Kernel 2.6.0 + iptables
I have my "rc.firewall" script generated by Guarddog (I think the most friendly firewall iptables generator) and with kernel 2.4.22 it works OK. But when I boot with 2.6.0. I have following message :
"iptables : no chain/ target/ match by that name" repeated four times. What may be wrong with 2.6.0 cooperating with this script? All needed modules (like ip_conntrack_ftp, ip_tables etc.) loads OK also with 2.6.0. Maybe I missed some options in new kernel? |
Now you need to hack the script to echo something to the screen for each line so you can see the failure...
and run the script manually, ./rc.firewall My suspicion is that the SNAT/DNATs aren't loading. If that is the case, try re-installing iptables so that the modules match. |
Thanks for your advice, but "rc.firewall" generated by GUARDDOG is rather complex, so it is impossible to "echo" each line.
I'm not an expert for iptables, so could you explain a little closer, what are SNAT/DNAT? And why I haven't got these errors with 2.4.22 Kernel? With lsmod I discovered, that there is one difference with loading modules : when using 2.6.0 Kernel module "ipt_REJECT" doesn't load, and even doesn't exist in /lib/modules/2.6.0/... I think I marked all options in 2.6.0 concerning on iptables, so why I haven't got this module (maybe it is not necessary in 2.6.0) and could it be the reason for these errors? |
OK, solved. It was module "ipt_reject" missing, by mistake I haven't marked it during config. Sorry to bother you.
|
All times are GMT -5. The time now is 12:06 AM. |