| 1 |
ok. I got a clean kernel and removed iptables and firestarter. I then went |
| 2 |
into the kernel config and _only_ turned on iptable support as a module, and |
| 3 |
ran modules-update. all looks ok. Rebooting the kernel, however, I get |
| 4 |
this in dmesg - |
| 5 |
ipw2100: disagrees about version of symbol per_cpu__softnet_data |
| 6 |
ipw2100: no version for "ieee80211_get_crypto_ops" found: kernel tainted. |
| 7 |
(a whole lot of these messages listing what appears to be every symbol in |
| 8 |
the ipw2100 module)... |
| 9 |
then - |
| 10 |
ieee80211: disagrees about version of symbol per_cpu__softnet_data |
| 11 |
ieee80211: Unknown symbol per_cpu__softnet_data. |
| 12 |
(a whole lot of these messages listing what appears to be every symbol in |
| 13 |
the ieee80211 module)... |
| 14 |
then - |
| 15 |
ieee80211_crypt_wep: disagrees about version of symbol ___pskb_trim |
| 16 |
ieee80211_crypt_wep: Unknown symbol ___pskb_trim. |
| 17 |
(a whole lot of these messages listing what appears to be every symbol in |
| 18 |
the ieee80211_crypt_wep module)... |
| 19 |
|
| 20 |
It appears that the version of ipw2100 and/or ieee80211 in portage (stable) |
| 21 |
clashes with the version of iptables in portage (stable). |
| 22 |
|
| 23 |
So, either I can have wireless or security... |
| 24 |
|
| 25 |
John D |
| 26 |
|
| 27 |
|
| 28 |
-----Original Message----- |
| 29 |
From: John Dangler [mailto:jdangler@××××××××.net] |
| 30 |
Sent: Monday, August 29, 2005 10:36 PM |
| 31 |
To: gentoo-user@l.g.o |
| 32 |
Subject: RE: [gentoo-user] iptables |
| 33 |
|
| 34 |
Holly~ |
| 35 |
The Firestarter kernel requirements doc says - |
| 36 |
|
| 37 |
*Device drivers |
| 38 |
*Networking support [y] |
| 39 |
*Networking support |
| 40 |
*Networking options |
| 41 |
*Network packet filtering [y] |
| 42 |
*Network packet filtering |
| 43 |
IP: Netfilter Configuration |
| 44 |
(*) |
| 45 |
|
| 46 |
"We recommend you enable _everything_ except ipchains support and ipfwadm |
| 47 |
support as modules under this menu" |
| 48 |
|
| 49 |
In case I did something out to bork this myself, I'm going to unmerge |
| 50 |
firestarter and iptables, rebuild the kernel into the state it was before |
| 51 |
this started (genkernel --kernel-config=my.old.config all), emerge iptables |
| 52 |
(instead of letting firestarter emerge do it), make sure that iptables loads |
| 53 |
up ok, then emerge firestarter and configure it. That way, I can be sure |
| 54 |
that it's not me just getting in a hurry to install a package... |
| 55 |
|
| 56 |
|
| 57 |
John Dangler |
| 58 |
GenoFit |
| 59 |
800-505-4078 (Corporate) |
| 60 |
386-767-3730 (Direct) |
| 61 |
866-273-0408 (Fax) |
| 62 |
www.genofit.com |
| 63 |
jdangler@×××××××.com |
| 64 |
|
| 65 |
|
| 66 |
-----Original Message----- |
| 67 |
From: Holly Bostick [mailto:motub@××××××.nl] |
| 68 |
Sent: Monday, August 29, 2005 9:32 PM |
| 69 |
To: gentoo-user@l.g.o |
| 70 |
Subject: Re: [gentoo-user] iptables |
| 71 |
|
| 72 |
John Dangler schreef: |
| 73 |
> I emerged firestarter (during which I got iptables), and forgot that I |
| 74 |
> didn't have iptables emerged prior. I went into the kernel and selected |
| 75 |
(as |
| 76 |
> the doc I found suggests) |
| 77 |
|
| 78 |
|
| 79 |
Oh, John, to hell with "the doc you found" (which look to be from the |
| 80 |
Wiki). No offense to the wiki (or to you), but you're really |
| 81 |
overcomplicating this. You're probably better off with the Firestarter |
| 82 |
docs found here |
| 83 |
|
| 84 |
http://www.fs-security.com/docs/kernel.php |
| 85 |
|
| 86 |
which are complete, and clear, and designed to work with the Firestarter |
| 87 |
front end.... you know, "official docs"...? :) |
| 88 |
|
| 89 |
|
| 90 |
Holly |
| 91 |
-- |
| 92 |
gentoo-user@g.o mailing list |
| 93 |
|
| 94 |
|
| 95 |
|
| 96 |
|
| 97 |
|
| 98 |
-- |
| 99 |
gentoo-user@g.o mailing list |
| 100 |
|
| 101 |
|
| 102 |
|
| 103 |
|
| 104 |
|
| 105 |
-- |
| 106 |
gentoo-user@g.o mailing list |
Archives