Networking Forums
Home Register Members Search Links
Member Login:

Networking Forums > Computer Networking > Linux Networking > bridging fw + ip_conntrack didn't work

Reply
Thread Tools Display Modes

bridging fw + ip_conntrack didn't work

 
 
Marco Mueller
Guest
Posts: n/a

 
      07-01-2004, 01:04 PM
hello,

i'm using debian with the 2.4.18 kernel and the briding-fw patch.
I have complile a new kernel with the right options (i think it)...

But the conntraking didn't work :-(

Any idea??


CONFIG_IP_NF_CONNTRACK=y
CONFIG_IP_NF_FTP=y
CONFIG_IP_NF_IRC=y
CONFIG_IP_NF_IPTABLES=y
CONFIG_IP_NF_MATCH_LIMIT=y
CONFIG_IP_NF_MATCH_MAC=y
CONFIG_IP_NF_MATCH_MARK=y
CONFIG_IP_NF_MATCH_MULTIPORT=y
CONFIG_IP_NF_MATCH_TOS=y
CONFIG_IP_NF_MATCH_AH_ESP=y
CONFIG_IP_NF_MATCH_LENGTH=y
CONFIG_IP_NF_MATCH_TTL=y
CONFIG_IP_NF_MATCH_TCPMSS=y
CONFIG_IP_NF_MATCH_STATE=y
CONFIG_IP_NF_FILTER=y
CONFIG_IP_NF_TARGET_REJECT=y
CONFIG_IP_NF_NAT=y
CONFIG_IP_NF_NAT_NEEDED=y
CONFIG_IP_NF_TARGET_MASQUERADE=y
CONFIG_IP_NF_TARGET_REDIRECT=y
CONFIG_IP_NF_NAT_IRC=y
CONFIG_IP_NF_NAT_FTP=y
CONFIG_IP_NF_MANGLE=y
CONFIG_IP_NF_TARGET_TOS=y
CONFIG_IP_NF_TARGET_MARK=y
CONFIG_IP_NF_TARGET_LOG=y
CONFIG_IP_NF_TARGET_ULOG=y
CONFIG_IP_NF_TARGET_TCPMSS=y


I i using a statefule rule, i became a warning like this:
iptables: No chain/target/match by that name

Thank you.

Regards,

Marco
 
Reply With Quote
 
 
 
 
jack
Guest
Posts: n/a

 
      07-01-2004, 04:14 PM
And, please don't multi-post. I already gave this answer in cols.
Try to cross-post instead, as I'm wondering how this should be a
security issue anyways.

Marco Mueller wrote:

> hello,
>
> i'm using debian with the 2.4.18 kernel and the briding-fw patch.
> I have complile a new kernel with the right options (i think it)...
>
> But the conntraking didn't work :-(


[snip]

> I i using a statefule rule, i became a warning like this:
> iptables: No chain/target/match by that name


Well,

To start with, what exactly are You trying to do...? - WHAT _exactly_
is the "stateful rule" You are referring to? [First off, check that one
for typos.]

Normally, there is nothing like connection tracking when bridging net-
works together.

Again, You must be more specific about Your problem and Your environ-
ment, respectively.


Cheers, Jack.

--
----------------------------------------------------------------------
My personal reading of the string "MicroSoft" expands to "NanoWeak"...
 
Reply With Quote
Reply

« Protecting against TCP ACK floods (mstream) | Odd linux networking problem »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
tcp timeouts and ip_conntrack nsa.usa@gmail.com Linux Networking 1 04-09-2007 06:49 PM
ip_conntrack garbage Jim Garrison Linux Networking 6 01-02-2006 01:32 PM
VPN Site-to-site stops working after applying SP1 - HotFix 8976651 didn't work! |mouse| Windows Networking 3 09-22-2005 09:19 PM
Didn't Unplug/Eject PCI card, now it won't work. Aladdin Wireless Internet 4 08-06-2004 01:37 PM
HELP! network reconfig didn't work Mark Parker Linux Networking 1 11-20-2003 05:04 PM


Forum Software Powered by vBulletin®, Copyright Jelsoft Enterprises Ltd.
SEO by vBSEO 3.3.2 ©2009, Crawlability, Inc.
Contact Us - Archive - Privacy Statement - Top

1 2 3 4 5 6 7 8 9 10 11