PDA

View Full Version : SLES10 and ip6tables



bsccns
21-Feb-2012, 14:21
Hello everyone!

I'm trying to get ip6tables to work in my SLES10 SP2 box with kernel 2.6.16.60-0.42.5-smp. It does work when adding simple rules like, allowing all icmpv6 traffic, but whereas I've had no problems with SLES11 SP1 2.6.32.49-0.3 and SLES9 SP3 2.6.5-7.318, the SLES10 box does not behave as expected with related packets. After Googling for a while, I think the reason why ip6tables is not working properly, is because the module nf_conntrack_ipv6, which I have found in the SLES11 and SLES9 boxes, is not present in the /lib/modules/`uname -r`/kernel/net/ipv6/netfilter directory in the SLES10 box.

Has anyone had the same problem? Is anybody runnning ip6tables in SLES10 SPX with no problem?

Thanks in advance.

malcolmlewis
22-Feb-2012, 05:28
Hello everyone!

I'm trying to get ip6tables to work in my SLES10 SP2 box with kernel
2.6.16.60-0.42.5-smp. It does work when adding simple rules like,
allowing all icmpv6 traffic, but whereas I've had no problems with
SLES11 SP1 2.6.32.49-0.3 and SLES9 SP3 2.6.5-7.318, the SLES10 box does
not behave as expected with related packets. After Googling for a while,
I think the reason why ip6tables is not working properly, is because the
module nf_conntrack_ipv6, which I have found in the SLES11 and SLES9
boxes, is not present in the /lib/modules/`uname
-r`/kernel/net/ipv6/netfilter directory in the SLES10 box.

Has anyone had the same problem? Is anybody runnning ip6tables in
SLES10 SPX with no problem?

Thanks in advance.



Hi
Looks like it was 'experimental' in that kernel;


config NF_CONNTRACK_IPV6
tristate "IPv6 support for new connection tracking
(EXPERIMENTAL)"

Can you download the kernel src rpm and rebuild the kernel module to
enable it?

--
Cheers Malcolm °¿° (Linux Counter #276890)
SUSE Linux Enterprise Desktop 11 (x86_64) Kernel 3.0.13-0.27-default
up 3 days 7:04, 3 users, load average: 0.03, 0.07, 0.05
CPU Intel i5 CPU M520@2.40GHz | Intel Arrandale GPU