[CLUE-Tech] module loading question

Jim Ockers ockers at ockers.net
Mon Mar 24 18:10:18 MST 2003 

Jeremiah,

I only know how to do this on Red Hat.

To get the ip_tables module to load, you simply need to get the "service iptables
start" command to run at boot-up.

Firstly, make sure ipchains is not running and turned off.
	service ipchains stop
	chkconfig ipchains off
	modprobe -r ipchains

Nextly, make sure you've initialized iptables:
	iptables -L -n
	iptables-save > /etc/sysconfig/iptables
	chkconfig iptables on
	service iptables start

This will cause Red Hat Linux to start the iptables subsystem everytime the
system reboots.

Alternatively, you can put "/sbin/modprobe ip_tables" in /etc/rc.d/rc.local,
but you already knew that, and you were wondering what the "right" way to do
it was.

If this isn't what you were wondering, then I don't know the answer to your
question.

Another question I can't answer is this: How do I get ip_conntrack_ftp to load
with the iptables subsystem at reboot?  Right now I can get iptables and NAT
etc. to all start at boot-up on my Red Hat system, but I have to put the
ip_conntrack_ftp module load in /etc/rc.d/rc.local since iptables will never
modprobe that on its own, even if FTP data is detected.

Or at least I don't know how to get it to do that.  Any ideas from the list?
Without the ip_conntrack_ftp module loaded, FTP does not work from inside
the masquerade, and I think inbound FTP to the server might not work properly
either sometimes.

Thanks,
JimO

Keith Hellman wrote:
> 
> On Mon, Mar 24, 2003 at 04:35:32PM -0700, Jeremiah Stanley wrote:
> > Do I just need to put an entry like the on below to load the ip_tables
> > module on boot into /etc/modules.conf?
> > 
> > alias ip_tables
> > 
> > If that isn't it, what do I put in that file to have the module loaded
> > on boot?
> 
> My ip_tables loads without an entry in /etc/modules.conf.
> 
> If you've recently installed a new kernel...
> - Did you build ip_tables INTO the kernel?
> - Did you do a modules_install?
> - Have you run depmod recently?  
> 
> What distro?
> -- 
> Keith Hellman                             #include <disclaimer.h>
> kehellman at yahoo.com               from disclaimer import standard
> 
> I used to be schizophrenic, but we're okay now.
> _______________________________________________
> CLUE-Tech mailing list
> CLUE-Tech at clue.denver.co.us
> http://clue.denver.co.us/mailman/listinfo/clue-tech
> 


-- 
Jim Ockers (ockers at ockers.net)
Contact info: please see http://www.ockers.net/

More information about the clue-tech mailing list