Re: ip_table problems
On Wednesday 27 November 2002 04:27, Derrick 'dman' Hudson wrote:
> On Wed, Nov 27, 2002 at 12:05:44AM +0000, daves debian wrote:
> | I run kernel 2.4.19, I want to run firestarter as a GUI firewall, it
> | needs IP chains enabled in the kernel
>
> ipchains or iptables? The two are quite different.
>
> | I finaly tracked down an article telling me what modules to enable,
> | I have in Network options
>
> Here's what I selected :
>
> #
> # IP: Netfilter Configuration
> #
> CONFIG_IP_NF_CONNTRACK=y
> CONFIG_IP_NF_FTP=y
> CONFIG_IP_NF_IRC=y
> CONFIG_IP_NF_QUEUE=m
> CONFIG_IP_NF_IPTABLES=y
> CONFIG_IP_NF_MATCH_LIMIT=y
> CONFIG_IP_NF_MATCH_MAC=y
> CONFIG_IP_NF_MATCH_MARK=y
> CONFIG_IP_NF_MATCH_MULTIPORT=y
> CONFIG_IP_NF_MATCH_TOS=y
> CONFIG_IP_NF_MATCH_AH_ESP=m
> CONFIG_IP_NF_MATCH_LENGTH=y
> CONFIG_IP_NF_MATCH_TTL=y
> CONFIG_IP_NF_MATCH_TCPMSS=y
> CONFIG_IP_NF_MATCH_STATE=y
> CONFIG_IP_NF_MATCH_UNCLEAN=m
> CONFIG_IP_NF_MATCH_OWNER=m
> CONFIG_IP_NF_FILTER=y
> CONFIG_IP_NF_TARGET_REJECT=y
> CONFIG_IP_NF_TARGET_MIRROR=m
> CONFIG_IP_NF_NAT=y
> CONFIG_IP_NF_NAT_NEEDED=y
> CONFIG_IP_NF_TARGET_MASQUERADE=y
> CONFIG_IP_NF_TARGET_REDIRECT=y
> # CONFIG_IP_NF_NAT_LOCAL is not set
> # CONFIG_IP_NF_NAT_SNMP_BASIC is not set
> CONFIG_IP_NF_NAT_IRC=y
> CONFIG_IP_NF_NAT_FTP=y
> CONFIG_IP_NF_MANGLE=y
> CONFIG_IP_NF_TARGET_TOS=y
> CONFIG_IP_NF_TARGET_MARK=y
> CONFIG_IP_NF_TARGET_LOG=y
> CONFIG_IP_NF_TARGET_ULOG=y
> CONFIG_IP_NF_TARGET_TCPMSS=y
> # CONFIG_IP_NF_ARPTABLES is not set
>
>
> I did not enable the ipchains compatibility module since I use
> iptables.
>
> HTH,
> -D
Many thanks for your help ............
did the above, still no go !!
Finaly worked it out .....
iptables in the kernel and the 'user space' iptables need to communicate,
they need the
Network dev support/universal TUN/TAP device driver !!!!
mmm .. interesting
IP tables now work fine
dave
Reply to: