> Sent: Saturday, December 14, 2019 at 10:40 PM > From: "Pierre Labastie via blfs-support" > <[email protected]> > To: [email protected] > Cc: "Pierre Labastie" <[email protected]> > Subject: Re: [blfs-support] is there an xt_LOG module in kernel 5.4.x? > > Le 14/12/2019 à 09:31, Pierre Labastie via blfs-support a écrit : > > Le 14/12/2019 à 02:55, DJ Lucas via blfs-support a écrit : > >> > >> > >> On 12/13/2019 8:57 AM, Pierre Labastie via blfs-support wrote: > >>> Le 13/12/2019 à 15:15, Pierre Labastie via blfs-support a écrit : > >>>> Hi, > >>>> > >>>> I just installed the 5.4.2 kernel, and got: > >>>> > >>>> modprobe: FATAL: Module xt_LOG not found in directory /lib/modules/5.4.2 > >>>> > >>>> at boot. Note that this is not the result of having it builtin: > >>>> nf_conntrack > >>>> is builtin, and there is no message about it. I think the problem is > >>>> rather > >>>> that in: > >>>> Networking support ---> > >>>> Networking options ---> > >>>> Network packet filtering framework (Netfilter) ---> > >>>> Core Netfilter Configuration ---> > >>>> > >>>> I have: > >>>> -*- Netfilter Xtables support (required for ip_tables) > >>>> *** Xtables combined modules *** > >>>> > >>>> That is all the options under Xtable support > >>>> (where xt_LOG resides according to help) > >>>> are combined into one and not select-able individually (automatically > >>>> selected). But while for example xt_NFLOG (another module associated to > >>>> an > >>>> option under the same hierarchy) appears in the builtin modules, xt_LOG > >>>> does > >>>> not... > >>>> > >>>> I've not investigated more, because I do not know anything about this > >>>> netfilter stuff... But I wanted to let you know > >>>> > >>> Well, it seems you need to tick "Advanced netfilter configuration", under > >>> Network packet filtering framework (Netfilter) ---> > >>> to get access to the individual Xtables modules. > >>> > >> > >> Then this should be added to the book I think. Thanks for double checking > >> it. > >> I'm studying for a vendor test right now, but will get to it in a couple > >> of days. > >> > > > > Note that "make defconfig" adds all the Xtable options as modules [m]. But I > > had a config from previous builds, and somehow, it did not have xt_LOG > > ticked > > (while it had xt_NFLOG, but it is the result of many runs of "make > > oldconfig" > > for each new kernel, and I guess I've missed a "no" answer to this one, or > > something like that.): since it is the config for VMs, which are on a host, > > which is itself behind a router (provided by the ISP), I thought I did not > > need iptables, but now it is recommended for something, so I have to set it > > up. > > Hmmm, it's been recommended by NetworkManager for years. It's just that the > recent changes in iptables have unveiled this misconfiguration. > > > > > Anyway, I'll try to document this in the book today. > > > > Done at 22470. I've given the configuration for running the personal firewall > only. Hope it is OK. > > Pierre > -- > http://lists.linuxfromscratch.org/listinfo/blfs-support > FAQ: http://www.linuxfromscratch.org/blfs/faq.html > Unsubscribe: See the above information page >
Hello, This has got me curious about something. I absolutely hate changing anything in the kernel unless it is absolutely essential. I perfected the kernel to my liking and specific to my hardware when I first started using linuxfromscratch, and only tweaked it when I moved from a laptop to a desktop. That is until recently when I moved everything to use lvm2. I always used the make oldconfig after copying the config file from /boot into the new kernel tree and renaming it to .config. But when I moved to lvm2, I did make (after moving a tweaked config to .config) instead, and that showed new options and brought up the y/n questions. Is there any harm in doing this, or have the kernel developers changed something, or have I just been lucky? Regards, Christopher. -- http://lists.linuxfromscratch.org/listinfo/blfs-support FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
