>>>>> "chuck" == Chuck Shirley <[EMAIL PROTECTED]> writes:
chuck> On Thursday 07 February 2002 13:57, Juan Quintela wrote: >>>>>>> "richard" == richard <[EMAIL PROTECTED]> writes: >> richard> Hi Chuck if its any help the last kernel that did not cause this problem richard> was 2.4.17-2.. So maybe routing through the change notes might reveal richard> something. 2.4.17-2 works ok with iptables.. richard> might give a kernel guru a clue ??? >> >> The only change there was the quota support, humm, that also changed >> inodes, but netfilter don't use inodes at all :( >> >> /me thinking about that. >> >> Later, Juan. >> chuck> The starange thing is, the filters still come up and function. chuck> Even the binary rpm works just fine, execpt for the core that it chuck> leaves in the root direcroy on boot, or in whatever directory I'm chuck> in at the time I manually start the bastille-firewall service. chuck> Curiously, If the bastille-firewall service is started, and I start chuck> it again, iptables complains about the script, but does not dump chuck> core: chuck> [root@localhost chas]# service bastille-firewall start chuck> iptables: libiptc/libip4tc.c:384: do_check: Assertion `h->info.valid_hooks == (1 << 0 | 1 << 3)' failed. chuck> /sbin/bastille-netfilter: line 578: 513 Aborted ${IPTABLES} -t mangle -F PREROUTING chuck> Setting up IP spoofing protection... done. chuck> Allowing traffic from trusted interfaces... done. chuck> Setting up chains for public/internal interface traffic... done. chuck> Setting up general rules... done. chuck> Setting up outbound rules... done. chuck> [root@localhost chas]# ls | grep core chuck> [root@localhost chas]# Today will be a new kernel that fixes that, I hope. It is taking longer than expected because I want to maintaing compatible with normal kernel. Later, Juan. -- In theory, practice and theory are the same, but in practice they are different -- Larry McVoy