Gentoo Forums :: View topic - IPTables problem

IPTables problem

View unanswered posts
View posts from last 24 hours

Gentoo Forums Forum Index

Networking & Security

View previous topic :: View next topic

Author

Message

n3Cre0
Tux's lil' helper

Joined: 16 Jan 2007
Posts: 129

Posted: Fri Apr 13, 2007 12:55 pm Post subject: IPTables problem

Hey all

I've been trying the last few days to install shorewall.

I filled in all the config files and when I start it I get this:

Quote:

Compiling...
Loading /usr/share/shorewall/lib.base...
Loading /usr/share/shorewall/lib.config...
Processing /etc/shorewall/params ...
Processing /etc/shorewall/shorewall.conf...
Loading Modules...
Loading library /usr/share/shorewall/lib.actions...
Initializing...
Shorewall has detected the following iptables/netfilter capabilities:
NAT: Not available
Packet Mangling: Not available
Multi-port Match: Not available
Connection Tracking Match: Not available
Packet Type Match: Not available
Policy Match: Not available
Physdev Match: Not available
Packet length Match: Not available
IP range Match: Not available
Recent Match: Not available
Owner Match: Not available
Ipset Match: Not available
CONNMARK Target: Not available
Connmark Match: Not available
Raw Table: Not available
IPP2P Match: Not available
CLASSIFY Target: Not available
Extended REJECT: Not available
Repeat match: Not available
MARK Target: Not available
Mangle FORWARD Chain: Not available
Comments: Not available
Address Type Match: Not available
Determining Zones...
IPv4 Zones: net
Firewall Zone: fw
Validating interfaces file...
Validating hosts file...
Pre-processing Actions...
Pre-processing /usr/share/shorewall/action.Drop...
..Expanding Macro /usr/share/shorewall/macro.Auth...
..End Macro
..Expanding Macro /usr/share/shorewall/macro.AllowICMPs...
..End Macro
..Expanding Macro /usr/share/shorewall/macro.SMB...
..End Macro
..Expanding Macro /usr/share/shorewall/macro.DropUPnP...
..End Macro
..Expanding Macro /usr/share/shorewall/macro.DropDNSrep...
..End Macro
Pre-processing /usr/share/shorewall/action.Reject...
Validating Policy file...
Policy for fw to net is ACCEPT using chain fw2net
Policy for net to fw is DROP using chain net2all
Determining Hosts in Zones...
net Zone: eth2:0.0.0.0/0
Deleting user chains...
Compiling /etc/shorewall/routestopped ...
Creating Interface Chains...
Compiling Common Rules
Adding Anti-smurf Rules
Compiling TCP Flags checking...
Compiling IP Forwarding...
Compiling IPSEC...
Compiling /etc/shorewall/rules...
Compiling Actions...
Generating Transitive Closure of Used-action List...
Compiling /usr/share/shorewall/action.Drop for Chain Drop...
..Expanding Macro /usr/share/shorewall/macro.Auth...
Rule "REJECT - - tcp 113 - -" compiled.
..End Macro
Rule "dropBcast " compiled.
..Expanding Macro /usr/share/shorewall/macro.AllowICMPs...
Rule "ACCEPT - - icmp fragmentation-needed - -" compiled.
Rule "ACCEPT - - icmp time-exceeded - -" compiled.
..End Macro
Rule "dropInvalid " compiled.
..Expanding Macro /usr/share/shorewall/macro.SMB...
Rule "DROP - - udp 135,445 - -" compiled.
Rule "DROP - - udp 137:139 - -" compiled.
Rule "DROP - - udp 1024: 137 -" compiled.
Rule "DROP - - tcp 135,139,445 - -" compiled.
..End Macro
..Expanding Macro /usr/share/shorewall/macro.DropUPnP...
Rule "DROP - - udp 1900 - -" compiled.
..End Macro
Rule "dropNotSyn - - tcp " compiled.
..Expanding Macro /usr/share/shorewall/macro.DropDNSrep...
Rule "DROP - - udp - 53 -" compiled.
..End Macro
Compiling /usr/share/shorewall/action.Reject for Chain Reject...
..Expanding Macro /usr/share/shorewall/macro.Auth...
Rule "REJECT - - tcp 113 - -" compiled.
..End Macro
Rule "dropBcast " compiled.
..Expanding Macro /usr/share/shorewall/macro.AllowICMPs...
Rule "ACCEPT - - icmp fragmentation-needed - -" compiled.
Rule "ACCEPT - - icmp time-exceeded - -" compiled.
..End Macro
Rule "dropInvalid " compiled.
..Expanding Macro /usr/share/shorewall/macro.SMB...
Rule "REJECT - - udp 135,445 - -" compiled.
Rule "REJECT - - udp 137:139 - -" compiled.
Rule "REJECT - - udp 1024: 137 -" compiled.
Rule "REJECT - - tcp 135,139,445 - -" compiled.
..End Macro
..Expanding Macro /usr/share/shorewall/macro.DropUPnP...
Rule "DROP - - udp 1900 - -" compiled.
..End Macro
Rule "dropNotSyn - - tcp " compiled.
..Expanding Macro /usr/share/shorewall/macro.DropDNSrep...
Rule "DROP - - udp - 53 -" compiled.
..End Macro
Compiling /etc/shorewall/policy...
Policy ACCEPT for fw to net using chain fw2net
Compiling Rule Activation...
Shorewall configuration compiled to /var/lib/shorewall/.start
Processing /etc/shorewall/params ...
Starting Shorewall....
Initializing...
Loading Modules...
Processing /etc/shorewall/init ...
Clearing Traffic Control/QOS
Deleting user chains...
iptables v1.3.7: can't initialize iptables table `filter': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
ERROR: Command "/sbin/iptables -P INPUT DROP" Failed
Processing /etc/shorewall/stop ...
ip6tables v1.3.7: can't initialize ip6tables table `filter': Table does not exist (do you need to insmod?)
Perhaps ip6tables or your kernel needs to be upgraded.
ip6tables v1.3.7: can't initialize ip6tables table `filter': Table does not exist (do you need to insmod?)
Perhaps ip6tables or your kernel needs to be upgraded.
ip6tables v1.3.7: can't initialize ip6tables table `filter': Table does not exist (do you need to insmod?)
Perhaps ip6tables or your kernel needs to be upgraded.
ip6tables v1.3.7: can't initialize ip6tables table `filter': Table does not exist (do you need to insmod?)
Perhaps ip6tables or your kernel needs to be upgraded.
ip6tables v1.3.7: can't initialize ip6tables table `filter': Table does not exist (do you need to insmod?)
Perhaps ip6tables or your kernel needs to be upgraded.
ip6tables v1.3.7: can't initialize ip6tables table `filter': Table does not exist (do you need to insmod?)
Perhaps ip6tables or your kernel needs to be upgraded.
ip6tables v1.3.7: can't initialize ip6tables table `filter': Table does not exist (do you need to insmod?)
Perhaps ip6tables or your kernel needs to be upgraded.
iptables v1.3.7: can't initialize iptables table `filter': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
iptables v1.3.7: can't initialize iptables table `filter': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
iptables v1.3.7: can't initialize iptables table `filter': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
iptables v1.3.7: can't initialize iptables table `filter': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
iptables v1.3.7: can't initialize iptables table `filter': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
iptables v1.3.7: can't initialize iptables table `filter': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
iptables v1.3.7: can't initialize iptables table `filter': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
iptables v1.3.7: can't initialize iptables table `filter': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
IP Forwarding Enabled
Processing /etc/shorewall/stopped ...
/sbin/shorewall: line 225: 29565 Terminated ${VARDIR}/.start $debugging start

Seems the problem is in ip_tables

Quote:

Gentoo ~ # iptables -F
iptables v1.3.7: can't initialize iptables table `filter': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.

