On Sun, 5 Aug 2007 12:38:58 am Tom Eastep wrote: > James Gray wrote: > > 1. Does this kernel compile look ok? I was expecting the modules, but > > not with the "xt_" prefix. > > Your kernel is probably okay. The netfilter team have been busily renaming > many of the modules. > > > 2. Do I need to recompile, or get a different version of, iptables? > > At the very least, you need to recompile it against your new kernel. I > recommend upgrading to 1.3.8 while you are at it. Note that the rebuilt > iptables will likely *not* work with your current kernel.
OK - created an RPM from the 1.3.8 iptables tar ball compiled against the source tree for the vanilla 2.6.22.1 kernel. BTW - if anyone else wants the source RPM, I'm happy to oblige. :) It's not perfect (throws a few errors during install/removal of the resulting binary about not supporting "chkconfig") so needs a little more spec file tweaking, but it works. > > 3. Do I need to tweak the aliases in /etc/modprobe.conf? > > No. Sweet. Manged to reboot into the new kernel and installed the new iptables RPM (removed the 1.2.11 iptables from CentOS 4.4 along the way). However, when I tried starting Shorewall with the known-working config I got: Aug 6 12:27:10 firewall shorewall: Loading Modules... Aug 6 12:27:10 firewall shorewall: FATAL: Error inserting ipt_LOG (/lib/modules/2.6.22.1/kernel/net/ipv4/netfilter/ipt_LOG.ko): Device or resource busy http://bugzilla.kernel.org/show_bug.cgi?id=8789 So back to the kernel compile again....sigh. I thought I'd mention this problem on the list so if other people hit it, there's something in the archives. On CentOS 4.x you'll need to apply the patch from the URL above against 2.6.22 with "patch -l -p1 < /path/to/patch" at the top level of the kernel source. Cheers, James -- Academicians care, that's who.
smime.p7s
Description: S/MIME cryptographic signature
------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
