* Problem with connection tracking in IPtables!!
@ 2007-05-09 14:54 Ramsurrun Visham
2007-05-10 6:33 ` Yasuyuki KOZAKAI
0 siblings, 1 reply; 5+ messages in thread
From: Ramsurrun Visham @ 2007-05-09 14:54 UTC (permalink / raw)
To: netfilter
Hi to all,
I am using Fedora Core 5 with an upgraded kernel of 2.6.20.4. I
installed iptables-1.3.7 on it. However, I am not able to use
connection tracking. I checked all the items in Networking options
related to connection tracking and iptables. However, when I boot in
my 2.6.20.4 kernel, and issue the comand "service iptables start", I
get this:
[root@localhost ~]# service iptables start
Flushing firewall rules: [ OK ]
Setting chains to policy ACCEPT: raw mangle filter [ OK ]
Unloading iptables modules: [ OK ]
Applying iptables firewall rules: [ OK ]
Loading additional iptables modules: ip_conntrack_netbios_n[FAILED]
[root@localhost ~]# locate ip_conntrack_netbios
/lib/modules/2.6.15-1.2054_FC5smp/kernel/net/ipv4/netfilter/ip_conntrack_netbios_ns.ko
/usr/src/linux-2.6.20.4/net/ipv4/netfilter/ip_conntrack_netbios_ns.c
[root@localhost ~]#
It seems that connection tracking is not being activated. How can I
solve this problem?
Warm regards,
Visham
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: Problem with connection tracking in IPtables!!
2007-05-09 14:54 Ramsurrun Visham
@ 2007-05-10 6:33 ` Yasuyuki KOZAKAI
0 siblings, 0 replies; 5+ messages in thread
From: Yasuyuki KOZAKAI @ 2007-05-10 6:33 UTC (permalink / raw)
To: vishamr; +Cc: netfilter
From: "Ramsurrun Visham" <vishamr@gmail.com>
Date: Wed, 9 May 2007 18:54:27 +0400
> Hi to all,
>
> I am using Fedora Core 5 with an upgraded kernel of 2.6.20.4. I
> installed iptables-1.3.7 on it. However, I am not able to use
> connection tracking. I checked all the items in Networking options
> related to connection tracking and iptables. However, when I boot in
> my 2.6.20.4 kernel, and issue the comand "service iptables start", I
> get this:
>
> [root@localhost ~]# service iptables start
> Flushing firewall rules: [ OK ]
> Setting chains to policy ACCEPT: raw mangle filter [ OK ]
> Unloading iptables modules: [ OK ]
> Applying iptables firewall rules: [ OK ]
> Loading additional iptables modules: ip_conntrack_netbios_n[FAILED]
>
> [root@localhost ~]# locate ip_conntrack_netbios
> /lib/modules/2.6.15-1.2054_FC5smp/kernel/net/ipv4/netfilter/ip_conntrack_netbios_ns.ko
> /usr/src/linux-2.6.20.4/net/ipv4/netfilter/ip_conntrack_netbios_ns.c
> [root@localhost ~]#
>
> It seems that connection tracking is not being activated. How can I
> solve this problem?
You really installed kernel modules for 2.6.20.4 by 'make modules_install' ?
And please check that NF_CONNTRACK_NETBIOS_NS or IP_NF_NETBIOS_NS is set in
your .config.
-- Yasuyuki Kozakai
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: Problem with connection tracking in IPtables!!
@ 2007-05-10 8:12 Nandan Bhat
0 siblings, 0 replies; 5+ messages in thread
From: Nandan Bhat @ 2007-05-10 8:12 UTC (permalink / raw)
To: netfilter
Dear Visham,
I faced a problem with iptables after upgrading to a recent kernel.
However, the original Fedora install booted just fine.
I went through some online forums and found somebody suggesting that I
1. comment all my iptables rules (/etc/sysconfig/iptables);
2. uncomment/enable one rule
3. restart iptables
4. look for a failure message
One subsequent rule showed that I had a "-m state" specified, but no
kernel module compiled for it. I just ran the "make menuconfig" again;
went through all the options under Networking -> Netfilter configuration
and enabled all modules (just to be safe). Enable specific modules to
your requirement.
I am not sure if this solves your problem; it solved mine.
Nandan
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: Problem with connection tracking in IPtables!!
@ 2007-05-11 10:43 Ramsurrun Visham
2007-05-14 12:03 ` Yasuyuki KOZAKAI
0 siblings, 1 reply; 5+ messages in thread
From: Ramsurrun Visham @ 2007-05-11 10:43 UTC (permalink / raw)
To: netfilter
Hi to all,
I am unable to see the contents of the ip_conntrack file. I have built
the iptables modules in my 2.6.20.4 kernel itself. Is that what might
causing this problem? Should I select the options as modules?
Warm regards,
Visham
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: Problem with connection tracking in IPtables!!
2007-05-11 10:43 Ramsurrun Visham
@ 2007-05-14 12:03 ` Yasuyuki KOZAKAI
0 siblings, 0 replies; 5+ messages in thread
From: Yasuyuki KOZAKAI @ 2007-05-14 12:03 UTC (permalink / raw)
To: vishamr; +Cc: netfilter
From: "Ramsurrun Visham" <vishamr@gmail.com>
Date: Fri, 11 May 2007 14:43:19 +0400
> Hi to all,
>
> I am unable to see the contents of the ip_conntrack file. I have built
> the iptables modules in my 2.6.20.4 kernel itself. Is that what might
> causing this problem? Should I select the options as modules?
AFAIK your .config in previous mail, you are using nf_conntrack, not
ip_conntrack. nf_conntrack is new module. But it is compatible with
ip_conntrack, if you also load nf_conntrack_ipv4. Don't worry.
Regards,
-- Yasuyuki Kozakai
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2007-05-14 12:03 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2007-05-10 8:12 Problem with connection tracking in IPtables!! Nandan Bhat
-- strict thread matches above, loose matches on Subject: below --
2007-05-11 10:43 Ramsurrun Visham
2007-05-14 12:03 ` Yasuyuki KOZAKAI
2007-05-09 14:54 Ramsurrun Visham
2007-05-10 6:33 ` Yasuyuki KOZAKAI
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.