I've been searching the internet everywhere, recompiled my kernel 5 times and in the end I just copy pasted settings from:
https://forums.gentoo.org/viewtopic-t-449843-highlight-iptables+gentoosources.html

Quote:

#
# Networking options
#
# CONFIG_NETDEBUG is not set
CONFIG_PACKET=y
# CONFIG_PACKET_MMAP is not set
CONFIG_UNIX=y
CONFIG_XFRM=y
# CONFIG_XFRM_USER is not set
# CONFIG_XFRM_SUB_POLICY is not set
# CONFIG_NET_KEY is not set
CONFIG_INET=y
CONFIG_IP_MULTICAST=y
# CONFIG_IP_ADVANCED_ROUTER is not set
CONFIG_IP_FIB_HASH=y
# CONFIG_IP_PNP is not set
# CONFIG_NET_IPIP is not set
CONFIG_NET_IPGRE=y
# CONFIG_NET_IPGRE_BROADCAST is not set
# CONFIG_IP_MROUTE is not set
# CONFIG_ARPD is not set
# CONFIG_SYN_COOKIES is not set
# CONFIG_INET_AH is not set
# CONFIG_INET_ESP is not set
# CONFIG_INET_IPCOMP is not set
# CONFIG_INET_XFRM_TUNNEL is not set
# CONFIG_INET_TUNNEL is not set
CONFIG_INET_XFRM_MODE_TRANSPORT=y
CONFIG_INET_XFRM_MODE_TUNNEL=y
CONFIG_INET_XFRM_MODE_BEET=y
CONFIG_INET_DIAG=y
CONFIG_INET_TCP_DIAG=y
# CONFIG_TCP_CONG_ADVANCED is not set
CONFIG_TCP_CONG_CUBIC=y
CONFIG_DEFAULT_TCP_CONG="cubic"
# CONFIG_TCP_MD5SIG is not set

#
# IP: Virtual Server Configuration
#
# CONFIG_IP_VS is not set
CONFIG_IPV6=y
CONFIG_IPV6_PRIVACY=y
# CONFIG_IPV6_ROUTER_PREF is not set
# CONFIG_INET6_AH is not set
# CONFIG_INET6_ESP is not set
# CONFIG_INET6_IPCOMP is not set
# CONFIG_IPV6_MIP6 is not set
# CONFIG_INET6_XFRM_TUNNEL is not set
# CONFIG_INET6_TUNNEL is not set
CONFIG_INET6_XFRM_MODE_TRANSPORT=y
CONFIG_INET6_XFRM_MODE_TUNNEL=y
CONFIG_INET6_XFRM_MODE_BEET=y
# CONFIG_INET6_XFRM_MODE_ROUTEOPTIMIZATION is not set
CONFIG_IPV6_SIT=y
# CONFIG_IPV6_TUNNEL is not set
# CONFIG_IPV6_MULTIPLE_TABLES is not set
# CONFIG_NETWORK_SECMARK is not set
CONFIG_NETFILTER=y
# CONFIG_NETFILTER_DEBUG is not set

#
# Core Netfilter Configuration
#
# CONFIG_NETFILTER_NETLINK is not set
# CONFIG_NF_CONNTRACK_ENABLED is not set
CONFIG_NETFILTER_XTABLES=m
CONFIG_NETFILTER_XT_TARGET_CLASSIFY=m
CONFIG_NETFILTER_XT_TARGET_MARK=m
CONFIG_NETFILTER_XT_TARGET_NFQUEUE=m
CONFIG_NETFILTER_XT_TARGET_NFLOG=m
CONFIG_NETFILTER_XT_MATCH_COMMENT=m
CONFIG_NETFILTER_XT_MATCH_DCCP=m
CONFIG_NETFILTER_XT_MATCH_DSCP=m
CONFIG_NETFILTER_XT_MATCH_ESP=m
CONFIG_NETFILTER_XT_MATCH_LENGTH=m
CONFIG_NETFILTER_XT_MATCH_LIMIT=m
CONFIG_NETFILTER_XT_MATCH_MAC=m
CONFIG_NETFILTER_XT_MATCH_MARK=m
CONFIG_NETFILTER_XT_MATCH_POLICY=m
CONFIG_NETFILTER_XT_MATCH_MULTIPORT=m
CONFIG_NETFILTER_XT_MATCH_PKTTYPE=m
CONFIG_NETFILTER_XT_MATCH_QUOTA=m
CONFIG_NETFILTER_XT_MATCH_REALM=m
CONFIG_NETFILTER_XT_MATCH_SCTP=m
CONFIG_NETFILTER_XT_MATCH_STATISTIC=m
CONFIG_NETFILTER_XT_MATCH_STRING=m
CONFIG_NETFILTER_XT_MATCH_TCPMSS=m
CONFIG_NETFILTER_XT_MATCH_HASHLIMIT=m

#
# IP: Netfilter Configuration
#
# CONFIG_IP_NF_QUEUE is not set
CONFIG_IP_NF_IPTABLES=m
# CONFIG_IP_NF_MATCH_IPRANGE is not set
# CONFIG_IP_NF_MATCH_TOS is not set
# CONFIG_IP_NF_MATCH_RECENT is not set
# CONFIG_IP_NF_MATCH_ECN is not set
# CONFIG_IP_NF_MATCH_AH is not set
# CONFIG_IP_NF_MATCH_TTL is not set
# CONFIG_IP_NF_MATCH_OWNER is not set
# CONFIG_IP_NF_MATCH_ADDRTYPE is not set
# CONFIG_IP_NF_FILTER is not set
# CONFIG_IP_NF_TARGET_LOG is not set
# CONFIG_IP_NF_TARGET_ULOG is not set
# CONFIG_IP_NF_TARGET_TCPMSS is not set
# CONFIG_IP_NF_MANGLE is not set
# CONFIG_IP_NF_RAW is not set
# CONFIG_IP_NF_ARPTABLES is not set

#
# IPv6: Netfilter Configuration (EXPERIMENTAL)
#
# CONFIG_IP6_NF_QUEUE is not set
CONFIG_IP6_NF_IPTABLES=m
# CONFIG_IP6_NF_MATCH_RT is not set
# CONFIG_IP6_NF_MATCH_OPTS is not set
# CONFIG_IP6_NF_MATCH_FRAG is not set
# CONFIG_IP6_NF_MATCH_HL is not set
# CONFIG_IP6_NF_MATCH_OWNER is not set
# CONFIG_IP6_NF_MATCH_IPV6HEADER is not set
# CONFIG_IP6_NF_MATCH_AH is not set
# CONFIG_IP6_NF_MATCH_EUI64 is not set
# CONFIG_IP6_NF_FILTER is not set
# CONFIG_IP6_NF_MANGLE is not set
# CONFIG_IP6_NF_RAW is not set

