On Thu, 22 Feb 2007 15:55:30 +0200 David Baron <[EMAIL PROTECTED]> wrote:
> Compiled it taking all the defaults on new features. It boots just fine but > has fatal ip_tables errors over and over missing this item. Cannot connect to > internet. > > Any ideas? Do I need this and why? > > Google had something about setting: modprobe ip_conntrack_ftp ports=21,2121 > if > compiled as a module. So I set the previously unset constant=m and am > recompiling. Where would I specify the modprobe arguments? > > Can't you just add the command into your iptables startup script? I mean, as far as I know your should should just be shell commands. I know mine has it in it, not exactly the same but: #!/bin/sh #set policy on input chain in default (filter) table to drop iptables -P INPUT DROP #flush input chain iptables -F INPUT #load the ftp connection tracker module (otherwise active mode ftp won't work) modprobe ip_conntrack_ftp #accept traffic from established and related connections iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT #allow automatic wireless connection iptables -A INPUT -i lo -j ACCEPT #accept traffic for our webserver iptables -A INPUT -p tcp --dport 8080 -j ACCEPT #accept traffic for zsnes iptables -A INPUT -p tcp --dport 7845 -j ACCEPT -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
