Hi, I just subscribed to the list and didn't get the Mail from Theo, so I'm replying to this one.
On Mon, Dec 29, 2008 at 09:29:03AM -0500, Brian J. Murrell wrote: > On Mon, 2008-12-29 at 14:08 +0100, Theo van Werkhoven wrote: > > Shorewall Geek wrote: > > > RC3 is now available for testing: > > > > $sudo /sbin/shorewall6 version > > 4.2.4-RC3 > > > > [..] > > Shorewall configuration compiled to /var/lib/shorewall6/.start > > Processing /etc/shorewall6/params ... > > ERROR: Shorewall6 requires Linux kernel 2.6.25 or later > > > > openSUSE 10.3 > > $uname -r > > 2.6.22.19-0.1-default > > > > The kernel is up-to-date, only the patches have been compiled in an old > > version by SUSE. > > Is there another way the kernel capabilities can be determined so that the > > script doesn't fail? I think the really necessary part for shorewall6 is the use of nf_conntrack and hence IPv6 conntrack support. You can check for this by checking for existence of /proc/net/nf_conntrack (after trying to load the nf_conntrack module). This doesn't tell you if IPv6 conntrack is really enabled, however checking for the kernel version also doesn't tell you that. The same is true for IPv4 btw, and shorewall also will not work without conntrack support. If other things are necessary, they can be checked in /proc/net/ip6_tables_*, just like with IPv4. I guess at some point you simply have to trust the admin. Maybe an option in shorewall6.conf to skip the version check (or all checks altogether if there are any other)? Andreas -- Andreas Ferber | MarcanT Internet-Services GmbH Systemadministration | Ravensberger Str. 10G, D-33602 Bielefeld [email protected] | Geschaeftsfuehrer: Thorsten Hojas USt-ID Nr.: DE 190203238 | Handelsregister: Amtsgericht Bielefeld, HRB 35 827 ___________________________________________________________ CONFIDENTIALITY NOTICE The contents of this email are confidential to the ordinary user of the email address to which it was addressed and may also be privileged. If you are not the addressee of this email you may not copy, forward, disclose or otherwise use it or any part of it in any form whatsoever. If you have received this email in error please email the sender by replying to this message.
pgpTzpcF7SoK3.pgp
Description: PGP signature
------------------------------------------------------------------------------
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