But I still get the same error

Code:

Gentoo ~ # modprobe ip_tables
Gentoo ~ # lsmod
Module Size Used by
xt_multiport 2176 0
xt_tcpmss 1280 0
xt_pkttype 1024 0
xt_NFQUEUE 1024 0
xt_NFLOG 1152 0
xt_MARK 1280 0
xt_mark 896 0
xt_mac 1024 0
xt_limit 1280 0
xt_length 1024 0
xt_hashlimit 6028 0
ip6_tables 8520 1 xt_hashlimit
xt_dccp 2052 0
xt_CLASSIFY 896 0
xt_tcpudp 2304 0
ip_tables 7752 0
x_tables 6660 16 xt_multiport,xt_tcpmss,xt_pkttype,xt_NFQUEUE,xt_NFLOG,xt_MARK,xt_mark,xt_mac,xt_limit,xt_length,xt_hashlimit,ip6_tables,xt_dccp,xt_CLASSIFY,xt_tcpudp,ip_tables

It's loaded and all that but still:

Quote:

Gentoo ~ # iptables -F
iptables v1.3.7: can't initialize iptables table `filter': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.

shorewall emerged iptables, so it wasn't before on my system fyi.
_________________
OS: Linux 2.6.26 i686 Gentoo v2.0.0 Sound: HDA Intel
CPU: Intel(R) Pentium(R) M processor 1.73GHz (GenuineIntel)
Disk: 95.23GB Video: ATI Radeon Mobility X700 XL with Catalyst 8.08 RAM: 1011MB

occ
Apprentice

Joined: 06 May 2005
Posts: 202

Posted: Fri Apr 13, 2007 2:38 pm Post subject:

Quote:

iptables v1.3.7: can't initialize iptables table `filter': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.

...

# CONFIG_IP6_NF_FILTER is not set

n3Cre0
Tux's lil' helper

Joined: 16 Jan 2007
Posts: 129

Posted: Fri Apr 13, 2007 5:08 pm Post subject:

K.. I'll recompile with

Quote:

#
# IPv6: Netfilter Configuration (EXPERIMENTAL)
#
# CONFIG_IP6_NF_QUEUE is not set
CONFIG_IP6_NF_IPTABLES=m
# CONFIG_IP6_NF_MATCH_RT is not set
# CONFIG_IP6_NF_MATCH_OPTS is not set
# CONFIG_IP6_NF_MATCH_FRAG is not set
# CONFIG_IP6_NF_MATCH_HL is not set
# CONFIG_IP6_NF_MATCH_OWNER is not set
# CONFIG_IP6_NF_MATCH_IPV6HEADER is not set
# CONFIG_IP6_NF_MATCH_AH is not set
# CONFIG_IP6_NF_MATCH_EUI64 is not set
CONFIG_IP6_NF_FILTER=m
# CONFIG_IP6_NF_MANGLE is not set
# CONFIG_IP6_NF_RAW is not set

and

Quote:

#
# IP: Netfilter Configuration
#
# CONFIG_IP_NF_QUEUE is not set
CONFIG_IP_NF_IPTABLES=m
# CONFIG_IP_NF_MATCH_IPRANGE is not set
# CONFIG_IP_NF_MATCH_TOS is not set
# CONFIG_IP_NF_MATCH_RECENT is not set
# CONFIG_IP_NF_MATCH_ECN is not set
# CONFIG_IP_NF_MATCH_AH is not set
# CONFIG_IP_NF_MATCH_TTL is not set
# CONFIG_IP_NF_MATCH_OWNER is not set
# CONFIG_IP_NF_MATCH_ADDRTYPE is not set
CONFIG_IP_NF_FILTER=m
# CONFIG_IP_NF_TARGET_LOG is not set
# CONFIG_IP_NF_TARGET_ULOG is not set
# CONFIG_IP_NF_TARGET_TCPMSS is not set
# CONFIG_IP_NF_MANGLE is not set
# CONFIG_IP_NF_RAW is not set
# CONFIG_IP_NF_ARPTABLES is not set

Hopefully it works
_________________
OS: Linux 2.6.26 i686 Gentoo v2.0.0 Sound: HDA Intel
CPU: Intel(R) Pentium(R) M processor 1.73GHz (GenuineIntel)
Disk: 95.23GB Video: ATI Radeon Mobility X700 XL with Catalyst 8.08 RAM: 1011MB

occ
Apprentice

Joined: 06 May 2005
Posts: 202

Posted: Fri Apr 13, 2007 6:27 pm Post subject:

if you compile them as modules, make sure you load them. you should also check with shorewall doc, they should list the pre-req. you may need other netfilter nodules. http://www.shorewall.net/kernel.htm

n3Cre0
Tux's lil' helper

Joined: 16 Jan 2007
Posts: 129

Posted: Fri Apr 13, 2007 6:31 pm Post subject:

I did load them.. seemed to work for that error. But now another popped up

Quote:

