When trying to add a LOG rule to iptables on Synology DSM 7.2 the following error is thrown:
iptables: No chain/target/match by that name.
Verified that LOG module is loaded, rule is valid, chain is present etc.
It seems impossible to add this rule and I cannot get my head around as to why.
I have tried a lot of possible root causes but nothing seems to help.
root@server:~# iptables -v -I INPUT_FIREWALL 1 -m limit --limit 2/min -j LOG --log-prefix '--Firewall--' --log-level noticeLOG all opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 limit: avg 2/min burst 5 LOG flags 0 level 5 prefix "--Firewall--"LOG all opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 limit: avg 2/min burst 5 LOG flags 0 level 5 prefix "--Firewall--"iptables: No chain/target/match by that name.root@server:/ha# cat /proc/net/ip_tables_targetsMARKDNATSNATREDIRECTDNATSNATMASQUERADELOGERRORroot@server:/ha# cat /proc/net/ip_tables_namesmanglenatfilterroot@server:~# iptables -Viptables v1.8.3 (legacy)root@server:~# iptables -L -v -nChain INPUT (policy ACCEPT 5893 packets, 356K bytes) pkts bytes target prot opt in out source destination 15M 3850M DOS_PROTECT all -- * * 0.0.0.0/0 0.0.0.0/0 342K 83M INPUT_FIREWALL all -- * * 0.0.0.0/0 0.0.0.0/0Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 176K 28M FORWARD_FIREWALL all -- * * 0.0.0.0/0 0.0.0.0/01066K 148M DEFAULT_FORWARD all -- * * 0.0.0.0/0 0.0.0.0/0Chain OUTPUT (policy ACCEPT 329K packets, 82M bytes) pkts bytes target prot opt in out source destinationChain DEFAULT_FORWARD (1 references) pkts bytes target prot opt in out source destination1064K 147M DOCKER-USER all -- * * 0.0.0.0/0 0.0.0.0/01064K 147M DOCKER-ISOLATION-STAGE-1 all -- * * 0.0.0.0/0 0.0.0.0/0 1783 520K ACCEPT all -- * docker0 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED 280K 97M DOCKER all -- * docker0 0.0.0.0/0 0.0.0.0/0 782K 50M ACCEPT all -- docker0 !docker0 0.0.0.0/0 0.0.0.0/0 280K 97M ACCEPT all -- docker0 docker0 0.0.0.0/0 0.0.0.0/0Chain DOCKER (1 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT tcp -- !docker0 docker0 0.0.0.0/0 172.17.0.3 tcp dpt:8883Chain DOCKER-ISOLATION-STAGE-1 (1 references) pkts bytes target prot opt in out source destination 782K 50M DOCKER-ISOLATION-STAGE-2 all -- docker0 !docker0 0.0.0.0/0 0.0.0.0/01064K 147M RETURN all -- * * 0.0.0.0/0 0.0.0.0/0Chain DOCKER-ISOLATION-STAGE-2 (1 references) pkts bytes target prot opt in out source destination 0 0 DROP all -- * docker0 0.0.0.0/0 0.0.0.0/0 782K 50M RETURN all -- * * 0.0.0.0/0 0.0.0.0/0Chain DOCKER-USER (1 references) pkts bytes target prot opt in out source destination1064K 147M RETURN all -- * * 0.0.0.0/0 0.0.0.0/0Chain DOS_PROTECT (1 references) pkts bytes target prot opt in out source destination 0 0 RETURN icmp -- eth0 * 0.0.0.0/0 0.0.0.0/0 icmptype 8 limit: avg 1000/sec burst 5 0 0 DROP icmp -- eth0 * 0.0.0.0/0 0.0.0.0/0 icmptype 8Chain FORWARD_FIREWALL (1 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0 164K 26M ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 0 0 RETURN tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:3000 0 0 RETURN udp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 3478,10001 0 0 RETURN tcp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 6789,8080,8443,8880 0 0 RETURN udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:514 0 0 RETURN icmp -- * * 0.0.0.0/0 0.0.0.0/0 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0Chain INPUT_FIREWALL (1 references) pkts bytes target prot opt in out source destination 218K 47M ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/097901 30M ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 0 0 RETURN tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:3000 0 0 RETURN udp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 3478,10001 4352 236K RETURN tcp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 6789,8080,8443,8880 0 0 RETURN udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:514 0 0 RETURN icmp -- * * 0.0.0.0/0 0.0.0.0/019888 4919K DROP all -- * * 0.0.0.0/0 0.0.0.0/0