Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-hardened

From: Jason Booth <jbooth@××××××××××××××××.net>
To: gentoo-hardened@l.g.o
Subject: Re: [gentoo-hardened] loss of stateful iptables 2.6.17-hardened-r1 - 64bit
Date: Mon, 23 Oct 2006 19:10:08
Message-Id: 200610231308.55515.jbooth@hyperintelligent.net
In Reply to: Re: [gentoo-hardened] loss of stateful iptables 2.6.17-hardened-r1 - 64bit by John Schember
1 On Monday 23 October 2006 07:33, John Schember wrote:
2 > This is an issue related to you alone, I'm running a 64 bit hardened
3 > install and am not having any issues with -m state. It looks like you
4 > missed an option in your kernel. You either don't have support enabled
5 > or if it's a module you don't have it loaded.
6 > Check:
7 > Networking --->
8 > Networking option --->
9 > [*] Network packet filtering (replaces ipchains) --->
10 > Core Netfilter Configuration --->
11 > <*> Netfilter Xtables support (required for ip_tables)
12 > <*> "state" match support
13 Yeah that's exactly what i thought only match wasn't an option in the config
14 this time... possibly something got messed up in patching to disable the
15 option. I'll wipe the tarball and try again tonight.
16
17 thanks,
18 Jason
19 >
20 > John Schember
21 >
22 > On Mon, 2006-10-23 at 00:38 -0600, Jason Booth wrote:
23 > > Ever since I got this comp about a month ago, my firewall script no
24 > > longer works. basically, anything that uses -m state --state fails:
25 > >
26 > > lazybird ~ # iptables -I INPUT -m state --state RELATED,ESTABLISHED -j
27 > > ACCEPT iptables: No chain/target/match by that name
28 > >
29 > > This has only happened with 64-bit and hardened kernel. I believe I put
30 > > in support for all the modules both in Xtables and IPtables (compiled in
31 > > kernel, not as modules)
32 > >
33 > > Is this a known issue or has anyone had this problem?
34 > >
35 > > TIA,
36 > > Jason
37 > >
38 > > 2.6.17-hardened-r1 x86_64 AMD Athlon(tm) 64 Processor 3500+
39 > > --
40 > > gpg public key:
41 > > http://lazybird.hyperintelligent.net/~jbooth/jbooth_key.asc
42
43 --
44 gpg public key: http://lazybird.hyperintelligent.net/~jbooth/jbooth_key.asc
45 --
46 gentoo-hardened@g.o mailing list

Replies

Subject Author
Re: [gentoo-hardened] loss of stateful iptables 2.6.17-hardened-r1 - 64bit "Marek Wróbel" <smbmarek@×××××××××××.pl>
Report Message
Find on MARC Find on Google Groups