iptables: No chain/target/match by that name. Ubuntu 16-04 (WSL2)

Rostyslav

2/19/24, 4:51 PM

I know, there are many questions with this topic, but none of them helps me.

After I run sudo iptables -w -t nat -A PREROUTING -s 100.64.0.8 -j CONNMARK --set-mark 25119

I get iptables: No chain/target/match by that name.

I was following this answer to identify the part of the rule that causes the error. I have discovered that if I run sudo iptables -w -t nat -A PREROUTING -s 100.64.0.8, no error is being returned. Furthermore, iptables -j CONNMARK -h returns

...
CONNMARK target options:
  --set-xmark value[/ctmask]    Zero mask bits and XOR ctmark with value
  --save-mark [--ctmask mask] [--nfmask mask]
                                Copy ctmark to nfmark using masks
  --restore-mark [--ctmask mask] [--nfmask mask]
                                Copy nfmark to ctmark using masks
  --set-mark value[/mask]       Set conntrack mark value
  --save-mark [--mask mask]     Save the packet nfmark in the connection
  --restore-mark [--mask mask]  Restore saved nfmark value
  --and-mark value              Binary AND the ctmark with bits
  --or-mark value               Binary OR  the ctmark with bits
  --xor-mark value              Binary XOR the ctmark with bits

indicating that this extension is compiled.

My operating system is Ubuntu-16.04 on Windows Subsystem for Linux 2, iptables version is 1.6.0-2ubuntu3.

121

0 + 2

iptables

ubuntu-16.04

Tero Kilkanen

2/20/24, 6:24 AM

Does `iptables -t nat -A PREROUTING -m connmark --mark 0x0` work? If not, then it means that the kernel netfilter module for this feature is missing.

Rostyslav

2/20/24, 2:05 PM

@TeroKilkanen You are right. WSL2 does not have it. The solution is to recompile WSL from [source](https://github.com/microsoft/WSL2-Linux-Kernel) after enabling all CONNMARK-related modules in [config-wsl](https://github.com/microsoft/WSL2-Linux-Kernel/blob/linux-msft-wsl-5.15.y/Microsoft/config-wsl). Generic procedure is well described in this [answer](https://unix.stackexchange.com/a/645131).

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: iptables: No chain/target/match by that name. Ubuntu 16-04 (WSL2)

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.