From: Alistair Tonner <Alistair@nerdnet.ca>
To: netfilter@lists.netfilter.org
Subject: Re: Iptables and Kernel
Date: Sun, 18 Apr 2004 12:06:01 +0000 [thread overview]
Message-ID: <200404181206.01131.Alistair@nerdnet.ca> (raw)
In-Reply-To: <4082A465.9080700@rd.arkonnetworks.com>
On April 18, 2004 03:53 pm, Norman Zhang wrote:
> >>>>I just downloaded 2.6.5, may I ask where should I check to see if h323
> >>>>modules are included? On www.netfilter.org, I see pom-20031219 and
> >>>>pomng-20040302. Is it safe to assume, that pomng includes pom?
> >>>
> >>>You might find the following postings from the archives relevant here:
> >>>
> >>>http://lists.netfilter.org/pipermail/netfilter/2003-December/049362.html
> >>>
> >>>http://lists.netfilter.org/pipermail/netfilter/2003-December/049310.html
> >>
> >>Thank you so much. From the postings, it looks like 2.6.x is still
> >>lacking some features that are available in 2.4.x. I'm setting up a
> >>firewall with NAT and hoping to able to do Netmeeting and MSN Instant
> >>Messenger. Would 2.4.x's netfilter patches sufficient to protect my LAN?
> >
> >I'm running 2.6.3. with iptables 1.2.9 and p-o-m-ng h323 patch -- they
> > work for me -- but I'm referring to a home lan ond only one netmeeting
> > seesioon from the LAN -- we haven't tried multiple sessions from inside
> > the lan ... either to the same netmeeting sessioon or to different ones.
>
> I'm trying to compile p-o-m-ng with 2.6.5 now. It asks for iptables
> sources. I thought p-o-m-ng patches applies to the kernel only. Do I
> need to recompile iptables too? There are many patches in p-o-m-ng. I
> only need the h323 patch for Netmeeting to work correctly? The README
> from p-o-m-ng recommends the following command to patch the kernel,
>
> # KERNEL_DIR=/usr/src/linux ./runme -pending
>
> Do I need to worry about rejects and offsets?
Yes you need to apply some of the patches in pom-ng against the iptables
sources.
Not only do we change the kernel code, but we have to make some changes to
the iptables tools as well to get some of those to work
For the record, with both 2.6.3. and 2.6.5 from gentoo with the gaming
options, iptables 1.2.9 and pom-ng play nice for most things.
If something doesn't apply against plain jane kernel code, there is likely a
need to holler at the maintainer of the patch.
Alistair Tonner
>
> Regards,
> Norman
next prev parent reply other threads:[~2004-04-18 12:06 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-04-12 5:22 Iptables and Kernel Norman Zhang
2004-04-12 6:00 ` Unknown, Alistair Tonner
2004-04-12 6:27 ` Norman Zhang
2004-04-12 7:32 ` Unknown, Alistair Tonner
2004-04-12 17:05 ` Norman Zhang
2004-04-12 17:22 ` Antony Stone
2004-04-12 19:07 ` Norman Zhang
2004-04-12 20:16 ` Unknown, Alistair Tonner
2004-04-18 15:53 ` Norman Zhang
2004-04-18 12:06 ` Alistair Tonner [this message]
2004-04-18 16:27 ` Norman Zhang
2004-04-18 13:05 ` Alistair Tonner
2004-04-19 4:34 ` Norman Zhang
2004-04-19 8:48 ` Alistair Tonner
2004-04-19 14:58 ` Norman Zhang
2004-04-19 15:11 ` Geffrey Velasquez
2004-04-21 15:56 ` Norman Zhang
-- strict thread matches above, loose matches on Subject: below --
2004-04-12 5:17 Norman Zhang
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=200404181206.01131.Alistair@nerdnet.ca \
--to=alistair@nerdnet.ca \
--cc=netfilter@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.