Gentoo theirman # shorewall start
Compiling...
Loading /usr/share/shorewall/lib.base...
Loading /usr/share/shorewall/lib.config...
Processing /etc/shorewall/params ...
Processing /etc/shorewall/shorewall.conf...
Loading Modules...
Loading library /usr/share/shorewall/lib.actions...
Initializing...
Shorewall has detected the following iptables/netfilter capabilities:
NAT: Not available
Packet Mangling: Not available
Multi-port Match: Available
Extended Multi-port Match: Available
Connection Tracking Match: Not available
Packet Type Match: Available
Policy Match: Available
Physdev Match: Not available
Packet length Match: Available
IP range Match: Not available
Recent Match: Not available
Owner Match: Not available
Ipset Match: Not available
CONNMARK Target: Not available
Connmark Match: Not available
Raw Table: Not available
IPP2P Match: Not available
CLASSIFY Target: Not available
Extended REJECT: Not available
Repeat match: Not available
MARK Target: Not available
Mangle FORWARD Chain: Not available
Comments: Available
Address Type Match: Not available
Determining Zones...
IPv4 Zones: net
Firewall Zone: fw
Validating interfaces file...
Validating hosts file...
Pre-processing Actions...
Pre-processing /usr/share/shorewall/action.Drop...
..Expanding Macro /usr/share/shorewall/macro.Auth...
..End Macro
..Expanding Macro /usr/share/shorewall/macro.AllowICMPs...
..End Macro
..Expanding Macro /usr/share/shorewall/macro.SMB...
..End Macro
..Expanding Macro /usr/share/shorewall/macro.DropUPnP...
..End Macro
..Expanding Macro /usr/share/shorewall/macro.DropDNSrep...
..End Macro
Pre-processing /usr/share/shorewall/action.Reject...
Validating Policy file...
Policy for fw to net is ACCEPT using chain fw2net
Policy for net to fw is DROP using chain net2all
Determining Hosts in Zones...
net Zone: eth2:0.0.0.0/0
Deleting user chains...
Compiling /etc/shorewall/routestopped ...
Creating Interface Chains...
Compiling Common Rules
Adding Anti-smurf Rules
Compiling TCP Flags checking...
Compiling IP Forwarding...
Compiling IPSEC...
Compiling /etc/shorewall/rules...
Compiling Actions...
Generating Transitive Closure of Used-action List...
Compiling /usr/share/shorewall/action.Drop for Chain Drop...
..Expanding Macro /usr/share/shorewall/macro.Auth...
Rule "REJECT - - tcp 113 - -" compiled.
..End Macro
Rule "dropBcast " compiled.
..Expanding Macro /usr/share/shorewall/macro.AllowICMPs...
Rule "ACCEPT - - icmp fragmentation-needed - -" compiled.
Rule "ACCEPT - - icmp time-exceeded - -" compiled.
..End Macro
Rule "dropInvalid " compiled.
..Expanding Macro /usr/share/shorewall/macro.SMB...
Rule "DROP - - udp 135,445 - -" compiled.
Rule "DROP - - udp 137:139 - -" compiled.
Rule "DROP - - udp 1024: 137 -" compiled.
Rule "DROP - - tcp 135,139,445 - -" compiled.
..End Macro
..Expanding Macro /usr/share/shorewall/macro.DropUPnP...
Rule "DROP - - udp 1900 - -" compiled.
..End Macro
Rule "dropNotSyn - - tcp " compiled.
..Expanding Macro /usr/share/shorewall/macro.DropDNSrep...
Rule "DROP - - udp - 53 -" compiled.
..End Macro
Compiling /usr/share/shorewall/action.Reject for Chain Reject...
..Expanding Macro /usr/share/shorewall/macro.Auth...
Rule "REJECT - - tcp 113 - -" compiled.
..End Macro
Rule "dropBcast " compiled.
..Expanding Macro /usr/share/shorewall/macro.AllowICMPs...
Rule "ACCEPT - - icmp fragmentation-needed - -" compiled.
Rule "ACCEPT - - icmp time-exceeded - -" compiled.
..End Macro
Rule "dropInvalid " compiled.
..Expanding Macro /usr/share/shorewall/macro.SMB...
Rule "REJECT - - udp 135,445 - -" compiled.
Rule "REJECT - - udp 137:139 - -" compiled.
Rule "REJECT - - udp 1024: 137 -" compiled.
Rule "REJECT - - tcp 135,139,445 - -" compiled.
..End Macro
..Expanding Macro /usr/share/shorewall/macro.DropUPnP...
Rule "DROP - - udp 1900 - -" compiled.
..End Macro
Rule "dropNotSyn - - tcp " compiled.
..Expanding Macro /usr/share/shorewall/macro.DropDNSrep...
Rule "DROP - - udp - 53 -" compiled.
..End Macro
Compiling /etc/shorewall/policy...
Policy ACCEPT for fw to net using chain fw2net
Compiling Rule Activation...
Shorewall configuration compiled to /var/lib/shorewall/.start
Processing /etc/shorewall/params ...
Starting Shorewall....
Initializing...
Loading Modules...
Processing /etc/shorewall/init ...
Clearing Traffic Control/QOS
Deleting user chains...
iptables: No chain/target/match by that name
ERROR: Command "/sbin/iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT" Failed
Processing /etc/shorewall/stop ...
iptables: No chain/target/match by that name
iptables: No chain/target/match by that name
IP Forwarding Enabled
Processing /etc/shorewall/stopped ...
/sbin/shorewall: line 225: 9542 Terminated ${VARDIR}/.start $debugging start

Here I lost all connectivity. No internet whatsoever.

Quote:

Gentoo theirman # shorewall stop
Loading /usr/share/shorewall/lib.base...
Loading /usr/share/shorewall/lib.config...
Processing /etc/shorewall/params ...
Processing /etc/shorewall/shorewall.conf...
Loading Modules...
Loading library /usr/share/shorewall/lib.actions...
Stopping Shorewall...
Processing /etc/shorewall/stop ...
iptables: No chain/target/match by that name
iptables: No chain/target/match by that name
IP Forwarding Enabled
Processing /etc/shorewall/stopped ...
done.

Didn't help. Had to reboot.
_________________
OS: Linux 2.6.26 i686 Gentoo v2.0.0 Sound: HDA Intel
CPU: Intel(R) Pentium(R) M processor 1.73GHz (GenuineIntel)
Disk: 95.23GB Video: ATI Radeon Mobility X700 XL with Catalyst 8.08 RAM: 1011MB

occ
Apprentice

Joined: 06 May 2005
Posts: 202

Posted: Fri Apr 13, 2007 6:51 pm Post subject:

1/ look at shorewall doc, and configure your kernel based on their recommendations. 2/ you should really learn a bit about iptables, so that you could reverse a mishap without having to reboot. not to mention that eventually your iptables config will be loaded at boot, so rebooting may not solve anything. iptables is not as hard as it seems, really. Ok writing a good set of rules that protect you well do require quite some learning about the intricacy of tcp/ip, but you should really, at the very least, know how to display the actives rules in your iptables, and be able to drop them all manually if something goes wrong. There are few Faq/how-to on the internet (google is your firend), and of course man iptables. It's like counting. First learn how to do you addition and multiplication by yourself, and then use a calculator (shorewall) to do them for you...

n3Cre0
Tux's lil' helper

Joined: 16 Jan 2007
Posts: 129

Posted: Fri Apr 13, 2007 11:02 pm Post subject:

Got it to work - thanks. _________________ OS: Linux 2.6.26 i686 Gentoo v2.0.0 Sound: HDA Intel CPU: Intel(R) Pentium(R) M processor 1.73GHz (GenuineIntel) Disk: 95.23GB Video: ATI Radeon Mobility X700 XL with Catalyst 8.08 RAM: 1011MB

fikiz
Apprentice

Joined: 07 Mar 2005
Posts: 282
Location: Italy

Posted: Sun Jun 17, 2007 1:46 pm Post subject:

Hi all

I read all this thread (and others), I have enabled everything could have sense in my kernel, but iptables still complains:

Code:

# iptables -t nat -L
FATAL: Module ip_tables not found.
iptables v1.3.7: can't initialize iptables table `nat': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.

