On Wed, Apr 23, 2003 at 08:19:01PM -0700, nitin panjwani wrote:
HI Bazis, I am trying to install tproxy on 2.4.20. I am getting some compilation errors when I am trying to add patch to iptables.(following the instructions given in README). I am not able to send you snaphot right now(its in my lab). there is some error in ../extension/ipt_ECN. I will send you this later today or tomorrow.
my patch does not touch ipt_ECN, so it must be an unrelated problem
One more question. Do I need to compile patched-IPTABLES before compiling kernel or after ?? I think it should be before... but I am not very sure and its not clear in README. Can you please clearify this.
it does not matter, all that matters is to tell iptables where to find the patched kernel-tree: # make KERNEL_DIR=/usr/src/linux-2.4.20-tproxy/ (and check whether extensions/.tproxy-test has executable permissions) -- Bazsi PGP info: KeyID 9AF8D0A9 Fingerprint CD27 CFB0 802C 0944 9CFD 804E C82C 8EB1
Balazas, I got it compiled. seems like I was using broken iptable. One more thing Readme says I will have to install iptable_tproxy.o module. But when I do "insmod iptable_tproxy " I get the output that no module by that name doesn't exist. While compiling kernel I said yes to all tproxy options, which means they have been compiled with my kernel image not as loadable module. Does it mean I don't have to load iptable_tproxy module or this is created after doing make KERNELDIR=/usr/src/linux I am new to all this please. Thanks, Nitin --- Balazs Scheidler <bazsi@balabit.hu> wrote:
On Wed, Apr 23, 2003 at 08:19:01PM -0700, nitin panjwani wrote:
HI Bazis, I am trying to install tproxy on 2.4.20. I am getting some compilation errors when I am trying to add patch to iptables.(following the instructions given in README). I am not able to send you snaphot right now(its in my lab). there is some error in ../extension/ipt_ECN. I will send you this later today or tomorrow.
my patch does not touch ipt_ECN, so it must be an unrelated problem
One more question. Do I need to compile patched-IPTABLES before compiling kernel or after
?? I
think it should be before... but I am not very sure and its not clear in README. Can you please clearify this.
it does not matter, all that matters is to tell iptables where to find the patched kernel-tree:
# make KERNEL_DIR=/usr/src/linux-2.4.20-tproxy/
(and check whether extensions/.tproxy-test has executable permissions)
-- Bazsi PGP info: KeyID 9AF8D0A9 Fingerprint CD27 CFB0 802C 0944 9CFD 804E C82C 8EB1
__________________________________________________ Do you Yahoo!? The New Yahoo! Search - Faster. Easier. Bingo http://search.yahoo.com
On Thu, Apr 24, 2003 at 01:29:56AM -0700, nitin panjwani wrote:
Balazas, I got it compiled. seems like I was using broken iptable. One more thing Readme says I will have to install iptable_tproxy.o module. But when I do "insmod iptable_tproxy " I get the output that no module by that name doesn't exist.
While compiling kernel I said yes to all tproxy options, which means they have been compiled with my kernel image not as loadable module. Does it mean I don't have to load iptable_tproxy module or this is created after doing make KERNELDIR=/usr/src/linux I am new to all this please.
yes, your kernel contains the iptable_tproxy module built in, so you don't need to load it explicitly. However Zorp detects whether you have tproxy support by attempting to load a module. This will change in the future, but currently it won't recognize your system as one with tproxy support. (squid might do it differently) -- Bazsi PGP info: KeyID 9AF8D0A9 Fingerprint CD27 CFB0 802C 0944 9CFD 804E C82C 8EB1
HI Balazas, While going throgh Zorp's mailing archieve, I noticed someone had asked that which linux distribution should be used and reply was that most of you were using it on Debian. I am in the process of installing it on Redhat 8.0. Have you heard from anyone if there is some problem with RH8.0 for zorp+tproxy.Are there some guys who are using it on Redhat? Thanks, Nitin --- Balazs Scheidler <bazsi@balabit.hu> wrote:
On Thu, Apr 24, 2003 at 01:29:56AM -0700, nitin panjwani wrote:
Balazas, I got it compiled. seems like I was using broken iptable. One more thing Readme says I will have to install iptable_tproxy.o module. But when I do "insmod iptable_tproxy " I get the output that no module by that name doesn't exist.
While compiling kernel I said yes to all tproxy options, which means they have been compiled with my kernel image not as loadable module. Does it mean I don't have to load iptable_tproxy module or this is created after doing make KERNELDIR=/usr/src/linux I am new to all this please.
yes, your kernel contains the iptable_tproxy module built in, so you don't need to load it explicitly. However Zorp detects whether you have tproxy support by attempting to load a module. This will change in the future, but currently it won't recognize your system as one with tproxy support. (squid might do it differently)
-- Bazsi PGP info: KeyID 9AF8D0A9 Fingerprint CD27 CFB0 802C 0944 9CFD 804E C82C 8EB1
__________________________________________________ Do you Yahoo!? The New Yahoo! Search - Faster. Easier. Bingo http://search.yahoo.com
participants (2)
-
Balazs Scheidler
-
nitin panjwani