Ok thank you. Without this option (kmod), error message in syslog disappears. However, the option "-J MASQUERADE" still doesn't work, and iptables give me the same error. (ipt_MASQUERADE is correctly loaded) I will try to compile iptables, following your url.
>But what patches do you use and what kernel config changes did you make? Some patchs specific for my hardware not included in 2.4 branch (in particular concerning watchdog and gpio port) Rgds, David On 11/12/06, Eric Spakman <[EMAIL PROTECTED]> wrote: > > Hi David, > > Looking at you initial mail again: > > >The last interesting line of syslog is : > >Nov 12 00:19:10 Darkvabox kernel: kmod: failed to exec /sbin/modprobe > -s > >-k ipt_MASQUERADE, errno = 2 ..... :-S > >Normal, modprobe is not available ... > > You probably have your private kernel compiled with "kmod" enabled, which > should be disabled without modprobe support. > It looks like a specific kernel ipt module is missing and the kernel is > trying to modprobe it. The module missing seems to be ipt_MASQUEARADE. > > Eric > > > > > Well, I feared a response of this kind. Compile a kernel is easy, > compile > > iptables with this kernel too, but compile iptables for uclibc, I never > > yet made, and I feel I will have much problems…:D :-/ Which manner I can > do > > that? Install buildroot is the better/only solution ? As I didn't touch > > the network parts or netfilter kernel, it would be perhaps simpler than > I > > adapt my .config file with the .config kernel used to generate the > packet > > iptables.lrp? Available some share for it? I tested with a vanilla > kernel > > 2.4.33 and I have exactly the same problem. > > Thanks, > > David > > > > > > > > On 11/12/06, Eric Spakman <[EMAIL PROTECTED]> wrote: > > > >> > >> Hi David, > >> > >> > >> Iptables and the kernel are very close bound. If you compile your own > >> kernel with different patches, you better can compile your own iptables > >> too. The iptables Makefile looks at the kernel config, so it's very > well > >> possible it doesn't 'match' or you need some iptables patches. > >> > >> Eric > >> > >> > >>> Hi all, > >>> I need to make some test for iptables on my bering box. I was on > >>> Bering-uClibc 2.3 (i believe) before. When I used shorewall, it > >>> crashed > >> on > >>> masquerade rules with an "Unknows error -1" I think that maybe, the > >>> iptables.lrp didn't correspond with my bering version. So, I upgraded > >>> bering uclibc to 3.0 version in order to use the > >> new > >>> package (with ld-uClibc-0.9.28). The new leaf work fine, but the > >> masquerade > >>> problem persist. I use a 2.4.32 kernel, with many patch, but > >>> ,normally, no which modifies > >>> > >> ip > >>> stack kernel, netfilter stack or anything else about network. The > >>> filter table work fine, the problem is just on nat table. The > >> following > >>> modules was present during my test : ip_tables iptable_filter > >>> ip_conntrack iptable_nat ipt_MASQUERADE I tranfered temporarily the > >>> shorwall package, to test a simple command > >> about > >>> nat table (maybe it was shorwall package which had a problem) : # > >>> iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE -v MASQUERAD all > >>> opt -- in * out eth0 0.0.0.0/0 -> 0.0.0.0/0 iptables:Unknown error -1 > >>> The last interesting line of syslog is : > >>> Nov 12 00:19:10 Darkvabox kernel: kmod: failed to exec > >>> /sbin/modprobe > >>> > >> -s > >> > >>> -k ipt_MASQUERADE, errno = 2 ..... :-S > >>> Normal, modprobe is not available ... > >>> Thing curious is that, if ipt_MASQUERADE is loaded or not, the result > >>> of > >> the > >>> command and the log is identic. The version of iptables.lrp is 1.3.5. > >>> > >>> > >>> I think the problem isn't complicated, but I don't see... > >>> Any ideas ? > >>> > >>> > >>> Regards, > >>> David > >>> ---------------------------------------------------------------------- > >>> --- > >>> > >> > >>> Using Tomcat but need to do more? Need to support web services, > >>> security? Get stuff done quickly with pre-integrated technology to > >>> make your job > >> easier > >>> Download IBM WebSphere Application Server v.1.0.1 based on Apache > >>> > >> Geronimo > >> > >>> http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121 > >>> 642 > >>> ---------------------------------------------------------------------- > >>> -- > >>> leaf-user mailing list: leaf-user@lists.sourceforge.net > >>> https://lists.sourceforge.net/lists/listinfo/leaf-user > >>> Support Request -- http://leaf-project.org/ > >>> > >> > >> > > > ------------------------------------------------------------------------- > > Using Tomcat but need to do more? Need to support web services, > > security? Get stuff done quickly with pre-integrated technology to make > > your job easier Download IBM WebSphere Application Server v.1.0.1 based > on > > Apache Geronimo > > http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 > > ------------------------------------------------------------------------ > > leaf-user mailing list: leaf-user@lists.sourceforge.net > > https://lists.sourceforge.net/lists/listinfo/leaf-user > > Support Request -- http://leaf-project.org/ > > > > > > > ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 ------------------------------------------------------------------------ leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