I'm running kernel 2.6.20-gentoo-r8 and iptables-1.3.7. this is my .config (without commented # lines):

Code:

CONFIG_X86_32=y
CONFIG_GENERIC_TIME=y
CONFIG_LOCKDEP_SUPPORT=y
CONFIG_STACKTRACE_SUPPORT=y
CONFIG_SEMAPHORE_SLEEPERS=y
CONFIG_X86=y
CONFIG_MMU=y
CONFIG_GENERIC_ISA_DMA=y
CONFIG_GENERIC_IOMAP=y
CONFIG_GENERIC_BUG=y
CONFIG_GENERIC_HWEIGHT=y
CONFIG_ARCH_MAY_HAVE_PC_FDC=y
CONFIG_DMI=y
CONFIG_DEFCONFIG_LIST="/lib/modules/$UNAME_RELEASE/.config"

CONFIG_EXPERIMENTAL=y
CONFIG_LOCK_KERNEL=y
CONFIG_INIT_ENV_ARG_LIMIT=32

CONFIG_LOCALVERSION=""
CONFIG_LOCALVERSION_AUTO=y
CONFIG_SWAP=y
CONFIG_SYSVIPC=y
CONFIG_POSIX_MQUEUE=y
CONFIG_IKCONFIG=y
CONFIG_IKCONFIG_PROC=y
CONFIG_INITRAMFS_SOURCE=""
CONFIG_SYSCTL=y
CONFIG_UID16=y
CONFIG_SYSCTL_SYSCALL=y
CONFIG_KALLSYMS=y
CONFIG_HOTPLUG=y
CONFIG_PRINTK=y
CONFIG_BUG=y
CONFIG_ELF_CORE=y
CONFIG_BASE_FULL=y
CONFIG_FUTEX=y
CONFIG_EPOLL=y
CONFIG_SHMEM=y
CONFIG_SLAB=y
CONFIG_VM_EVENT_COUNTERS=y
CONFIG_RT_MUTEXES=y
CONFIG_BASE_SMALL=0

CONFIG_MODULES=y
CONFIG_MODULE_UNLOAD=y
CONFIG_KMOD=y
CONFIG_STOP_MACHINE=y

CONFIG_BLOCK=y

CONFIG_IOSCHED_NOOP=y
CONFIG_IOSCHED_AS=y
CONFIG_IOSCHED_DEADLINE=y
CONFIG_IOSCHED_CFQ=y
CONFIG_DEFAULT_AS=y
CONFIG_DEFAULT_IOSCHED="anticipatory"

CONFIG_SMP=y
CONFIG_X86_PC=y
CONFIG_MCORE2=y
CONFIG_X86_CMPXCHG=y
CONFIG_X86_XADD=y
CONFIG_X86_L1_CACHE_SHIFT=6
CONFIG_RWSEM_XCHGADD_ALGORITHM=y
CONFIG_GENERIC_CALIBRATE_DELAY=y
CONFIG_X86_WP_WORKS_OK=y
CONFIG_X86_INVLPG=y
CONFIG_X86_BSWAP=y
CONFIG_X86_POPAD_OK=y
CONFIG_X86_CMPXCHG64=y
CONFIG_X86_GOOD_APIC=y
CONFIG_X86_INTEL_USERCOPY=y
CONFIG_X86_USE_PPRO_CHECKSUM=y
CONFIG_X86_TSC=y
CONFIG_HPET_TIMER=y
CONFIG_HPET_EMULATE_RTC=y
CONFIG_NR_CPUS=2
CONFIG_SCHED_MC=y
CONFIG_PREEMPT_VOLUNTARY=y
CONFIG_PREEMPT_BKL=y
CONFIG_X86_LOCAL_APIC=y
CONFIG_X86_IO_APIC=y
CONFIG_X86_MCE=y
CONFIG_X86_MCE_NONFATAL=y
CONFIG_X86_MCE_P4THERMAL=y
CONFIG_VM86=y
CONFIG_MICROCODE=y
CONFIG_MICROCODE_OLD_INTERFACE=y
CONFIG_X86_MSR=y
CONFIG_X86_CPUID=y

CONFIG_HIGHMEM4G=y
CONFIG_PAGE_OFFSET=0xC0000000
CONFIG_HIGHMEM=y
CONFIG_ARCH_FLATMEM_ENABLE=y
CONFIG_ARCH_SPARSEMEM_ENABLE=y
CONFIG_ARCH_SELECT_MEMORY_MODEL=y
CONFIG_ARCH_POPULATES_NODE_MAP=y
CONFIG_SELECT_MEMORY_MODEL=y
CONFIG_FLATMEM_MANUAL=y
CONFIG_FLATMEM=y
CONFIG_FLAT_NODE_MEM_MAP=y
CONFIG_SPARSEMEM_STATIC=y
CONFIG_SPLIT_PTLOCK_CPUS=4
CONFIG_RESOURCES_64BIT=y
CONFIG_MTRR=y
CONFIG_SECCOMP=y
CONFIG_HZ_250=y
CONFIG_HZ=250
CONFIG_PHYSICAL_START=0x100000
CONFIG_PHYSICAL_ALIGN=0x100000
CONFIG_COMPAT_VDSO=y
CONFIG_ARCH_ENABLE_MEMORY_HOTPLUG=y

CONFIG_PM=y
CONFIG_PM_LEGACY=y
CONFIG_PM_SYSFS_DEPRECATED=y

CONFIG_ACPI=y
CONFIG_ACPI_BUTTON=m
CONFIG_ACPI_VIDEO=m
CONFIG_ACPI_FAN=m
CONFIG_ACPI_PROCESSOR=y
CONFIG_ACPI_THERMAL=y
CONFIG_ACPI_BLACKLIST_YEAR=2001
CONFIG_ACPI_DEBUG=y
CONFIG_ACPI_EC=y
CONFIG_ACPI_POWER=y
CONFIG_ACPI_SYSTEM=y
CONFIG_X86_PM_TIMER=y

CONFIG_CPU_FREQ=y
CONFIG_CPU_FREQ_TABLE=y
CONFIG_CPU_FREQ_STAT=y
CONFIG_CPU_FREQ_STAT_DETAILS=y
CONFIG_CPU_FREQ_DEFAULT_GOV_PERFORMANCE=y
CONFIG_CPU_FREQ_GOV_PERFORMANCE=y
CONFIG_CPU_FREQ_GOV_POWERSAVE=m
CONFIG_CPU_FREQ_GOV_USERSPACE=m
CONFIG_CPU_FREQ_GOV_ONDEMAND=m
CONFIG_CPU_FREQ_GOV_CONSERVATIVE=m

CONFIG_X86_ACPI_CPUFREQ=y

CONFIG_X86_ACPI_CPUFREQ_PROC_INTF=y

CONFIG_PCI=y
CONFIG_PCI_GOANY=y
CONFIG_PCI_BIOS=y
CONFIG_PCI_DIRECT=y
CONFIG_PCI_MMCONFIG=y
CONFIG_PCIEPORTBUS=y
CONFIG_PCIEAER=y
CONFIG_PCI_MSI=y
CONFIG_HT_IRQ=y
CONFIG_ISA_DMA_API=y

CONFIG_BINFMT_ELF=y

CONFIG_NET=y

CONFIG_PACKET=y
CONFIG_UNIX=y
CONFIG_XFRM=y
CONFIG_INET=y
CONFIG_IP_MULTICAST=y
CONFIG_IP_ADVANCED_ROUTER=y
CONFIG_ASK_IP_FIB_HASH=y
CONFIG_IP_FIB_HASH=y
CONFIG_IP_PNP=y
CONFIG_IP_PNP_DHCP=y
CONFIG_NET_IPIP=m
CONFIG_INET_TUNNEL=m
CONFIG_INET_XFRM_MODE_TRANSPORT=y
CONFIG_INET_XFRM_MODE_TUNNEL=y
CONFIG_INET_DIAG=y
CONFIG_INET_TCP_DIAG=y
CONFIG_TCP_CONG_CUBIC=y
CONFIG_DEFAULT_TCP_CONG="cubic"

