| View previous topic :: View next topic |
| Author |
Message |
sunox
Tux's lil' helper
Joined: 26 Jan 2022
Posts: 147
|
 Posted: Mon Feb 28, 2022 9:55 pm Post subject: Portage warns about missing kernel option, but can't find it |
 |
|
ufw gives me the message that:
| Code: | | * CONFIG_NETFILTER_XT_TARGET_LOG: is not set when it should be. |
I search menuconfig for this option and this is what I get:
| Code: | Symbol: NETFILTER_XT_MATCH_STATE [=n] │
│ Type : tristate │
│ Defined at net/netfilter/Kconfig:1578 │
│ Prompt: "state" match support │
│ Depends on: NET [=y] && INET [=y] && NETFILTER [=y] && NETFILTER_XTABLES [=y] && NF_CONNTRACK [=n] │
│ Location: │
│ -> Networking support (NET [=y]) │
│ -> Networking options │
│ -> Network packet filtering framework (Netfilter) (NETFILTER [=y]) │
│ -> Core Netfilter Configuration │
│ (1) -> Netfilter Xtables support (required for ip_tables) (NETFILTER_XTABLES [=y]) |
All the dependencies are met, and yet I don't see '"state' match support" where it should be in menuconfig.
I'm perplexed. Does anyone have an idea as to what might be wrong? Thanks in advance.[/code] |
|
| Back to top |
|
 |
Hu
Administrator
Joined: 06 Mar 2007
Posts: 23062
|
| Posted: Mon Feb 28, 2022 10:07 pm Post subject: |
|
|
| sunox wrote: | ufw gives me the message that: | Code: | | * CONFIG_NETFILTER_XT_TARGET_LOG: is not set when it should be. |
I search menuconfig for this option and this is what I get: | Code: | | Symbol: NETFILTER_XT_MATCH_STATE [=n] |
|
That does not look like the same symbol to me. What search led you here? | sunox wrote: | | Code: | | │ Depends on: NET [=y] && INET [=y] && NETFILTER [=y] && NETFILTER_XTABLES [=y] && NF_CONNTRACK [=n] │ |
All the dependencies are met, and yet I don't see '"state' match support" where it should be in menuconfig. |
Your output shows one dependency is not met. NF_CONNTRACK should be =y, but is =n. Find and enable that, then try again. |
|
| Back to top |
|
|
sunox
Tux's lil' helper
Joined: 26 Jan 2022
Posts: 147
|
| Posted: Mon Feb 28, 2022 10:26 pm Post subject: |
|
|
Oh whoops, I copy-pasted the wrong warning. That other one has been met.
And it turns out that I was misreading the dependencies. I took it to mean that it required that NF_CONNTRACK should be set to N. I suppose anytime we see something as a dependency we are to assume that it expects Y or *?
Thanks again for the help Hu. |
|
| Back to top |
|
|
Hu
Administrator
Joined: 06 Mar 2007
Posts: 23062
|
| Posted: Mon Feb 28, 2022 10:36 pm Post subject: |
|
|
| Yes. If it needed to be =n, it would be written as !NF_CONNTRACK. |
|
| Back to top |
|
|
sunox
Tux's lil' helper
Joined: 26 Jan 2022
Posts: 147
|
| Posted: Tue Mar 01, 2022 12:53 am Post subject: |
|
|
| Hu wrote: | | Yes. If it needed to be =n, it would be written as !NF_CONNTRACK. |
Got it, thank you sir. |
|
| Back to top |
|
|
|
Kernel & Hardware
