ip6tables v1.8.7 (legacy): Couldn‘t load match `pkttype‘:No such file or directory

最近在做openThread协议的边界路由器otbr，在构建otbr时有如下原始报错：

+ have update-rc.d
+ command -v update-rc.d
+ sudo update-rc.d otbr-firewall remove
+ test '!' -f /etc/init.d/otbr-firewall
+ sudo rm /etc/init.d/otbr-firewall
+ firewall_install
+ sudo cp script/otbr-firewall /etc/init.d/otbr-firewall
+ sudo chmod a+x /etc/init.d/otbr-firewall
+ have systemctl
+ command -v systemctl
+ sudo systemctl enable otbr-firewall
otbr-firewall.service is not a native service, redirecting to systemd-sysv-install.
Executing: /lib/systemd/systemd-sysv-install enable otbr-firewall
+ sudo systemctl start otbr-firewall
Job for otbr-firewall.service failed because the control process exited with error code.
See "systemctl status otbr-firewall.service" and "journalctl -xe" for details.
+ die 'Failed to start firewall service!'
+ echo ' *** ERROR:  Failed to start firewall service!'
 *** ERROR:  Failed to start firewall service!
+ exit 1

按照提示，执行： systemctl status otbr-firewall.service，有如下详细报错信息:

root@xxxx:/xxxx/ot-br-posix# systemctl status otbr-firewall.service
* otbr-firewall.service - LSB: OTBR firewall
     Loaded: loaded (/etc/init.d/otbr-firewall; generated)
     Active: failed (Result: exit-code) since Sun 2022-03-20 19:56:09 UTC; 1min 47s ago
       Docs: man:systemd-sysv-generator(8)
    Process: 918 ExecStart=/etc/init.d/otbr-firewall start (code=exited, status=2)

Mar 20 19:56:09 xxxx otbr-firewall[918]: + ipset create -exist otbr-ingress-allow-dst hash:net family inet6
Mar 20 19:56:09 xxxx otbr-firewall[918]: + ipset create -exist otbr-ingress-allow-dst-swap hash:net family inet6
Mar 20 19:56:09 xxxx otbr-firewall[918]: + ip6tables -N OTBR_FORWARD_INGRESS
Mar 20 19:56:09 xxxx otbr-firewall[918]: + ip6tables -I FORWARD 1 -o wpan0 -j OTBR_FORWARD_INGRESS
Mar 20 19:56:09 xxxx otbr-firewall[918]: + ip6tables -A OTBR_FORWARD_INGRESS -m pkttype --pkt-type unicast -i wpan0 -j DROP
Mar 20 19:56:09 xxxx otbr-firewall[944]: ip6tables v1.8.7 (legacy): Couldn't load match `pkttype':No such file or directory
Mar 20 19:56:09 xxxx otbr-firewall[944]: Try `ip6tables -h' or 'ip6tables --help' for more information.
Mar 20 19:56:09 xxxx systemd[1]: otbr-firewall.service: Control process exited, code=exited, status=2/INVALIDARGUMENT
Mar 20 19:56:09 xxxx systemd[1]: otbr-firewall.service: Failed with result 'exit-code'.
Mar 20 19:56:09 xxxx systemd[1]: Failed to start LSB: OTBR firewall.

发现了如题所示的错误信息：ip6tables v1.8.7 (legacy): Couldn't load match `pkttype':No such file or directory

此错误即为/etc/init.d/otbr-firewall中的一条命令ip6tables -A $OTBR_FORWARD_INGRESS_CHAIN -m pkttype --pkt-type unicast -i $THREAD_IF -j DROP执行时报错。

根据字面意思，也是iptables的内核缺少相应的配置，进入内核执行：

#make menuconfig

-->Networking support > Networking options > Network packet filtering framework (Netfilter) > Core Netfilter Configuration在这个里面就能发现相应的类型支持，选上、重新编译、烧录即可。

验证测试，成功解决问题！

参考构建OTBR的其他类似错误：ipset v7.10: Kernel error received: set type not supported