CONFIG_IPV6=y
CONFIG_INET6_XFRM_MODE_TRANSPORT=y
CONFIG_INET6_XFRM_MODE_TUNNEL=y
CONFIG_IPV6_SIT=y
CONFIG_NETFILTER=y
CONFIG_NETFILTER_DEBUG=y

CONFIG_NETFILTER_NETLINK=y
CONFIG_NF_CONNTRACK_ENABLED=y
CONFIG_NF_CONNTRACK_SUPPORT=y
CONFIG_NF_CONNTRACK=y
CONFIG_NF_CT_ACCT=y
CONFIG_NF_CONNTRACK_MARK=y
CONFIG_NF_CONNTRACK_FTP=m
CONFIG_NETFILTER_XTABLES=y
CONFIG_NETFILTER_XT_TARGET_CLASSIFY=y
CONFIG_NETFILTER_XT_TARGET_CONNMARK=y
CONFIG_NETFILTER_XT_TARGET_MARK=y
CONFIG_NETFILTER_XT_TARGET_NFQUEUE=y
CONFIG_NETFILTER_XT_TARGET_NFLOG=y
CONFIG_NETFILTER_XT_TARGET_NOTRACK=y
CONFIG_NETFILTER_XT_MATCH_COMMENT=y
CONFIG_NETFILTER_XT_MATCH_CONNBYTES=y
CONFIG_NETFILTER_XT_MATCH_CONNMARK=y
CONFIG_NETFILTER_XT_MATCH_CONNTRACK=y
CONFIG_NETFILTER_XT_MATCH_DCCP=y
CONFIG_NETFILTER_XT_MATCH_DSCP=y
CONFIG_NETFILTER_XT_MATCH_ESP=y
CONFIG_NETFILTER_XT_MATCH_HELPER=y
CONFIG_NETFILTER_XT_MATCH_LENGTH=y
CONFIG_NETFILTER_XT_MATCH_LIMIT=y
CONFIG_NETFILTER_XT_MATCH_MAC=y
CONFIG_NETFILTER_XT_MATCH_MARK=y
CONFIG_NETFILTER_XT_MATCH_POLICY=m
CONFIG_NETFILTER_XT_MATCH_MULTIPORT=y
CONFIG_NETFILTER_XT_MATCH_PKTTYPE=m
CONFIG_NETFILTER_XT_MATCH_QUOTA=m
CONFIG_NETFILTER_XT_MATCH_REALM=y
CONFIG_NETFILTER_XT_MATCH_SCTP=m
CONFIG_NETFILTER_XT_MATCH_STATE=y
CONFIG_NETFILTER_XT_MATCH_STATISTIC=y
CONFIG_NETFILTER_XT_MATCH_STRING=y
CONFIG_NETFILTER_XT_MATCH_TCPMSS=y
CONFIG_NETFILTER_XT_MATCH_HASHLIMIT=y

CONFIG_IP_NF_IPTABLES=y
CONFIG_IP_NF_MATCH_IPRANGE=y
CONFIG_IP_NF_MATCH_TOS=y
CONFIG_IP_NF_MATCH_RECENT=y
CONFIG_IP_NF_MATCH_ECN=y
CONFIG_IP_NF_MATCH_AH=y
CONFIG_IP_NF_MATCH_TTL=y
CONFIG_IP_NF_MATCH_OWNER=y
CONFIG_IP_NF_MATCH_ADDRTYPE=y
CONFIG_IP_NF_FILTER=y
CONFIG_IP_NF_TARGET_REJECT=y
CONFIG_IP_NF_TARGET_LOG=y
CONFIG_IP_NF_TARGET_ULOG=y
CONFIG_IP_NF_TARGET_TCPMSS=y
CONFIG_IP_NF_MANGLE=y
CONFIG_IP_NF_TARGET_TOS=y
CONFIG_IP_NF_TARGET_ECN=y
CONFIG_IP_NF_TARGET_TTL=y
CONFIG_IP_NF_RAW=y
CONFIG_IP_NF_ARPTABLES=y
CONFIG_IP_NF_ARPFILTER=y
CONFIG_IP_NF_ARP_MANGLE=y

CONFIG_NET_CLS_ROUTE=y

CONFIG_BT=m

CONFIG_IEEE80211=m
CONFIG_IEEE80211_CRYPT_WEP=m
CONFIG_IEEE80211_CRYPT_CCMP=m
CONFIG_IEEE80211_SOFTMAC=m
CONFIG_WIRELESS_EXT=y

CONFIG_STANDALONE=y
CONFIG_PREVENT_FIRMWARE_BUILD=y
CONFIG_FW_LOADER=y

CONFIG_PARPORT=m
CONFIG_PARPORT_PC=m

CONFIG_PNP=y

CONFIG_PNPACPI=y

CONFIG_BLK_DEV_FD=m
CONFIG_BLK_DEV_LOOP=y
CONFIG_BLK_DEV_NBD=m
CONFIG_BLK_DEV_UB=m
CONFIG_BLK_DEV_RAM=y
CONFIG_BLK_DEV_RAM_COUNT=16
CONFIG_BLK_DEV_RAM_SIZE=4096
CONFIG_BLK_DEV_RAM_BLOCKSIZE=1024
CONFIG_BLK_DEV_INITRD=y
CONFIG_CDROM_PKTCDVD=y
CONFIG_CDROM_PKTCDVD_BUFFERS=16
CONFIG_ATA_OVER_ETH=m

CONFIG_IDE=y
CONFIG_BLK_DEV_IDE=y

CONFIG_BLK_DEV_IDEDISK=y
CONFIG_IDEDISK_MULTI_MODE=y
CONFIG_BLK_DEV_IDECD=y
CONFIG_BLK_DEV_IDESCSI=m

CONFIG_IDE_GENERIC=y
CONFIG_BLK_DEV_IDEPCI=y
CONFIG_BLK_DEV_GENERIC=y
CONFIG_BLK_DEV_IDEDMA_PCI=y
CONFIG_IDEDMA_PCI_AUTO=y
CONFIG_BLK_DEV_PIIX=y
CONFIG_BLK_DEV_IT821X=y
CONFIG_BLK_DEV_IDEDMA=y
CONFIG_IDEDMA_AUTO=y

CONFIG_SCSI=y
CONFIG_SCSI_NETLINK=y

CONFIG_BLK_DEV_SD=y
CONFIG_BLK_DEV_SR=y
CONFIG_CHR_DEV_SG=y

CONFIG_SCSI_SPI_ATTRS=y
CONFIG_SCSI_FC_ATTRS=y

CONFIG_BLK_DEV_3W_XXXX_RAID=y
CONFIG_SCSI_AIC7XXX=y
CONFIG_AIC7XXX_CMDS_PER_DEVICE=32
CONFIG_AIC7XXX_RESET_DELAY_MS=5000
CONFIG_AIC7XXX_DEBUG_ENABLE=y
CONFIG_AIC7XXX_DEBUG_MASK=0
CONFIG_AIC7XXX_REG_PRETTY_PRINT=y
CONFIG_SCSI_AIC79XX=y
CONFIG_AIC79XX_CMDS_PER_DEVICE=32
CONFIG_AIC79XX_RESET_DELAY_MS=4000
CONFIG_AIC79XX_DEBUG_MASK=0

