From: Pascal Hambourg <pascal.mail@plouf.fr.eu.org>
To: netfilter@vger.kernel.org
Subject: Re: ip_conntrack vs. nf_conntrack
Date: Mon, 19 May 2008 16:41:45 +0200 [thread overview]
Message-ID: <483191A9.5020404@plouf.fr.eu.org> (raw)
In-Reply-To: <1211203246.23968.3880.camel@kr0sty.1.com.ar>
Martin a écrit :
>
> On ip_conntrack modules, I use to load some modules that open a second
> port (ftp, quake3, and so) and make it able to mark packets as related.
Conntrack modules do not open any port, they just mark packets as
RELATED. The actual filtering job is done by iptables rules.
> Those modules were ip_conntrack_ftp, ip_conntrack_quake3 and
> ip_conntrack_amanda. So, now netfilter packages and modules are in
> mainstream, some names and modules have changed, and I'm searching for
> the replace of those modules under the new nomenclature (nf_conntrack).
ip_conntrack_* helper modules have been replaced by nf_conntrack_* when
available and moved from net/ipv4/netfilter to net/netfilter.
> My problem comes as there are not a nf_conntrack_(ftp/quake3/amanda),
> but there are nf_nat_(ftp/amanda).ko files, and wonder to know if those
> file are the replace of the old ip_conntrack, or if I must install some
> kind of patches or something else.
If you have some NAT helper modules, then you should have the
corresponding conntrack helpers as NAT depends on conntrack, unless you
messed with your .config file. Maybe you have the conntrack helpers
built-in instead of built as modules. Check in your .config or
/proc/config.gz if available.
AFAIK quake3 conntrack support was never included in mainstream, it was
only in patch-o-matic for ip_conntrack. I don't know if it has been
converted to nf_conntrack.
next prev parent reply other threads:[~2008-05-19 14:41 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-05-13 14:24 ip_conntrack vs. nf_conntrack Martin
2008-05-16 15:08 ` Pascal Hambourg
2008-05-16 15:14 ` Jan Engelhardt
2008-05-16 15:15 ` Jan Engelhardt
2008-05-16 15:45 ` Pascal Hambourg
2008-05-16 16:07 ` Martin
2008-05-17 11:30 ` Jan Engelhardt
2008-05-19 13:13 ` Martin
2008-05-19 17:42 ` Jan Engelhardt
2008-05-20 13:05 ` Martin
2008-05-20 14:41 ` Pascal Hambourg
2008-05-20 14:58 ` Martin
2008-05-20 15:31 ` Jan Engelhardt
2008-05-17 11:36 ` Pascal Hambourg
2008-05-19 13:20 ` Martin
2008-05-19 14:41 ` Pascal Hambourg [this message]
2008-05-19 14:55 ` Martin
2008-05-19 17:10 ` Pascal Hambourg
2008-05-16 15:32 ` Martin
2008-05-17 11:28 ` Pascal Hambourg
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=483191A9.5020404@plouf.fr.eu.org \
--to=pascal.mail@plouf.fr.eu.org \
--cc=netfilter@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox