On 10/23/2012 10:59 PM, Svoop wrote: > Hiyas > > I'm trying to up the Gentoo package to beta4. When I try to start the daemon, > the log reads "10/23/2012 22:46:22 : PID 2054 : vuurmuur : Error (-1): > no > connection tracking support in the kernel (in: check_iptcaps:782)." > > Weird, because contrack in the kernel: > > $ grep NF_ .config > > CONFIG_NF_CONNTRACK=y > CONFIG_NF_CONNTRACK_MARK=y > CONFIG_NF_CONNTRACK_SECMARK=y > # CONFIG_NF_CONNTRACK_ZONES is not set > # CONFIG_NF_CONNTRACK_PROCFS is not set > # CONFIG_NF_CONNTRACK_EVENTS is not set > # CONFIG_NF_CONNTRACK_TIMEOUT is not set > # CONFIG_NF_CONNTRACK_TIMESTAMP is not set > CONFIG_NF_CT_PROTO_DCCP=m > CONFIG_NF_CT_PROTO_GRE=m > CONFIG_NF_CT_PROTO_SCTP=m > CONFIG_NF_CT_PROTO_UDPLITE=m > CONFIG_NF_CONNTRACK_AMANDA=m > CONFIG_NF_CONNTRACK_FTP=m > CONFIG_NF_CONNTRACK_H323=m > CONFIG_NF_CONNTRACK_IRC=m > CONFIG_NF_CONNTRACK_BROADCAST=m > CONFIG_NF_CONNTRACK_NETBIOS_NS=m > CONFIG_NF_CONNTRACK_SNMP=m > CONFIG_NF_CONNTRACK_PPTP=m > CONFIG_NF_CONNTRACK_SANE=m > CONFIG_NF_CONNTRACK_SIP=m > CONFIG_NF_CONNTRACK_TFTP=m > CONFIG_NF_CT_NETLINK=m > CONFIG_NF_CT_NETLINK_TIMEOUT=m > CONFIG_NF_DEFRAG_IPV4=y > CONFIG_NF_CONNTRACK_IPV4=y > # CONFIG_IP_NF_QUEUE is not set > CONFIG_IP_NF_IPTABLES=y > CONFIG_IP_NF_MATCH_AH=m > CONFIG_IP_NF_MATCH_ECN=m > CONFIG_IP_NF_MATCH_RPFILTER=m > CONFIG_IP_NF_MATCH_TTL=m > CONFIG_IP_NF_FILTER=y > CONFIG_IP_NF_TARGET_REJECT=y > CONFIG_IP_NF_TARGET_ULOG=m > CONFIG_NF_NAT=m > CONFIG_NF_NAT_NEEDED=y > CONFIG_IP_NF_TARGET_MASQUERADE=m > CONFIG_IP_NF_TARGET_NETMAP=m > CONFIG_IP_NF_TARGET_REDIRECT=m > CONFIG_NF_NAT_SNMP_BASIC=m > CONFIG_NF_NAT_PROTO_DCCP=m > CONFIG_NF_NAT_PROTO_GRE=m > CONFIG_NF_NAT_PROTO_UDPLITE=m > CONFIG_NF_NAT_PROTO_SCTP=m > CONFIG_NF_NAT_FTP=m > CONFIG_NF_NAT_IRC=m > CONFIG_NF_NAT_TFTP=m > CONFIG_NF_NAT_AMANDA=m > CONFIG_NF_NAT_PPTP=m > CONFIG_NF_NAT_H323=m > CONFIG_NF_NAT_SIP=m > CONFIG_IP_NF_MANGLE=m > CONFIG_IP_NF_TARGET_CLUSTERIP=m > CONFIG_IP_NF_TARGET_ECN=m > CONFIG_IP_NF_TARGET_TTL=m > CONFIG_IP_NF_RAW=m > CONFIG_IP_NF_SECURITY=m > CONFIG_IP_NF_ARPTABLES=m > CONFIG_IP_NF_ARPFILTER=m > CONFIG_IP_NF_ARP_MANGLE=m > CONFIG_NF_DEFRAG_IPV6=y > CONFIG_NF_CONNTRACK_IPV6=y > CONFIG_IP6_NF_IPTABLES=y > CONFIG_IP6_NF_MATCH_AH=m > CONFIG_IP6_NF_MATCH_EUI64=m > CONFIG_IP6_NF_MATCH_FRAG=m > CONFIG_IP6_NF_MATCH_OPTS=m > CONFIG_IP6_NF_MATCH_HL=m > CONFIG_IP6_NF_MATCH_IPV6HEADER=m > CONFIG_IP6_NF_MATCH_MH=m > CONFIG_IP6_NF_MATCH_RPFILTER=m > CONFIG_IP6_NF_MATCH_RT=m > CONFIG_IP6_NF_TARGET_HL=m > CONFIG_IP6_NF_FILTER=y > CONFIG_IP6_NF_TARGET_REJECT=y > CONFIG_IP6_NF_MANGLE=m > CONFIG_IP6_NF_RAW=m > CONFIG_IP6_NF_SECURITY=m > > Any idea what could be the problem?
It checks if /proc/net/ip_conntrack exists, or otherwise /proc/net/nf_conntrack. Do these exist on your system? ------------------------------------------------------------------------------ Everyone hates slow websites. So do we. Make your web apps faster with AppDynamics Download AppDynamics Lite for free today: http://p.sf.net/sfu/appdyn_sfd2d_oct _______________________________________________ Vuurmuur-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/vuurmuur-users
