Re: ...no Masquerade...?
On Sat, Mar 25, 2000 at 01:11:23AM -0500, Jeff Gordon wrote:
> Hmm; looks like -nothing's- in the kernel (and no mention of any of these
> in modules.conf):
>
> www2:~# modprobe ipchains
> modprobe: Can't locate module ipchains
> www2:~# modprobe ipfwadm
> modprobe: Can't locate module ipfwadm
> www2:~# modprobe ipmasq
> modprobe: Can't locate module ipmasq
> www2:~# ipmasq
> IP Masquerade has not been enabled in the kernel.
Whoa... I may be completely delusional/incorrect/drunk, but afaik
ipchains is just a userspace interface to kernel structures and is not a
module. Iow, you either have "firewall support" in your kernel or you
don't, but if you do, you would use the ipchains program to manipulate
the kernel's packet filter rules.
I also am unsure whether the stock potato kernel includes firewalling
support, but I would guess that it does. One way to find out:
(as root)
ipchains -L
What happens?
If it says something like "Does this kernel support IP Firewall Chains?"
then my guess is that your kernel doesn't support firewalling and will
need to be re-compiled (also be sure to include IP Masquerading
support if you do this).
Otoh, if it doesn't give you that error, you can just go ahead and start
setting up your firewall rules.
See the ipchains HOW-TO on www.linuxdoc.org for a primer, and come back
to the list for specifics if necessary. :-)
HTH.
Reply to: