Couldn't load target `NOTRACK':No such file or directory

Question

I am trying to add a IP table rule.

iptables -t raw -A PREROUTING -j NOTRACK

But when I am executing this I am getting below error:

iptables v1.8.4 (legacy): Couldn't load target `NOTRACK':No such file or directory

score 2 · Answer 1 · answered Oct 29 '21 at 11:30

This target is deprecated and has been superseded by the CT target. So I'm not surprised to see a system where support for this target was not built (in kernel) anymore.

NOTRACK

This extension disables connection tracking for all packets matching that rule. It is equivalent with -j CT --notrack. Like CT, NOTRACK can only be used in the raw table.

You can replace the rule with:

iptables -t raw -A PREROUTING -j CT --notrack

If then this also doesn't work, you'd have to check exactly what support for iptables targets exist (eg: in /boot/config-*) or if there are additional restrictions on the host system.

Relevant kernel options:

CONFIG_NETFILTER_XT_TARGET_NOTRACK

CONFIG_NETFILTER_XT_TARGET_NOTRACK: 'NOTRACK' target support (DEPRECATED)
CONFIG_NETFILTER_XT_TARGET_CT

Couldn't load target `NOTRACK':No such file or directory

1 Answers1