Hi David, Iptables and the kernel are very close bound. If you compile your own kernel with different patches, you better can compile your own iptables too. The iptables Makefile looks at the kernel config, so it's very well possible it doesn't 'match' or you need some iptables patches.
Eric >Hi all, >I need to make some test for iptables on my bering box. I was on >Bering-uClibc 2.3 (i believe) before. When I used shorewall, it crashed on >masquerade rules with an "Unknows error -1" >I think that maybe, the iptables.lrp didn't correspond with my bering >version. So, I upgraded bering uclibc to 3.0 version in order to use the new >package (with ld-uClibc-0.9.28). The new leaf work fine, but the masquerade >problem persist. >I use a 2.4.32 kernel, with many patch, but ,normally, no which modifies ip >stack kernel, netfilter stack or anything else about network. >The filter table work fine, the problem is just on nat table. The following >modules was present during my test : >ip_tables >iptable_filter >ip_conntrack >iptable_nat >ipt_MASQUERADE >I tranfered temporarily the shorwall package, to test a simple command about >nat table (maybe it was shorwall package which had a problem) : ># iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE -v >MASQUERAD all opt -- in * out eth0 0.0.0.0/0 -> 0.0.0.0/0 >iptables:Unknown error -1 >The last interesting line of syslog is : >Nov 12 00:19:10 Darkvabox kernel: kmod: failed to exec /sbin/modprobe -s >-k ipt_MASQUERADE, errno = 2 ..... :-S >Normal, modprobe is not available ... >Thing curious is that, if ipt_MASQUERADE is loaded or not, the result of the >command and the log is identic. The version of iptables.lrp is 1.3.5. > >I think the problem isn't complicated, but I don't see... >Any ideas ? > >Regards, >David >------------------------------------------------------------------------- >Using Tomcat but need to do more? Need to support web services, security? >Get stuff done quickly with pre-integrated technology to make your job easier >Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo >http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 >------------------------------------------------------------------------ >leaf-user mailing list: leaf-user@lists.sourceforge.net >https://lists.sourceforge.net/lists/listinfo/leaf-user >Support Request -- http://leaf-project.org/ ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 ------------------------------------------------------------------------ leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
