Re: no ipchains with 2.2/no network with 2.4
Thanks Sam.
Your assertivity about the fact that it should be supported made me check
the kernel version I had installed. I reinstalled the kernel-image-2.2.20
and ipchains work now.
Now, I still can't ping my two sub-nets.
When ipchains policies are set to DENY (and I have no rules), I correctly
have "Operation not permitted" on my pings.
When I set the policies to ACCEPT (for the three chains), whith no rules or
with rules allowing ACCEPT, Ping freezes (100% drop) (direct ip address, not
name)
With the kernel "pci-ide", the network worked correctly (I was able to ping
the two subnets, and allowed squid to proxy http).
lsmod said:
Module Size Used by
8139too 12600 0 (unused)
ne 6140 1
af_packet 6136 0 (unused)
With the working kernel, ping is not working (although when I add an ipchain
rule to log all, I see activity)
lsmod says now:
Module Size Used by
lockd 42420 0 (autoclean) (unused)
sunrpc 57816 0 (autoclean) [lockd]
8139too 12648 1
ne 6140 1
8390 6104 0 [ne]
af_packet 6152 0 (unused)
unix 11352 8 (autoclean)
My etc/modules contains in both cases:
# /etc/modules: kernel modules to load at boot time.
#
# This file should contain the names of kernel modules that are
# to be loaded at boot time, one per line. Comments begin with
# a "#", and everything on the line after them are ignored.
af_packet
ne
8139too
I suppose that it should be now a stupid newbie problem - something that is
activated by default and that I am not aware of... (ipforward is enabled)
But I am now searching for one week and feels some discouragement...
Pierre A.
From: Sam Watkins <swatkins@fastmail.fm>
To: debian-user@lists.debian.org,"Pierre A. Damas"
<pierredamas@hotmail.com>
Subject: Re: no ipchains with 2.2/no network with 2.4
Date: Thu, 6 Jan 2005 21:57:38 +1100
On Wed, Jan 05, 2005 at 04:53:10PM +0100, Pierre A. Damas wrote:
> Since I installed the woody distribution, I am the happy owner of a
> kernel 2.2.
> I would like to use ipchains, but it is "not supported in this
> Kernel", so I searched everywhere to find an ipchains.o module to
> insmod for 2.2 (I found for 2.4). In which package would it be ?
It should be supported in that kernel! IIRC all the stock Debian 2.2
kernels support ipchains. Do you have the "ipchains" package installed?
You could try installing the "ipmasq" package, that should set up a
firewall and masquerading whether you're using ipchains or iptables or
whatever.
--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact
listmaster@lists.debian.org
_________________________________________________________________
Try MSN Messenger 7.0 beta http://messenger.msn.be/beta
Reply to: