* re: gentoo iptables problem
@ Jude DaShiell
` Gregory Nowak
0 siblings, 1 reply; 6+ messages in thread
From: Jude DaShiell @ UTC (permalink / raw)
To: speakup
John, that's right when the emerge happened iptables was built as a
program not a module. It's probably some useflag that needs setting
correctly for this to build as a module.
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: gentoo iptables problem
gentoo iptables problem Jude DaShiell
@ ` Gregory Nowak
` John Heim
0 siblings, 1 reply; 6+ messages in thread
From: Gregory Nowak @ UTC (permalink / raw)
To: Speakup is a screen review system for Linux.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
No, you don't understand. There's a binary called iptables, and there
is a kernel module also called iptables, (though if you want to be
specific, that's actually called iptables.co), that you load via
modprobe. If the kernel module isn't loaded, or is not built into the
kernel, or can't be automagically loaded when needed, you can do with
the iptables binary whatever you want, and it still won't work without
that module.
Greg
On Fri, Nov 17, 2006 at 06:48:34PM -0500, Jude DaShiell wrote:
> John, that's right when the emerge happened iptables was built as a
> program not a module. It's probably some useflag that needs setting
> correctly for this to build as a module.
>
>
>
> _______________________________________________
> Speakup mailing list
> Speakup@braille.uwo.ca
> http://speech.braille.uwo.ca/mailman/listinfo/speakup
- --
web site: http://www.romuald.net.eu.org
gpg public key: http://www.romuald.net.eu.org/pubkey.asc
skype: gregn1
(authorization required, add me to your contacts list first)
- --
Free domains: http://www.eu.org/ or mail dns-manager@EU.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
iD8DBQFFXmL37s9z/XlyUyARAmrhAKCceRKkw3p2WWBynsxvm4s0idRFjQCfZ/co
ttzYoZj3S6KNCM3gJ/7wyds=
=iZZI
-----END PGP SIGNATURE-----
^ permalink raw reply [flat|nested] 6+ messages in thread* Re: gentoo iptables problem
` Gregory Nowak
@ ` John Heim
0 siblings, 0 replies; 6+ messages in thread
From: John Heim @ UTC (permalink / raw)
To: Speakup is a screen review system for Linux.
I think the module is actually called ip_tables. The ip_tables module keeps
a table of packet filtering rules inmemory. The table is manipulated via the
iptables program.
Saying either 'modinfo ip_tables' or 'modprobe ip_tables' should work. If
not, the module did not get compiled.
[I like to use 'ye' when talking about 'you in general'.]
----- Original Message -----
From: "Gregory Nowak" <greg@romuald.net.eu.org>
To: "Speakup is a screen review system for Linux." <speakup@braille.uwo.ca>
Sent: Friday, November 17, 2006 7:33 PM
Subject: Re: gentoo iptables problem
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> No, you don't understand. There's a binary called iptables, and there
> is a kernel module also called iptables, (though if you want to be
> specific, that's actually called iptables.co), that you load via
> modprobe. If the kernel module isn't loaded, or is not built into the
> kernel, or can't be automagically loaded when needed, you can do with
> the iptables binary whatever you want, and it still won't work without
> that module.
>
> Greg
>
>
> On Fri, Nov 17, 2006 at 06:48:34PM -0500, Jude DaShiell wrote:
>> John, that's right when the emerge happened iptables was built as a
>> program not a module. It's probably some useflag that needs setting
>> correctly for this to build as a module.
>>
>>
>>
>> _______________________________________________
>> Speakup mailing list
>> Speakup@braille.uwo.ca
>> http://speech.braille.uwo.ca/mailman/listinfo/speakup
>
> - --
> web site: http://www.romuald.net.eu.org
> gpg public key: http://www.romuald.net.eu.org/pubkey.asc
> skype: gregn1
> (authorization required, add me to your contacts list first)
>
> - --
> Free domains: http://www.eu.org/ or mail dns-manager@EU.org
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.5 (GNU/Linux)
>
> iD8DBQFFXmL37s9z/XlyUyARAmrhAKCceRKkw3p2WWBynsxvm4s0idRFjQCfZ/co
> ttzYoZj3S6KNCM3gJ/7wyds=
> =iZZI
> -----END PGP SIGNATURE-----
>
> _______________________________________________
> Speakup mailing list
> Speakup@braille.uwo.ca
> http://speech.braille.uwo.ca/mailman/listinfo/speakup
>
>
^ permalink raw reply [flat|nested] 6+ messages in thread
* gentoo iptables problem
@ Jude DaShiell
0 siblings, 0 replies; 6+ messages in thread
From: Jude DaShiell @ UTC (permalink / raw)
To: speakup
Quite right none of iptable's supporting modules got compiled. How might
someone install gentoo in such a way that all four of the iptables support
modules get compiled? I wasn't able to build those as modules after the
fact. This is a real security deficiency in gentoo since I've not been
able to find any gentoo tutorial or howto using google that deals with
this topic. What's more, slackware and debian don't have this problem on
default installations with speakup. Doing iptables -nL on either of these
other systems when iptables hasn't been otherwise adjusted shows all three
chains as set to ACCEPT which is the iptables default before any rules get
defined. If someone thought they'd like to use gentoo as a bootable I'd
say fine so long as you have no data anywhere else on the machine to
protect or anywhere else on the network since iptables and supporting
modules aren't on the livecd and must be downloaded.
^ permalink raw reply [flat|nested] 6+ messages in thread
* gentoo iptables problem
@ Jude DaShiell
` John Heim
0 siblings, 1 reply; 6+ messages in thread
From: Jude DaShiell @ UTC (permalink / raw)
To: speakup
running iptables -F in gentoo or any other command so far as I can tell
other than the help command produces a fatal error claiming the package
can't find module ip_tables and for that reason iptables can't initialize.
I got this using using emerge iptables so can't yet figure what's going on
and why.
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: gentoo iptables problem
Jude DaShiell
@ ` John Heim
0 siblings, 0 replies; 6+ messages in thread
From: John Heim @ UTC (permalink / raw)
To: Speakup is a screen review system for Linux.
Well, I don't know anything about gen2 but it sounds as if the kernel was
compiled w/o the ip_tables module. I don't know exactly where that is in
the kernel config but I would imagine that like any other module, you can
compile it into the kernel, compile it as a module, or not compile it at
all. You'd have to check your kernel config.
But you should be able to say 'modinfo ip_tables' and get info about the
module if it has been built. If modinfo prints a notice that there is no
such module, you're going to have to recompile your kernel or download a new
pre-compiled one.
----- Original Message -----
From: "Jude DaShiell" <jdashiel@shellworld.net>
To: <speakup@braille.uwo.ca>
Sent: Friday, November 17, 2006 5:09 AM
Subject: gentoo iptables problem
> running iptables -F in gentoo or any other command so far as I can tell
> other than the help command produces a fatal error claiming the package
> can't find module ip_tables and for that reason iptables can't initialize.
> I got this using using emerge iptables so can't yet figure what's going on
> and why.
>
>
>
> _______________________________________________
> Speakup mailing list
> Speakup@braille.uwo.ca
> http://speech.braille.uwo.ca/mailman/listinfo/speakup
>
>
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~ UTC | newest]
Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
gentoo iptables problem Jude DaShiell
` Gregory Nowak
` John Heim
-- strict thread matches above, loose matches on Subject: below --
Jude DaShiell
Jude DaShiell
` John Heim
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).