How do I know if certain iptables extensions are available and enabled?

Question

I was reading this: https://help.ubuntu.com/community/IptablesHowTo#Allowing_Established_Sessions

It says "If the line above doesn't work, you may be on a castrated VPS whose provider has not made available the extension".

So how do I tell if the extension is actually available and enabled? Just because an extension is listed in the iptables-extensions manpage doesn't mean it's actually available and enabled, does it?

score 3 · Accepted Answer · answered Apr 26 '15 at 04:53

One way is to look at the files available:

# See which kernel modules are available
ls /lib/modules/`uname -r`/kernel/net/netfilter/

# See which iptables extensions are available
ls /usr/lib/iptables/

The filenames have a prefix and suffix, but you can just ignore that when looking for a particular module.

How do I know if certain iptables extensions are available and enabled?

1 Answers1