[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: no ipchains with 2.2/no network with 2.4

Thanks Sam.

Your assertivity about the fact that it should be supported made me check the kernel version I had installed. I reinstalled the kernel-image-2.2.20 and ipchains work now.

Now, I still can't ping my two sub-nets.

When ipchains policies are set to DENY (and I have no rules), I correctly have "Operation not permitted" on my pings.

When I set the policies to ACCEPT (for the three chains), whith no rules or with rules allowing ACCEPT, Ping freezes (100% drop) (direct ip address, not name)

With the kernel "pci-ide", the network worked correctly (I was able to ping the two subnets, and allowed squid to proxy http).

lsmod said:
Module                  Size  Used by
8139too                12600   0  (unused)
ne                      6140   1
af_packet               6136   0  (unused)

With the working kernel, ping is not working (although when I add an ipchain rule to log all, I see activity)

lsmod says now:
Module                  Size  Used by
lockd                  42420   0  (autoclean) (unused)
sunrpc                 57816   0  (autoclean) [lockd]
8139too                12648   1
ne                      6140   1
8390                    6104   0  [ne]
af_packet               6152   0  (unused)
unix                   11352   8  (autoclean)

My etc/modules contains in both cases:

# /etc/modules: kernel modules to load at boot time.
# This file should contain the names of kernel modules that are
# to be loaded at boot time, one per line.  Comments begin with
# a "#", and everything on the line after them are ignored.


I suppose that it should be now a stupid newbie problem - something that is activated by default and that I am not aware of... (ipforward is enabled)

But I am now searching for one week and feels some discouragement...

Pierre A.

From: Sam Watkins <swatkins@fastmail.fm>
To: debian-user@lists.debian.org,"Pierre A. Damas" <pierredamas@hotmail.com>
Subject: Re: no ipchains with 2.2/no network with 2.4
Date: Thu, 6 Jan 2005 21:57:38 +1100

On Wed, Jan 05, 2005 at 04:53:10PM +0100, Pierre A. Damas wrote:
> Since I installed the woody distribution, I am the happy owner of a
> kernel 2.2.

> I would like to use ipchains, but it is "not supported in this
> Kernel", so I searched everywhere to find an ipchains.o module to
> insmod for 2.2 (I found for 2.4).  In which package would it be ?

It should be supported in that kernel!  IIRC all the stock Debian 2.2
kernels support ipchains.  Do you have the "ipchains" package installed?

You could try installing the "ipmasq" package, that should set up a
firewall and masquerading whether you're using ipchains or iptables or

To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Try MSN Messenger 7.0 beta http://messenger.msn.be/beta

Reply to: