Slackware This Forum is for the discussion of Slackware Linux.
|
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
 |
04-11-2006, 09:59 AM
|
#1
|
Member
Registered: Oct 2004
Location: NY
Distribution: Slackware
Posts: 200
Rep:
|
Netfilter and 2.6.16.2
Hi,
I recently upgraded my home router/server to 2.6.16.2 and everything went well except that netfilter modules that I comiled into the kernel don't seem to work. I'm only trying to run NAT based Masquerade with iptables. Iptables fail saying that I don't have the ip_module loaded, but I can see ip_tables and ip_conntrack loaded from dmesg. Am I missing some other stuff or something? I've never had this problem before. Maybe I forgot about something?
Last edited by krizzz; 04-11-2006 at 10:01 AM.
|
|
|
04-11-2006, 11:08 AM
|
#2
|
Member
Registered: Nov 2004
Location: Columbus, Ohio
Distribution: Slackware-Current / Debian
Posts: 795
Rep:
|
I've never had luck compiling netfilter options into the kernel. Using them as modules always works for me.
|
|
|
04-11-2006, 11:46 AM
|
#3
|
Senior Member
Registered: Oct 2005
Location: Lithuania
Distribution: Hybrid
Posts: 2,247
Rep:
|
Yes, you don't have ip_module module loaded as module what iptables want. Don't know why they don't like that ip_module is compiled into the kernel so try to compile this as module.
Last edited by Alien_Hominid; 04-11-2006 at 11:48 AM.
|
|
|
04-11-2006, 12:49 PM
|
#4
|
Member
Registered: Oct 2004
Location: NY
Distribution: Slackware
Posts: 200
Original Poster
Rep:
|
OK, I'll it try it later when I'm back home and let you guys know. That's probably it as it was the first time I tried to compile it into a kernel instead of making a module.
Thanks!
Last edited by krizzz; 04-11-2006 at 12:50 PM.
|
|
|
04-12-2006, 07:20 PM
|
#5
|
Senior Member
Registered: Dec 2003
Location: Paris
Distribution: Slackware forever.
Posts: 2,534
Rep: 
|
Iptables is more suitable into the kernel, simply because it's faster and i'm sure you prefer fastest networking.
The new 2.6.16 has a new iptables configuration, so copying an older kernel's .config won't enable older options. You have to set it again.
What i suggest:
---Inside kernel:
Xtables
connmarks, conntracks
state
tmpcss
iptables
packet filtering
full nat
mangling
TOS
---As modules:
All you can.
Of course if you have a network with servers like ftp, then put connection tracking ftp inside kernel.
|
|
|
04-13-2006, 02:44 PM
|
#6
|
Senior Member
Registered: Oct 2005
Location: Lithuania
Distribution: Hybrid
Posts: 2,247
Rep:
|
Strange, netfilter didn't work for me when compiling modules into the kernel.
|
|
|
04-13-2006, 05:06 PM
|
#7
|
Member
Registered: Oct 2004
Location: NY
Distribution: Slackware
Posts: 200
Original Poster
Rep:
|
OK, I started from scratch and selected all modules again. I must have screwed something up before, because now it's working well and compiled INTO the KERNEL. So, I confirm that the netfilter modules CAN be compiled into the kernel (at least at my machine  .
|
|
|
04-13-2006, 10:53 PM
|
#8
|
Member
Registered: Nov 2004
Location: Columbus, Ohio
Distribution: Slackware-Current / Debian
Posts: 795
Rep:
|
Very odd. I'm absolutely sure I compiled *all* netfilter/iptables modules into the kernel with no luck.
|
|
|
04-13-2006, 11:17 PM
|
#9
|
Senior Member
Registered: Dec 2003
Location: Paris
Distribution: Slackware forever.
Posts: 2,534
Rep: 
|
So if you see "can't load module" this is normal. Run "iptables -L" (as root) to see if your rules are currently running. If not, i'm afraid you'll have to check again.
|
|
|
All times are GMT -5. The time now is 03:44 PM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|