[CLUE-Tech] module loading question
Jim Ockers
ockers at ockers.net
Mon Mar 24 18:10:18 MST 2003
Jeremiah,
I only know how to do this on Red Hat.
To get the ip_tables module to load, you simply need to get the "service iptables
start" command to run at boot-up.
Firstly, make sure ipchains is not running and turned off.
service ipchains stop
chkconfig ipchains off
modprobe -r ipchains
Nextly, make sure you've initialized iptables:
iptables -L -n
iptables-save > /etc/sysconfig/iptables
chkconfig iptables on
service iptables start
This will cause Red Hat Linux to start the iptables subsystem everytime the
system reboots.
Alternatively, you can put "/sbin/modprobe ip_tables" in /etc/rc.d/rc.local,
but you already knew that, and you were wondering what the "right" way to do
it was.
If this isn't what you were wondering, then I don't know the answer to your
question.
Another question I can't answer is this: How do I get ip_conntrack_ftp to load
with the iptables subsystem at reboot? Right now I can get iptables and NAT
etc. to all start at boot-up on my Red Hat system, but I have to put the
ip_conntrack_ftp module load in /etc/rc.d/rc.local since iptables will never
modprobe that on its own, even if FTP data is detected.
Or at least I don't know how to get it to do that. Any ideas from the list?
Without the ip_conntrack_ftp module loaded, FTP does not work from inside
the masquerade, and I think inbound FTP to the server might not work properly
either sometimes.
Thanks,
JimO
Keith Hellman wrote:
>
> On Mon, Mar 24, 2003 at 04:35:32PM -0700, Jeremiah Stanley wrote:
> > Do I just need to put an entry like the on below to load the ip_tables
> > module on boot into /etc/modules.conf?
> >
> > alias ip_tables
> >
> > If that isn't it, what do I put in that file to have the module loaded
> > on boot?
>
> My ip_tables loads without an entry in /etc/modules.conf.
>
> If you've recently installed a new kernel...
> - Did you build ip_tables INTO the kernel?
> - Did you do a modules_install?
> - Have you run depmod recently?
>
> What distro?
> --
> Keith Hellman #include <disclaimer.h>
> kehellman at yahoo.com from disclaimer import standard
>
> I used to be schizophrenic, but we're okay now.
> _______________________________________________
> CLUE-Tech mailing list
> CLUE-Tech at clue.denver.co.us
> http://clue.denver.co.us/mailman/listinfo/clue-tech
>
--
Jim Ockers (ockers at ockers.net)
Contact info: please see http://www.ockers.net/
More information about the clue-tech
mailing list