CONFIG_ATA=y
CONFIG_SATA_AHCI=y
CONFIG_ATA_PIIX=y
CONFIG_SATA_INTEL_COMBINED=y
CONFIG_PATA_MPIIX=y

CONFIG_MD=y
CONFIG_BLK_DEV_MD=y
CONFIG_MD_LINEAR=y
CONFIG_MD_RAID0=y
CONFIG_MD_RAID1=y
CONFIG_MD_RAID10=m
CONFIG_MD_RAID456=m
CONFIG_MD_RAID5_RESHAPE=y
CONFIG_BLK_DEV_DM=y
CONFIG_DM_CRYPT=m
CONFIG_DM_SNAPSHOT=m
CONFIG_DM_MIRROR=m
CONFIG_DM_ZERO=m
CONFIG_BLK_DEV_DM_BBR=m

CONFIG_FUSION=y
CONFIG_FUSION_SPI=y
CONFIG_FUSION_MAX_SGE=128

CONFIG_IEEE1394=m

CONFIG_IEEE1394_EXTRA_CONFIG_ROMS=y
CONFIG_IEEE1394_CONFIG_ROM_IP1394=y

CONFIG_IEEE1394_OHCI1394=m

CONFIG_IEEE1394_VIDEO1394=m
CONFIG_IEEE1394_SBP2=m
CONFIG_IEEE1394_ETH1394=m
CONFIG_IEEE1394_RAWIO=m

CONFIG_NETDEVICES=y
CONFIG_DUMMY=m
CONFIG_TUN=m

CONFIG_NET_ETHERNET=y
CONFIG_MII=y

CONFIG_NET_TULIP=y
CONFIG_TULIP=y
CONFIG_NET_PCI=y
CONFIG_E100=m
CONFIG_8139TOO=m
CONFIG_8139TOO_PIO=y

CONFIG_DL2K=m
CONFIG_E1000=m
CONFIG_R8169=m
CONFIG_SKY2=y

CONFIG_NET_RADIO=y

CONFIG_USB_ZD1201=m
CONFIG_ZD1211RW=m
CONFIG_NET_WIRELESS=y

CONFIG_PLIP=m
CONFIG_PPP=m
CONFIG_SLIP=m
CONFIG_SLHC=m
CONFIG_NETCONSOLE=y
CONFIG_NETPOLL=y
CONFIG_NET_POLL_CONTROLLER=y

CONFIG_INPUT=y

CONFIG_INPUT_MOUSEDEV=y
CONFIG_INPUT_MOUSEDEV_PSAUX=y
CONFIG_INPUT_MOUSEDEV_SCREEN_X=1024
CONFIG_INPUT_MOUSEDEV_SCREEN_Y=768
CONFIG_INPUT_EVDEV=m

CONFIG_INPUT_KEYBOARD=y
CONFIG_KEYBOARD_ATKBD=y
CONFIG_INPUT_MOUSE=y
CONFIG_MOUSE_PS2=y

CONFIG_SERIO=y
CONFIG_SERIO_I8042=y
CONFIG_SERIO_LIBPS2=y

CONFIG_VT=y
CONFIG_VT_CONSOLE=y
CONFIG_HW_CONSOLE=y

CONFIG_SERIAL_8250=y
CONFIG_SERIAL_8250_CONSOLE=y
CONFIG_SERIAL_8250_PCI=y
CONFIG_SERIAL_8250_PNP=y
CONFIG_SERIAL_8250_NR_UARTS=4
CONFIG_SERIAL_8250_RUNTIME_UARTS=4

CONFIG_SERIAL_CORE=y
CONFIG_SERIAL_CORE_CONSOLE=y
CONFIG_UNIX98_PTYS=y
CONFIG_LEGACY_PTYS=y
CONFIG_LEGACY_PTY_COUNT=256
CONFIG_PRINTER=m

CONFIG_HW_RANDOM=y
CONFIG_HW_RANDOM_INTEL=y
CONFIG_HW_RANDOM_AMD=y
CONFIG_HW_RANDOM_GEODE=y
CONFIG_HW_RANDOM_VIA=y
CONFIG_RTC=y
CONFIG_DRM=m
CONFIG_RAW_DRIVER=y
CONFIG_MAX_RAW_DEVS=256
CONFIG_HPET=y
CONFIG_HPET_MMAP=y
CONFIG_HANGCHECK_TIMER=y

CONFIG_I2C=m
CONFIG_I2C_CHARDEV=m

CONFIG_I2C_ALGOBIT=m
CONFIG_I2C_ALGOPCF=m
CONFIG_I2C_ALGOPCA=m

CONFIG_I2C_I801=m
CONFIG_I2C_I810=m
CONFIG_I2C_PIIX4=m
CONFIG_I2C_ISA=m

CONFIG_SENSORS_EEPROM=m

CONFIG_HWMON=m
CONFIG_HWMON_VID=m
CONFIG_SENSORS_W83781D=m
CONFIG_SENSORS_W83791D=m
CONFIG_SENSORS_W83792D=m
CONFIG_SENSORS_W83793=m
CONFIG_SENSORS_W83L785TS=m
CONFIG_SENSORS_W83627HF=m
CONFIG_SENSORS_W83627EHF=m

CONFIG_VIDEO_DEV=m
CONFIG_VIDEO_V4L1=y
CONFIG_VIDEO_V4L1_COMPAT=y
CONFIG_VIDEO_V4L2=y

CONFIG_VIDEO_HELPER_CHIPS_AUTO=y

CONFIG_FIRMWARE_EDID=y
CONFIG_VIDEO_SELECT=y

CONFIG_VGA_CONSOLE=y
CONFIG_VGACON_SOFT_SCROLLBACK=y
CONFIG_VGACON_SOFT_SCROLLBACK_SIZE=128
CONFIG_DUMMY_CONSOLE=y

CONFIG_SOUND=y

CONFIG_SND=m
CONFIG_SND_TIMER=m
CONFIG_SND_PCM=m
CONFIG_SND_HWDEP=m
CONFIG_SND_RAWMIDI=m
CONFIG_SND_SEQUENCER=m
CONFIG_SND_SEQ_DUMMY=m
CONFIG_SND_OSSEMUL=y
CONFIG_SND_MIXER_OSS=m
CONFIG_SND_PCM_OSS=m
CONFIG_SND_PCM_OSS_PLUGINS=y
CONFIG_SND_RTCTIMER=m
CONFIG_SND_SEQ_RTCTIMER_DEFAULT=y
CONFIG_SND_SUPPORT_OLD_API=y
CONFIG_SND_VERBOSE_PROCFS=y

