Am Donnerstag, 27. Oktober 2005 00:21 schrieb Richard Amerman: > Thanks Tom, > > > -----Original Message----- > > From: Tom Eastep [mailto:[EMAIL PROTECTED] > > > > On Wednesday 26 October 2005 14:40, Richard Amerman wrote: > > > That command includes the following: > > > > > > CONNMARK target v1.3.3 options: > > > --set-mark value[/mask] Set conntrack mark value > > > --save-mark [--mask mask] Save the packet nfmark in > > > > the connection > > > > > --restore-mark [--mask mask] Restore saved nfmark value > > > > That confirms that the problem is definitely in the kernel > > then. Try this at a > > shell prompt: > > > > iptables -t mangle -N foo > > No output > > > iptables -t mangle -A foo -j CONNMARK --save-mark > > Output: > iptables: No chain/target/match by that name > > > What error message is generated? > > No errors other than the output from the second command (which may be an > error, but I do not know CONNMARK so don't know) > > > What is the output of 'lsmod | grep CONNMARK' ? > > No Output
Richard; for whatever reason, you do not load the modules. I did a quick test with the ISO image and copied the connmark modules to /lib/modules, added both to /etc/modules, ran /etc/init.d/modutils and both where loaded. shorewall and lsmod had the expected output. Make shure you do load the modules. kp ------------------------------------------------------- This SF.Net email is sponsored by the JBoss Inc. Get Certified Today * Register for a JBoss Training Course Free Certification Exam for All Training Attendees Through End of 2005 Visit http://www.jboss.com/services/certification for more information ------------------------------------------------------------------------ leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
