Hi, I recently updated to hardened-sources-2.6.22-r8 and had a problem starting shorewall:
* Starting firewall ... WARNING: Error inserting nf_conntrack_amanda (/lib/modules/2.6.22-hardened-r8/kernel/net/netfilter/nf_conntrack_amanda.ko): Unknown symbol in module, or unknown parameter (see dmesg) FATAL: Error inserting nf_nat_amanda (/lib/modules/2.6.22-hardened-r8/kernel/net/ipv4/netfilter/nf_nat_amanda.ko): Unknown symbol in module, or unknown parameter (see dmesg) WARNING: Error inserting nf_conntrack_amanda (/lib/modules/2.6.22-hardened-r8/kernel/net/netfilter/nf_conntrack_amanda.ko): Unknown symbol in module, or unknown parameter (see dmesg) FATAL: Error inserting nf_nat_amanda (/lib/modules/2.6.22-hardened-r8/kernel/net/ipv4/netfilter/nf_nat_amanda.ko): Unknown symbol in module, or unknown parameter (see dmesg) iptables: No chain/target/match by that name ERROR: Command "/sbin/iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu" Failed /sbin/shorewall: line 375: 8362 Terminated ${VARDIR}/.start $debugging start here is kernel log: ip_tables: (C) 2000-2006 Netfilter Core Team ctnetlink v0.93: registering with nfnetlink. nf_nat_amanda: Unknown symbol nf_nat_amanda_hook ClusterIP Version 0.8 loaded successfully nf_nat_amanda: Unknown symbol nf_nat_amanda_hook Seems that it is kernel fault. I recompiled kernel with nf_nat_amanda and nf_conntrack_amanda in kernel. After that shorewall still fails to start with message: iptables: No chain/target/match by that name ERROR: Command "/sbin/iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu" Failed I googled it and searched it on bugs.gentoo.org but I've not found any information about it. Thanks fo any suggestions -- best regards, Aleksey V. Kunitskiy my public GPG/PGP key: http://www.alexey-kv.org.ua/pubkey.asc
* Starting firewall ... WARNING: Error inserting nf_conntrack_amanda (/lib/modules/2.6.22-hardened-r8/kernel/net/netfilter/nf_conntrack_amanda.ko): Unknown symbol in module, or unknown parameter (see dmesg) FATAL: Error inserting nf_nat_amanda (/lib/modules/2.6.22-hardened-r8/kernel/net/ipv4/netfilter/nf_nat_amanda.ko): Unknown symbol in module, or unknown parameter (see dmesg) WARNING: Error inserting nf_conntrack_amanda (/lib/modules/2.6.22-hardened-r8/kernel/net/netfilter/nf_conntrack_amanda.ko): Unknown symbol in module, or unknown parameter (see dmesg) FATAL: Error inserting nf_nat_amanda (/lib/modules/2.6.22-hardened-r8/kernel/net/ipv4/netfilter/nf_nat_amanda.ko): Unknown symbol in module, or unknown parameter (see dmesg) iptables: No chain/target/match by that name ERROR: Command "/sbin/iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu" Failed /sbin/shorewall: line 375: 8362 Terminated ${VARDIR}/.start $debugging start
signature.asc
Description: This is a digitally signed message part.