Nother IPchains question

[johnqpublic]

I've noticed when compiling a new kernel I'll get an "IPchains protocol not available " when my new kernel loads.However, everything seems to work just fine. I get on the net ok . I use a router so all my computers are hooked up to my cable modem.This only happens on kernels I compile so anyone have an idea what's causing this?I use SuSE if that helps but it has happened in Redhatand Drake also.

[paradox]

Only thing I can guess is you have IP Chains setup somewhere in your init scripts, but you didn't enable it in your kernel configuration. I would say a quick fix is to recompile your kernel and add ip chains support....

Aragorn

[JimH]

Sounds like you forgot to enable something in your kernel config. When do you see "IPchains protocol not available"?

Jim H

[johnqpublic]

Sorry to take so long to reply.I forgot about this thread.Yes, Aragorn and JimH,you were both right in that I have not been enabling support for ipchains.I've got that configured right now,so thank you guys for the assist.

[paradox]

Well thank you for coming back and saying hi to your old friends back here at GLO! Been awhile, be sure to come and visit more often!

Aragorn

[blair]

Hi all

I get this in my /var/log/messages.

Dec 16 12:19:00 apache kernel: Packet log: output REJECT eth0 PROTO=1 203.53.180.69:3 139.130.4.4:3 L=101 S=0xC0 I=24522 F=0x0000 T=255 (#54)

203.53.180.69: The ipchains machine (running DNS)
139.130.4.4: ISP's DNS server.

This message will appear even though I have explicitly accepted outgoing packets heading for 139.130.4.4 on port 3 in rc.firewall.

I have searched for this and have come up with a german linux mailing list. They talk about this being an error in ipchains logging system, and nothing to be concerned about. I just wanted to double check this.

I am running Redhat 6.2 on a celeron500/128mb. It is running a DNS server, an apache server, ftp server and sendmail. It might also be one of these servers trying to send out the rejected packet on port 3.

I wouldn't call myself experienced at using linux (used it for 1 and half years) but I know my way around the command line well enough, and anything I don't understand I would search for it on google ;D.

[JimH]

Dec 16 12:19:00 apache kernel: Packet log: output REJECT eth0 PROTO=1 203.53.180.69:3 139.130.4.4:3 L=101 S=0xC0 I=24522 F=0x0000 T=255 (#54)

203.53.180.69: The ipchains machine (running DNS)
139.130.4.4: ISP's DNS server.

This message will appear even though I have explicitly accepted outgoing packets heading for 139.130.4.4 on port 3 in rc.firewall.

Hmmm, been to long since I used 6.2, don't remember if that was a bug or not. What version of ipchains?

/sbin/ipchains -V

Another possiblility if you are specifically blocking ICMP packets before the line to allow them, then the packets will be blocked. Will look and see when I get time if I can find anything on a bug.

Jim H

[blair]

Hmmm, been to long since I used 6.2, don't remember if that was a bug or not. What version of ipchains?

/sbin/ipchains -V

Another possiblility if you are specifically blocking ICMP packets before the line to allow them, then the packets will be blocked. Will look and see when I get time if I can find anything on a bug.

Jim H

I am running version 1.3.9.

Btw, an ipchains -v command specifies that ipchains will be used in verbose mode

Also, I am blocking ICMP. I will check this out and change it if necessary. I will get back to you on that

Edit:
Ok, i disabled the ICMP info in rc.firewall. I will get back to you in the morning and let you know if it has cleared up Thanks Jim.

[paradox]

Errr...I don't know lickety split about networking, but I believe you read the command wrong it is

ipchains -V <----Capital not lower case!

Aragorn

[blair]

Ahh i see

My mistake :P

Thankyou for correcting me Aragorn ;D

Edit:
Spelling :