On Fri, Jul 22, 2011 at 8:32 PM, Todd And Margo Chester <toddandma...@gmail.com> wrote: > On 07/15/2011 08:14 PM, Katherine Lim wrote: > > On Sat, Jul 16, 2011 at 1:09 PM, Todd And Margo Chester > <toddandma...@gmail.com> wrote: >> >> On 07/15/2011 07:31 PM, William Scott wrote: >>> >>> On 16 July 2011 11:50, Todd And Margo Chester<toddandma...@gmail.com> >>> wrote: >>>> >>>> Hi All, >>>> >>>> Not having a good time researching this in Google, unless >>>> I want to do it in Ubuntu. >>>> >>>> I am trying to make the following command permanent: >>>> modprobe ip_nat_ftp >>> >>> Have a look in /etc/sysconfig/iptables-config >>> >> I should have said I am running SL6 x64. >> >> It is there. But, running /etc/rc.d/init.d/iptables throws an >> error on ip_nat_ftp if I do not previously load ip_nat_ftp >> with modprobe. >> >> What I am after is to load ip_nat_ftp at boot time with >> modprobe.d. >> >> A tape and gum approach would be to load ip_nat_ftp >> in /etc/rc.d/init.d/iptables before it did anything with >> /etc/sysconfig/iptables-config, but I really would like >> to learn the right way to do it in modprobe.d. >> >> -T > > > Did you get any errors after editing the IPTABLES_MODULES line in > /etc/sysconfig/iptables-config to: > IPTABLES_MODULES="ip_nat_ftp" > > On 07/15/2011 10:13 PM, Tom H wrote: > > >From a colleague working on our RHEL 6 deployment (similar to F14/F15): > > root # vi /etc/sysconfig/modules/ip_nat_ftp.modules > #!/bin/sh > exec /sbin/modprobe ip_nat_ftp > root # chmod +x /etc/sysconfig/modules/ip_nat_ftp.modules > > Perhaps you should also start using the new name, nf_nat_ftp (although > its alias, ip_nat_ftp, the previous name, still works). > > Hi Guys, > > Okay. I probably need to come clean on this. > > 1) ip_nat_ftp was not loaded at boot, but nf_nat_ftp was. > > 2) Tom's method of loading a module at boot time worked perfectly. > > 3) the error when running /etc/rc.d/init.d/iptables on both > ip & nf_nat_ftp not loading was my fault. I forgot the quotes > in /etc/sysconfig/iptables-config: > > Bad: IPTABLES_MODULES=ip_conntrack_netbios ns nf_nat_ftp > Good: IPTABLES_MODULES="ip_conntrack_netbios ns nf_nat_ftp" > > When ..init.d/iptables ran its "include" on iptables-config, it > saw nf_nat_ftp as a separate command and not a variable > assignment. > > On the bright side, I did learn how to load a module at > boot time. > > Thank you all for the help (and your patience),
You're welcome. I'm glad that loading nf_nat_ftp through "/etc/sysconfig/iptables-config" is working for you. It's the "right" way for loading it; "my" method was just a workaround. It's interesting that ip_nat_ftp cannot be loaded through "/etc/sysconfig/iptables-config" because it can be modprobe'd. I guess that whatever mechanism's used to load a module alias isn't available yet.