Gentoo Archives: gentoo-user

From: Holly Bostick <motub@××××××.nl>
To: gentoo-user@l.g.o
Subject: Re: [gentoo-user] OT - ipkungfu
Date: Wed, 11 Jan 2006 21:55:11
Message-Id: 43C57B5C.2020904@planet.nl
In Reply to: [gentoo-user] OT - ipkungfu by Michael Sullivan
1 Michael Sullivan schreef:
2 > I'm trying to install ipkungfoo on my server box. I followed the
3 > instructions in the README file. When I went to start it, it gave me
4 > a string of errors, that I'm not sure how to fix:
5 >
6 > bullet ipkungfu # ipkungfu Checking configuration... FATAL: Module
7 > ip_tables not found. iptables v1.3.4: can't initialize iptables table
8 > `filter': iptables who? (do you need to insmod?) Perhaps iptables or
9 > your kernel needs to be upgraded.
10 >
11 > ipkungfu can't create new chains or the script was interrupted
12 > previously! Flushing iptables rulesets... FATAL: Module ip_tables not
13 > found. iptables v1.3.4: can't initialize iptables table `filter':
14 > iptables who? (do you need to insmod?) Perhaps iptables or your
15 > kernel needs to be upgraded. Clearing old chains and tables... cat:
16 > /proc/net/ip_tables_names: No such file or directory Your kernel
17 > lacks LOG support required by this script. Aborting.
18 >
19 > Any clues? It sounds to me like it's a kernel module thing, but what
20 > would a kernel module have to do with a firewall?
21
22 The Linux firewall (iptables) *is* a kernel module.
23
24 Meaning that it has to be enabled in the kernel, and it doesn't sound
25 like it is.
26
27 In my (extremely limited) experience (I use Firestarter to control
28 iptables and its rules), it is best to compile iptables and the various
29 filters (basically all of them) as modules into the kernel rather than
30 statically. Certainly for Firestarter, and it sounds like for ipkungfu
31 as well, this is preferable, so that the utility can grab and load the
32 modules it needs on the fly.
33
34 HTH,
35 Holly
36 --
37 gentoo-user@g.o mailing list