IP masq'ing with 2.4.1 - FA311 (83810 vs. 83815) - Kernel module symbol versionning

To: <luv@luv.asn.au>, <debian-user@lists.debian.org>
Subject: IP masq'ing with 2.4.1 - FA311 (83810 vs. 83815) - Kernel module symbol versionning
From: "hogan" <hogan@netspace.net.au>
Date: Sun, 11 Feb 2001 11:18:36 +1100
Message-id: <[🔎] 00be01c093c0$2de10760$01fefe0a@windows98>

Well folks, I'm pretty much convinced that my past problems with my box are
wholely based on the duty cycle of the modem (I gotta turn it off when it's
not online or it overheats and slows down to a crawl - yay Auslinx :)

Currently running 2.2.17 prepackaged (semi testing/unstable :) debian kernel
until I get this sorted, but did the following:

apt-get update
apt-get dist-upgrade
wget ftp://ftp.au.kernel.org/pub/linux/kernel/v2.4/linux-2.4.1.tar.bz2
tar -jxvvf linux-2.4.1.tar.bz2
make clean
make menuconfig
make-kpkg clean
make-kpkg --revision=daserver.1.0 kernel_image
dpkg -i kernel-image-2.4.1_daserver.1.0_i386.deb
vi /etc/modules
vi /etc/lilo.conf
lilo
reboot

... and the thing reboots beautifully... except:

Supplied RTL 8139 driver now "8139too" - easy fixed :)
IP masquerading not working...

Which modules do I need to load for iptables ipmasqing and ipchains support?
(I compile most things as modules so I can pull things out and put them back
in again without recompiling the whole load)

After digging around my HDD, I come up with:
/lib/modules/2.4.1/kernel/net/ipv4/netfilter$ ls
ip_conntrack.o      ip_tables.o  ipt_MARK.o        ipt_REJECT.o  ipt_mac.o
ipt_state.o       iptable_mangle.o
ip_conntrack_ftp.o  ipchains.o   ipt_MASQUERADE.o  ipt_TOS.o     ipt_mark.o
ipt_tos.o         iptable_nat.o
ip_nat_ftp.o        ipt_LOG.o    ipt_REDIRECT.o    ipt_limit.o
ipt_multiport.o  iptable_filter.o

What do stick in /etc/modules? Do any of the entries require arguments?

I tried some of the more obvious things at the CLI like:
    modprobe ip_tables
    modprobe ipt_MASQUERADE
etc. and get all sorts of errors (oops.. didn't grab them - running 2.2.17
right now) ranging from various /dev/net entries not being present to
ipmasquerading not enabled..

... but:
/etc/network$ cat options
ip_forward=yes
spoofprotect=yes
syncookies=no

I'm guessing it's a combination of my not knowing what I'm doing half of the
time (Oh yeah.. that looks useful... "m" :) .. and that things like ip_forward
etc. can't be turned on until relevant modules loaded.. I did compile with the
auto kernel module loader thingy (highly technical terminology :) though.. I
also put versionning on kernel module symbols on, but someone was telling me
this doesn't work right now - would this fsck things in general?

At present system uses ipmasq package to configure everything with ipchains -
which, I understand is supported through compatibility module
/lib/modules/2.4.1/kernel/net/ipv4/netfilter/ipchains.o

Anyway, any hints etc. appreciated - if I can get my head around IP tables, I
might dump the ipmasq package.

Oh yeah, anyone know if NatSemi kernel supplied 83810 series driver works with
83815 (NetGear FA311)? I want to take out the RTL8139.. I guess I could just
try it (but then that means pulling all the cables out of my server to get to
it etc. etc. etc. :)

ADFH

Reply to:

Prev by Date: Re: ssh version ?
Next by Date: Re: New sshd exploits...
Previous by thread: Re: pppoe stop working after upgrading to Kernel 2.4.1
Next by thread: moden, cd and video card
Index(es):
- Date
- Thread