CONFIG_SND_AC97_CODEC=m

CONFIG_SND_BT87X=m
CONFIG_SND_CA0106=m
CONFIG_SND_ENS1370=m
CONFIG_SND_ENS1371=m
CONFIG_SND_HDA_INTEL=m
CONFIG_SND_AC97_POWER_SAVE=y

CONFIG_SND_USB_AUDIO=m
CONFIG_SND_USB_USX2Y=m

CONFIG_AC97_BUS=m

CONFIG_HID=y

CONFIG_USB_ARCH_HAS_HCD=y
CONFIG_USB_ARCH_HAS_OHCI=y
CONFIG_USB_ARCH_HAS_EHCI=y
CONFIG_USB=y

CONFIG_USB_DEVICEFS=y

CONFIG_USB_EHCI_HCD=y
CONFIG_USB_OHCI_HCD=y
CONFIG_USB_OHCI_LITTLE_ENDIAN=y
CONFIG_USB_UHCI_HCD=y

CONFIG_USB_PRINTER=y

CONFIG_USB_STORAGE=y

CONFIG_USB_HID=y

CONFIG_USB_MON=y

CONFIG_EXT2_FS=y
CONFIG_EXT2_FS_XATTR=y
CONFIG_EXT2_FS_POSIX_ACL=y
CONFIG_EXT3_FS=y
CONFIG_EXT3_FS_XATTR=y
CONFIG_EXT3_FS_POSIX_ACL=y
CONFIG_JBD=y
CONFIG_FS_MBCACHE=y
CONFIG_REISERFS_FS=y
CONFIG_REISERFS_FS_XATTR=y
CONFIG_REISERFS_FS_POSIX_ACL=y
CONFIG_JFS_FS=m
CONFIG_FS_POSIX_ACL=y
CONFIG_XFS_FS=m
CONFIG_INOTIFY=y
CONFIG_INOTIFY_USER=y
CONFIG_DNOTIFY=y
CONFIG_AUTOFS4_FS=y
CONFIG_GENERIC_ACL=y

CONFIG_ISO9660_FS=y
CONFIG_JOLIET=y
CONFIG_UDF_FS=y
CONFIG_UDF_NLS=y

CONFIG_FAT_FS=y
CONFIG_MSDOS_FS=y
CONFIG_VFAT_FS=y
CONFIG_FAT_DEFAULT_CODEPAGE=437
CONFIG_FAT_DEFAULT_IOCHARSET="iso8859-1"
CONFIG_NTFS_FS=m
CONFIG_NTFS_RW=y

CONFIG_PROC_FS=y
CONFIG_PROC_KCORE=y
CONFIG_PROC_SYSCTL=y
CONFIG_SYSFS=y
CONFIG_TMPFS=y
CONFIG_TMPFS_POSIX_ACL=y
CONFIG_HUGETLBFS=y
CONFIG_HUGETLB_PAGE=y
CONFIG_RAMFS=y

CONFIG_NFS_FS=y
CONFIG_NFS_V3=y
CONFIG_NFSD=y
CONFIG_NFSD_V3=y
CONFIG_NFSD_TCP=y
CONFIG_ROOT_NFS=y
CONFIG_LOCKD=y
CONFIG_LOCKD_V4=y
CONFIG_EXPORTFS=y
CONFIG_NFS_COMMON=y
CONFIG_SUNRPC=y
CONFIG_SMB_FS=m
CONFIG_CIFS=m
CONFIG_CODA_FS=m
CONFIG_CODA_FS_OLD_API=y
CONFIG_AFS_FS=m
CONFIG_RXRPC=m

CONFIG_MSDOS_PARTITION=y

CONFIG_NLS=y
CONFIG_NLS_DEFAULT="iso8859-1"
CONFIG_NLS_CODEPAGE_437=y
CONFIG_NLS_CODEPAGE_850=y
CONFIG_NLS_ASCII=y
CONFIG_NLS_ISO8859_1=y
CONFIG_NLS_ISO8859_15=y
CONFIG_NLS_UTF8=y

CONFIG_PROFILING=y
CONFIG_OPROFILE=y
CONFIG_KPROBES=y

CONFIG_TRACE_IRQFLAGS_SUPPORT=y
CONFIG_MAGIC_SYSRQ=y
CONFIG_UNUSED_SYMBOLS=y
CONFIG_LOG_BUF_SHIFT=15
CONFIG_DEBUG_BUGVERBOSE=y
CONFIG_EARLY_PRINTK=y
CONFIG_X86_FIND_SMP_CONFIG=y
CONFIG_X86_MPPARSE=y
CONFIG_DOUBLEFAULT=y

CONFIG_CRYPTO=y
CONFIG_CRYPTO_ALGAPI=m
CONFIG_CRYPTO_BLKCIPHER=m
CONFIG_CRYPTO_MANAGER=m
CONFIG_CRYPTO_SHA1=m
CONFIG_CRYPTO_SHA256=m
CONFIG_CRYPTO_ECB=m
CONFIG_CRYPTO_CBC=m
CONFIG_CRYPTO_AES=m
CONFIG_CRYPTO_ARC4=m

CONFIG_CRYPTO_DEV_PADLOCK=m
CONFIG_CRYPTO_DEV_PADLOCK_AES=m
CONFIG_CRYPTO_DEV_PADLOCK_SHA=m
CONFIG_CRYPTO_DEV_GEODE=m

CONFIG_BITREVERSE=y
CONFIG_CRC32=y
CONFIG_TEXTSEARCH=y
CONFIG_TEXTSEARCH_KMP=y
CONFIG_TEXTSEARCH_BM=y
CONFIG_TEXTSEARCH_FSM=y
CONFIG_PLIST=y
CONFIG_IOMAP_COPY=y
CONFIG_GENERIC_HARDIRQS=y
CONFIG_GENERIC_IRQ_PROBE=y
CONFIG_GENERIC_PENDING_IRQ=y
CONFIG_X86_SMP=y
CONFIG_X86_HT=y
CONFIG_X86_BIOS_REBOOT=y
CONFIG_X86_TRAMPOLINE=y
CONFIG_KTIME_SCALAR=y

thanks for your help.

godish
n00b
n00b

Joined: 05 Oct 2004
Posts: 50
Location: Boston MA

Posted: Sun Jun 17, 2007 1:59 pm Post subject:

Code:

Networking -> Networking Options ->Network packet filtering framework (Netfilter) -> IP: Netfilter Configuration -> IPv4 connection tracking support (required for NAT) :-)

Needs to be checked....
_________________
Nobody makes me bleed my own blood... NOBODY!

fikiz
Apprentice

Joined: 07 Mar 2005
Posts: 282
Location: Italy

Posted: Mon Jun 18, 2007 6:07 pm Post subject:

what a stupid I am... you're right. thanks.

Display posts from previous:

	Gentoo Forums Forum Index Networking & Security	All times are GMT
Page 1 of 1

Jump to:

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Copyright 2001-2025 Gentoo Foundation, Inc. Designed by Kyle Manna © 2003; Style derived from original subSilver theme. | Hosting by Gossamer Threads Inc. © | Powered by phpBB 2.0.23-gentoo-p11 © 2001, 2002 phpBB Group
Privacy Policy