On Thu, 2005-07-14 at 14:23 +0200, Jannic S. Jensen wrote: > Just an quick summary > > If you like to comlile your own kernel on Trustix 3.0 and afterwards got: > > >-- > >[EMAIL PROTECTED] ~# ls /lib/modules/ > >2.6.11.12-2tr/ 2.6.11.12-2trsmp/ > >[EMAIL PROTECTED] ~# > >--- > > Then just edit /usr/src/kernel-source-2.6.11.12-2tr/localversion and > change: -2trsmp instead of -2tr. > > Then everythings works ;) And you can now happy reboot. Shorewall is happy: > > --- > Shorewall has detected the following iptables/netfilter capabilities: > NAT: Available > Packet Mangling: Available > Multi-port Match: Available > Extended Multi-port Match: Available > Connection Tracking Match: Not available > Packet Type Match: Available > Policy Match: Not available > Physdev Match: Available > IP range Match: Available > Recent Match: Available > Owner Match: Not available > Ipset Match: Not available > ROUTE Target: Not available > Extended MARK Target: Available > CONNMARK Target: Available > Connmark Match: Available > --- > > I now got CONNMARK support ;) > > Thanks for great help! > > Best regards > /Jannic
Just a quick follow up on this. Trustix appears to have a "firewall" config for compiling the kernel. Why these options aren't installed by default at this point is a little bit of a mystery, but the config file is there under /usr/src/kernel-source-<version>/configs/ It appers that the file name is <kernel version>-firewall.config and contains the CONNTRACK and CONNMARK options set as modules. I just thought people might find this information handy. I don't know how this is under the 3.0 release but this information applies, at least, to the 2.2 release. -- Preston Kutzner | Network Administrator
signature.asc
Description: This is a digitally signed message part
_______________________________________________ tsl-discuss mailing list [email protected] http://lists.trustix.org/mailman/listinfo/tsl-discuss
