LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - General
User Name
Password
Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.

Notices

Reply
 
Search this Thread
Old 02-16-2003, 03:30 PM   #1
dunkyb
Member
 
Registered: Nov 2002
Distribution: Debian testing.
Posts: 143

Rep: Reputation: 15
iptables - module, or built into kernel?


Hey

Is it best to compile all the iptables/NAT/Netfilter stuff into the kernel, or build it as modules? I guess they'll be used a lot, so will be loaded...

Are there any performance boosts/preferences either way?

Cheers
 
Old 02-16-2003, 04:15 PM   #2
fsbooks
Member
 
Registered: Jan 2002
Location: Missoula. Montana, USA
Distribution: fedora, slackware, suse
Posts: 448

Rep: Reputation: 31
My preference is to build any and everything as a module (including iptables) if it can be done so (option exists and not needed too early at boot, like my scsi driver). Then again, I am a bit wierd because I write all my kernels to floppy, and actually boot from a floppy. So for me, I suppose it certainly is a performance issue, even a usability issue as today's kernels can easily exceed a floppy with too many options compiled in.
 
Old 02-16-2003, 05:59 PM   #3
acid2000
Member
 
Registered: Nov 2001
Location: Exeter, UK
Distribution: Gentoo 1.4
Posts: 243

Rep: Reputation: 30
module, unless it's needed at startup or within the first 10 seconds of loading init, module.
 
Old 02-16-2003, 06:04 PM   #4
dunkyb
Member
 
Registered: Nov 2002
Distribution: Debian testing.
Posts: 143

Original Poster
Rep: Reputation: 15
actually there is a way (using bootinitrd?) that you can make modules work for booting the machine, but anyways..

Another question, is the arp_tables code implimented yet? It doesn't seem to do a great deal, so I am going to remove it from my kernel for the time being?

Any hints/tips from mega gurus on how to reduce kernel size to the min? (Without nuking the box!)

Cheers
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
netfilter/iptables in kernel: module vs static -Nw- neX Linux - Security 5 03-25-2005 06:44 PM
Complie module or built-in support musicman_ace Linux - Software 2 12-19-2004 02:21 AM
Slackware 10- Please confirm my steps used to remove a module from a pre-built kernel jtp51 Slackware 7 11-03-2004 05:02 PM
built in or module? any difference ganja_guru Linux - Software 3 10-16-2004 03:36 AM
kernel 2.6.1: iptables doesn't run..but module is loaded pablovschby Programming 4 02-06-2004 03:46 AM


All times are GMT -5. The time now is 09:04 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration