Hi I run a NAT router to a network of ~100 computers with a connection of 512kb. The box is woody, on 486DX100/28MB RAM
I currently still use kernel 2.2 (all the problems with kernel 2.4 scared me, and besides, NAT does provide a poor-man's stateful filtering, at least against the bad guys in the internet). Anyway, one of the requirements from this box was to masquerade netmeeting calls properly. On 2.2 there is a beta-quality module for that, which generally works. However lately (ever since the upgrade to 2.2.20 ?) I have experinced occsional freezes of this box, which required a hard reboot. I noticed some activity from this module in the system logs a bit before the times of most of the crashes, but it is nothing I can be sure of, and I have no time to chase this bug on my own. It seems that there is a patch for adding this support for kernel 2.4 (read: a beta quality code, in a not-yet-tried-and-tested-enough kernel base). But this one is being actively developed, so I hope that I won't be alone should troubles arise. I'm now trying to build a kernel package[1] that will include this patch. >From the documentation in the netfilter site (http://www.netfilter.org/documentation/FAQ/netfilter-faq-1.html#ss1.5 ) I should get the latest patch from their CVS and then use some procedure to apply their patches. This all spells too much "bleeding edge" to me. I also had problems applying those patches on kernel 2.4.17. Has anybody got this configuration built and working for some time (with a resonably recent 2.4 kernel)? [1] I would rather build a kernel package, because then it would be easier to build it on a seperate build machine and copy to the firewall box, but it is not a must. Also: Any ideas if this machine is strong enough to handle the expected load with netfilter? See its configuration at the beginning of the message. -- Tzafrir Cohen /"\ mailto:[EMAIL PROTECTED] \ / ASCII Ribbon Campaign Taub 229, 972-4-829-3942, X Against HTML Mail http://www.technion.ac.il/~tzafrir / \
