SEO
vBulletin Search Engine Optimization
| |||||||
| Register | FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
02-20-2008, 08:53 PM
| ||||
| ||||
 iptables and kernel 2.6.21 I don't think I've missed any kernel options, but I'm having trouble on Slack 11.0 with iptables having upgraded to 2.6.21. Google was inconclusive. Anyone else had problems? I'm wondering if I need a new iptables? Pete -- http://www.petezilla.co.uk      |
|
02-20-2008, 08:53 PM
| |||
| |||
| Re: iptables and kernel 2.6.21 On Tue, 01 May 2007 18:29:15 +0100, Peter Chant <pete@petezilla.co.uk> wrote: >I don't think I've missed any kernel options, but I'm having trouble on >Slack 11.0 with iptables having upgraded to 2.6.21. Google was >inconclusive. Anyone else had problems? I'm wondering if I need a new >iptables? No problems here, but I noticed TCPMSS is a new option in the 2.6.21.1 kernel setup. Grant. -- http://bugsplatter.mine.nu/ |
|
02-20-2008, 08:53 PM
| |||
| |||
| Re: iptables and kernel 2.6.21 On 2007-05-01, Peter Chant <pete@petezilla.co.uk> wrote: > I don't think I've missed any kernel options, but I'm having trouble on > Slack 11.0 with iptables having upgraded to 2.6.21. Google was > inconclusive. Anyone else had problems? I'm wondering if I need a new > iptables? What kind of trouble? Error messages would be useful. My advice is to mark pretty much everything in the netfilter config section as modular [1]. It doesn't hurt anything, and that way, as your knowledge base increases and you want to try out some more advanced filtering and such, you won't have to compile new kernels - it's as simple as loading a module or two. [1] Except for the things marked DEPRECATED or OBSOLETE, generally. RW |
|
02-20-2008, 08:53 PM
| |||
| |||
| Re: iptables and kernel 2.6.21 Robby Workman wrote: > On 2007-05-01, Peter Chant <pete@petezilla.co.uk> wrote: >> I don't think I've missed any kernel options, but I'm having trouble on >> Slack 11.0 with iptables having upgraded to 2.6.21. Google was >> inconclusive. Anyone else had problems? I'm wondering if I need a new >> iptables? > > > What kind of trouble? Error messages would be useful. > Good point well made. MY iptables script which calls iptables a number of times on boot brings up the following: iptables: Unknown error 4294967295 iptables: Unknown error 4294967295 FATAL: Module ip_tables not found. iptables v1.3.5: can't initialize iptables table `nat': Table does not exist (do you need to insmod?) Perhaps iptables or your kernel needs to be upgraded. Not sure what it is getting at there, iptables -F and iptables -X work, and I have the following module installed: iptable_filter 3012 1 - Live 0xe0e34000 Hmm, one problem, not enables IPv4 connection tracking support (required for NAT). IP tables support is selected to be compiled into the kernel. > My advice is to mark pretty much everything in the netfilter config > section > as modular [1]. It doesn't hurt anything, and that way, as your knowledge > base increases and you want to try out some more advanced filtering and > such, you won't have to compile new kernels - it's as simple as loading a > module or two. > > [1] Except for the things marked DEPRECATED or OBSOLETE, generally. Pretty much did that. Hmm, maybe a recompile with IPv4 connection tracking selected as a module and ip tables support a module rather than built in. Can't see why it is whinging about not finding the module when it is built into the kernel. Pete -- http://www.petezilla.co.uk |
|
02-20-2008, 08:53 PM
| |||
| |||
| Re: iptables and kernel 2.6.21 christian wrote: >> iptables: Unknown error 4294967295 >x'ffffffff' (-1) OK, so I'm being told to 'f' of a lot! Bit confused about the lack of ip_tables module when it is compiled into the kernel. However, will recompile and see how it goes. Pete -- http://www.petezilla.co.uk |
|
02-20-2008, 08:53 PM
| |||
| |||
| Re: iptables and kernel 2.6.21 On 2007-05-02, Peter Chant <pete@petezilla.co.uk> wrote: > christian wrote: > >>> iptables: Unknown error 4294967295 >>x'ffffffff' (-1) > > OK, so I'm being told to 'f' of a lot! I'd rather think it's the hexvalue of the number your listed. Regards -- _ // _ // \\ // \\// \/ Eivind E |
|
02-20-2008, 08:53 PM
| |||
| |||
| Re: iptables and kernel 2.6.21 Eivind E wrote: > On 2007-05-02, Peter Chant <pete@petezilla.co.uk> wrote: >> christian wrote: >> >>>> iptables: Unknown error 4294967295 >>>x'ffffffff' (-1) >> >> OK, so I'm being told to 'f' of a lot! > > I'd rather think it's the hexvalue of the number your listed. Yes.... -- http://www.petezilla.co.uk |
|
02-20-2008, 08:54 PM
| ||||
| ||||
| Re: iptables and kernel 2.6.21 Peter Chant wrote: > Hmm, maybe a recompile with IPv4 connection tracking selected as a module > and ip tables support a module rather than built in. Can't see why it is > whinging about not finding the module when it is built into the kernel. OK, I had checked before the original post, but on reposting I found a problem with the kernel build. Fixed and as much use of modules as possible made wrt netfilter. It works. New kernel forced reinstalling nvidia drivers, now got to figure why 'startx' works but not 'kdm'. Weird! -- http://www.petezilla.co.uk |
Linear Mode
