homepage Welcome to WebmasterWorld Guest from 184.73.87.85
register, free tools, login, search, subscribe, help, library, announcements, recent posts, open posts,
Subscribe to WebmasterWorld

Home / Forums Index / Hardware and OS Related Technologies / Linux, Unix, and *nix like Operating Systems
Forum Library, Charter, Moderators: bakedjake

Linux, Unix, and *nix like Operating Systems Forum

    
Is ipchains broken on Debian woody release?
Air




msg:910079
 9:11 pm on Sep 7, 2002 (gmt 0)

is anyone having problems with ipchains with Debian "woody" release? Getting message "ipchains: Incompatible with this kernel" (I'm using 2.2.x kernel).

 

littleman




msg:910080
 9:24 pm on Sep 7, 2002 (gmt 0)

I wonder if the apt system thinks you are running the 2.4.x kernel instead?

littleman




msg:910081
 9:30 pm on Sep 7, 2002 (gmt 0)

What does it say when you run, 'dpkg -l ¦ grep kernel-image'

Duckula




msg:910082
 11:09 pm on Sep 7, 2002 (gmt 0)

Important too, what does it say when running 'uname -a' ?

Maybe you're using a 2.4 kernel without noticing it.

You are going to need support for ipchains compiled into the kernel; if you compiled it yourself check for that option.

Air




msg:910083
 1:03 am on Sep 8, 2002 (gmt 0)

>What does it say when you run, 'dpkg -l grep kernel-image'

doesn't return anything. but dpkg -l grep kernel returns:

ii pciutils 2.1.9-4 Linux PCI Utilities (for 2.[1234].x kernels)

>uname -a
Linux eeyor 2.2.20-idepci #1 Sat Apr 20 12:45:19 EST 2002 i686 unknown

littleman




msg:910084
 1:37 am on Sep 8, 2002 (gmt 0)

>doesn't return anything.
So, you compiled your own kernel then?

Air




msg:910085
 2:42 am on Sep 8, 2002 (gmt 0)

It was precompiled little, one of the minimal downloads which contains the kernel and enough packages to get started, then you retrieve the packages you want to complete your system. Maybe I should just go with the 2.4 kernel and iptables instead. I've been trying to fix this for a week and I just can't find what's wrong. All the modules that should be there seem to be there using modprobe.

littleman




msg:910086
 3:13 am on Sep 8, 2002 (gmt 0)

You probably did this already, but if you haven't make sure your /etc/apt/sources.list is pointing to the right sources for woody and then run:
apt-get update
apt-get dist-upgrade
apt-get -f install -- would fix dependency problems in theory

And if that does anything maybe purge and reinstall ipchains, and see what happens.

It just feels sort of like a broken dependency database by the lack of a return from 'dpkg -l grep kernel-image'.

Air




msg:910087
 3:03 pm on Sep 8, 2002 (gmt 0)

>apt-get update
>apt-get dist-upgrade
>apt-get -f install -- would fix dependency problems in theory

Yes I did try that, it reports 0's across the board, "0 packages upgraded, 0 newly installed, 0 to remove and 0 not upgraded."

I might just recompile the kernel to make sure that it isn't confused about something, failing that I think I'll go with the 2.4 kernel.

Duckula




msg:910088
 5:56 pm on Sep 8, 2002 (gmt 0)

Well Air, I won't criticize, you're free to do as you want, but using a 1360kb kernel download and expecting that everything works is kind of expecting a little too much :)

My recomendation is to download kernel sources and kernel-package (apt-get install kernel-source-2.2.21 kernel-package) and zless debian.README.gz at /usr/doc/kernel-source-2.x.x to rebuild it easily using make-kpkg.

I don't use that kernel in particular, but more probably the support for ipchains at the configuration (make menuconfig or such) was disabled on your very basic kernel. I checked and there are not modules for that in the particular version reported by uname.

Air




msg:910089
 9:38 pm on Sep 8, 2002 (gmt 0)

>....1360kb kernel download and expecting that everything works is kind of expecting a little too much

-hehehe yeah I guess it is a bit much to expect :)

I compiled a 2.4. kernel with necessary modules, iptables works just fine with it. I might go back an mess with the 2.2 kernel later (but I doubt it) ...

dingman




msg:910090
 2:46 am on Sep 12, 2002 (gmt 0)

>I compiled a 2.4. kernel with necessary modules, iptables works just
>fine with it. I might go back an mess with the 2.2 kernel later (but I
>doubt it) ...

If I were you, I wouldn't bother revisiting the 2.2 kernel unless you are trying to set up a firewall on a machine too old to run the current version of the distribution. There are other reasons to go with a particular kernel version other than the latest release, but I think 2.4 and iptables is a good default. I know for a while I heard people complain that the 2.4 kernels weren't ready for production use, but the last time I managed to crash a 2.4 series kernel, the version number ended in 'testX-preY'.

Of course, the most heavily loaded systems I've been responsible for only had a couple hundred users (half of whom were in reality just entries in the password file.), which I'm sure is childs' play compared to the experience of at least a few others around. My oppinion is only slightly more definitive than my spelling. ;)

littleman




msg:910091
 5:25 am on Sep 12, 2002 (gmt 0)

Dingman, welcome to WebmasterWorld, and to it's relatively fledgling *nix forum! I look forward to reading more of your posts.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Hardware and OS Related Technologies / Linux, Unix, and *nix like Operating Systems
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About
© Webmaster World 1996-2014 all rights reserved