systems such as Ubuntu, use sudo apt install iptables.
  2. For Yum based systems such as RHEL, Oracle, Amazon Linux, CentOS or SUSE, use sudo yum install iptables.
  3. For other OSes such as openSUSE, use sudo zypper install iptables.

iptables kernel modules

The user application will need iptables_filter or nf_tables kernel module.

  • To get the kernel release version, run the following command-line:
    1KERNEL_RELEASE=`uname -r`
  • To find the correct module and install, run the iptables command (For example, iptables -S) to check if kernel module is already loaded. If the module is not loaded, the kernel module will display the following:
    • sudo insmod /lib/modules/$KERNEL_RELEASE/kernel/net/ipv4/netfilter/ip_tables.ko*
(OR)
sudo insmod /lib/modules/$KERNEL_RELEASE/kernel/net/ipv4/netfilter/iptable_filter.ko.xz 
(OR)
sudo insmod /lib/modules/$KERNEL_RELEASE/kernel/net/netfilter/nf_tables.ko*
Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.