Missing ipt_LOG.o for Firewall Logging in 3.0

Stefan Bruda yellowdog-general@lists.terrasoftsolutions.com
Fri May 9 07:43:01 2003 

At 05:17 -0700 on 2003-5-9 Morgan Doocy wrote:
 >
 > Obviously, YDL 3.0 includes the logging module for ip6tables, but
 > not for iptables, which I need.
 > 
 > Google found me a slightly older release (from 2.3) which contains the  
 > file I'm looking for:
 > 
 > 	http://rpmfind.net/linux/RPM/yellowdog/1.0/yellowdog-2.3/ppc/ 
 > YellowDog/ppc/kernel-ans-2.4.19-4a.ppc.html
 > 
 > ...so I suppose I could just extract it from that package. 

You certainly can, but you chances are you will screw your kernel's
system map and those modules will not work.  The real solution is to
reconfigure and recompile your kernel source tree so that it compiles
to a version that includes the desired modules.

For this you will have to install the kernel-source rpm (don't quite
know the real name, but it is on one of the CDs) if you did not do so
already.

In make xconfig, the options related to NAT and firewalls are all
under Networking options -> IP: Netfilter Confirguartion (as opposed
to Networking options -> IPv6: Netfilter Confirguartion which deals
with IP v6).  In particular, logging packets needs
CONFIG_IP_NF_TARGET_LOG to be set (to y or m), thing that corresponds
to "LOG target support" in the mentioned panel.  However, it is a
good idea to take a look at all the options in there and set them as
needed.  Heck, you can even compile all of them to modules until you
figure out what you really need.

I believe that the config file that comes with the sources is the one
used to compile the kernel you already use, so other than this you do
not need any change.

I am not sure how comfortable you are with compiling kernels, but it
is not as intimidating as it sounds (though the first attempt is
likely to produce a panicked kernel, so do keep the old version around
until you make sure that everything works well).  There is a howto on
the YDL Web site at

http://www.yellowdoglinux.com/support/solutions/ydl_general/kernels.shtml

Still to be updated for YDL 3.0 in terms of kernel versions, but
otherwise it is a good starting point.

Side note: I know, real Linux users use make config, but I kind of
prefer mouse clicks to key strokes. ;-)

Stefan

-- 
If it was so, it might be; and if it were so, it would be; but as
it isn't, it ain't. That's logic.
    --Lewis Carroll, Through the Looking-Glass