Hey there, that error usually pops up when your module_param setup doesn't follow the Linux kernel's strict rules for parameter naming or definition syntax. Let's walk through the most common fixes step by step:

1. Double-check your module_param syntax #

First, make sure you're using the correct, kernel-approved syntax for defining parameters. Here's a valid example for your ICMP-dropping flag:

// Declare the parameter as a static global (kernel needs access to it at load time)
static int drop_icmp = 0;
// Define the parameter: name, type, file permissions
module_param(drop_icmp, int, 0644);
// Add a description (helps avoid confusion and ensures kernel recognizes the param)
MODULE_PARM_DESC(drop_icmp, "Set to 1 to drop ICMP packets, 0 to allow (default: 0)");

Key things to note here:

• The parameter variable must be static global or global—local variables won't work, since the kernel can't access them when loading the module.
• The type (second argument) must be one of the kernel-supported types: int, bool, charp, long, etc. Custom types aren't allowed.
• The permission value (third argument) can't be omitted. 0644 is a safe choice (user read/write, group/others read).

2. Stick to valid parameter names #

The kernel won't accept parameter names with special characters like hyphens (-). Stick to standard C identifier rules: letters, numbers, and underscores only. For example, drop-icmp will cause that error—rename it to drop_icmp instead.

3. Verify your Makefile is standard #

A broken Makefile can prevent the kernel from recognizing your module parameters. Use this standard template for your Netfilter module:

obj-m += kernel.o
KERNELDIR ?= /lib/modules/$(shell uname -r)/build
PWD := $(shell pwd)

all:
	$(MAKE) -C $(KERNELDIR) M=$(PWD) modules

clean:
	$(MAKE) -C $(KERNELDIR) M=$(PWD) clean

Avoid adding custom compiler flags that might break the module's parameter metadata (like -fno-pic or non-standard optimization flags).

4. Check kernel version compatibility #

Newer kernels (5.x+) have minor tweaks to module_param handling. If you're using a bool type, make sure you define it correctly:

static bool drop_icmp = false;
module_param(drop_icmp, bool, 0644);
MODULE_PARM_DESC(drop_icmp, "Set to true to drop ICMP packets (default: false)");

When loading, use drop_icmp=1 or drop_icmp=true—don't use non-standard values like yes or on.

5. Validate parameters with modinfo #

Run modinfo kernel.ko to check if your parameter is properly embedded in the module. You should see a line like this:

parm:           drop_icmp:Set to 1 to drop ICMP packets, 0 to allow (default: 0) (int)

If you don't see this, your parameter definition has a syntax error that's preventing the kernel from recognizing it.

6. Load the module with the correct parameter syntax #

When using insmod, make sure you pass the parameter using the exact name you defined:

insmod kernel.ko drop_icmp=1

Don't misspell the name or use hyphens instead of underscores here.

Most of the time, this error comes down to a small syntax mistake in the module_param definition or an invalid parameter name. Walk through these steps, and you should get your Netfilter module loaded without issues.

内容的提问来源于stack exchange，提问作者Crumblez