The trick is in the kernel build. When you do a make menuconfig (or your
favorite config), you neet to go under network options, and enable
network packet filtering, socket filtering, and and any options you want
under Netfilter Configuration (iptables support for example). Then save
and rebuild your kernel. I use this at home, and it works like a charm.
Hope this is helpful,
David Sayre
David Ramsden wrote:
Hi,
I'm building a 'secure' server.
I downloaded the 2.4.20 kernel source from kernel.org and patched with
grsecurity (latest patch).
I also disabled loadable modules or any module support in the kernel for
added security - So everything is compiled in to the kernel.
However, iptables won't work, saying it can't initialise iptables table
'filter' and saying "do you need to insmod?".
So does iptables require module support? I don't want to use modules
though! :-)
Surely the Netfilter people would have thought of this?
I can't find an option to allow ipchains compatibility either - Does
this no longer exist?
So any workarounds, fixes etc. etc. would be most welcome.
Thanks and regards,
David.
