Re: debian modules and networking Q's - just upgraded to woody and 2.4.x kernel

To: Chris Palmer <debian@zencow.com>
Cc: debian-user <debian-user@lists.debian.org>
Subject: Re: debian modules and networking Q's - just upgraded to woody and 2.4.x kernel
From: Osamu Aoki <debian@aokiconsulting.com>
Date: Sun, 27 Jan 2002 19:56:29 -0800
Message-id: <[🔎] 20020128035629.GE1056@goofy.lan.aokiconsulting.com>
Mail-followup-to: Chris Palmer <debian@zencow.com>, debian-user <debian-user@lists.debian.org>
In-reply-to: <[🔎] E16V18D-0001Ad-00@mycroft>
References: <[🔎] E16V18D-0001Ad-00@mycroft>

Hi, you are not alone.

On Sun, Jan 27, 2002 at 06:02:49PM -0800, Chris Palmer wrote:
> I'm another "normal" Debian user (non-newbie/non-guru <grin>) and I have 
> some questions on iptables and using modules under 2.4.x.

Yep transition 2.2 -> 2.4 using debian kernel-image is kind of tricky.

> I've been running an older Debian system for a while and started out 
> with ipfwadm on a 2.0.x kernel.  Sometime later I upgraded and a wrapper 
> for ipchains was installed.  I had intended to go thru things and learn 
> ipchains and re-write all my rules to that format, but never got around 
> to it.  Today, I upgraded this machine to woody and built a 2.4.x kernel 
> and installed iptables.

If you down load ipmasq package with" apt-get -d install" option and
look into package with "mc", it gives nice correspiondance idea between
these ip-packet filter commands.  Of course, "man" page is always there
for you.

> I think it went well, as I did some reading and created new rules for my 
> firewall using iptables, but I think I probably have a bunch of older files 
> from my 2.0.x kernel install that are probably handled a new way today.

Yep.  Kernel is more modular.  Some modules need to be loaded by
insmod/depmod manually.  Way to do it is listing them in "/etc/modules".

Most of "IP packet filtering", "apm", "scsi" ... are all modules now.
That is the reason behind using "initrd" image during boot time :)

My web page http://qref/sf.net/quick may help.  Check kernel section at
http://qref/sf.net/quick/ch-kernel.en.html#s-kernel-net

My firewall machine has long /etc/modules:

     # net/ipv-4
     ip_gre
     ipip

     # net/ipv-4/netfilter
     # iptable (in order)
     ip_tables
     ip_conntrack
     ip_conntrack_ftp
     iptable_nat
     iptable_filter
     iptable_mangle
     #
     ip_nat_ftp
     ip_queue
     #
     ipt_LOG
     ipt_MARK
     ipt_MASQUERADE
     ipt_MIRROR
     ipt_REDIRECT
     ipt_REJECT
     ipt_TCPMSS
     ipt_TOS
     ipt_limit
     ipt_mac
     ipt_mark
     ipt_multiport
     ipt_owner
     ipt_state
     ipt_tcpmss
     ipt_tos
     ipt_unclean
     #
     #ipchains
     #ipfwadm

Not all of them may not be needed because of kmod but will not harm :)

> I'm also hoping to get some help on modules.  It looks like kmod is the
> current system, but I also have a /etc/modules file that is getting run
> by /etc/intit.d/modutils, but I think this is the old way and might be
> interfering with things getting loaded properly now (things aren't loading
> as I'd expect them to).

Really?  Post your /etc/modules, if this parsists.

-- 
~\^o^/~~~ ~\^.^/~~~ ~\^*^/~~~ ~\^_^/~~~ ~\^+^/~~~ ~\^:^/~~~ ~\^v^/~~~ 
+  Osamu Aoki <debian@aokiconsulting.com>, GnuPG-key: 1024D/D5DE453D  +
+  My debian quick-reference, http://qref.sourceforge.net/quick/      +

Reply to:

References:
- debian modules and networking Q's - just upgraded to woody and 2.4.x kernel
  - From: Chris Palmer <debian@zencow.com>

Prev by Date: OT: hardware recommendations?
Next by Date: strange apt-get error (potato)
Previous by thread: Re: debian modules and networking Q's - just upgraded to woody and 2.4.x kernel
Next by thread: Error loading keymap !!
Index(es):
- Date
- Thread