This is what you said Scott Ruckh > I just upgraded my kernel from 2.6.13-4 to 2.6.24 (x86_64). I also built > iptables 4.0 and built the netfilter modules for 2.6.24. > > I remember reading a while back about the new naming convention netfilter > was using for its modules with newer kernels, but I am having a hard time > finding that thread when googling through the mail list archives. > > Now I am getting 'can't load conntrack support for proto=2" errors, and > shorewall dies with: > > Compiling /etc/shorewall/masq... > ERROR: a non-empty masq file requires NAT in your kernel and iptables : > /etc/shorewall/masq (line 222) > > I assume these errors are related to the new netfilter modules. > > While I am searching the archives, I was hoping someone else might > remember this thread or have the solution. > > I am running shorewall-4.0.8-2, if it helps. > > I have attached the output from 'lsmod' and the contents of my > /lib64/iptables directory in case that might help. > > I appreciate your help. > > Thanks. > Should have attached a shorewall dump too.
I see from the output that Conntrack support is not available, but I am not quite sure why. I believe I have all of the modules built.
shorewall-dump.txt.gz
Description: GNU Zip compressed data
------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
