Firewall config and ftp server
Tom H
tomh0665 at gmail.com
Thu Mar 11 18:28:13 UTC 2010
>> To clarify, several kernels ago the IPV4 iptables was defaulted to being
>> built into the kernel so it doesn't need a modprobe or insmod. Ditto
>> with the IPV4 conntrack (snippet of the default kernel config file):
>> CONFIG_NF_DEFRAG_IPV4=y <<<---- Built into kernel
>> CONFIG_NF_CONNTRACK_IPV4=y <<<---- Built into kernel
>> # CONFIG_NF_CONNTRACK_PROC_COMPAT is not set
>> CONFIG_IP_NF_QUEUE=m <<<---- Module
>> CONFIG_IP_NF_IPTABLES=y <<<---- Built into kernel
>> So remove those items from your /etc/modprobe.conf file. It is also not
>> necessary to modprobe things like the NAT module and such...if
>> there are rules in your iptables config that require them, they'll
>> be drug in by iptables itself. The "modprobe"able modules can be
>> found by doing a
>> ls /lib/modules/`uname -r`/kernel/net/ipv4/netfilter
> Would you mind to tell me how to apply the following iptables module into
> FC11 System ?
> ip_nat_ftp
> ip_conntrack_ftp
It seems to me that there has been an email pointing out that
ip_conntrack_ftp has been replaced by nf_conntrack_ftp and ip_nat_ftp
by nf_nat_ftp.
More information about the users
mailing list