Dear List, I am running Debian unstable. My current kernel is 2.6.12 and it is my own custom build. Following the recent security advisories, last night I decided to upgrade my kernel. I downloaded the Debian source for 2.6.17 and did my build as usual with the following commands:
# make-kpkg clean # make-kpkg --append-to-version -update17072006 --config oldconfig kernel_image I installed my new kernel just as usual, rebooted and to my surprise during the boot I received a long list of the following errors: iptables v1.2.11: can't initialize iptables table `filter': iptables who? (do you need to insmod?) Perhaps iptables or your kernel needs to be upgraded. I felt like in a nightmare, because I highly depend on my iptables for my environment .This is a home machine and my connection is not NAT-ed by the ISP, so I am exposed to the world. The first thing I did was to update iptables. Nothing changed. I checked the kernel config again: # make menuconfig I found out that most of the netfilter options are gone and that there are a couple of new options which I had already changed during the oldconfig: CONFIG_NETFILTER=y # CONFIG_NETFILTER_DEBUG is not set CONFIG_BRIDGE_NETFILTER=y # CONFIG_NETFILTER_NETLINK is not set CONFIG_NETFILTER_XTABLES=y CONFIG_NETFILTER_XT_TARGET_CLASSIFY=y CONFIG_NETFILTER_XT_TARGET_MARK=y CONFIG_NETFILTER_XT_TARGET_NFQUEUE=y CONFIG_NETFILTER_XT_MATCH_COMMENT=y CONFIG_NETFILTER_XT_MATCH_CONNMARK=y CONFIG_NETFILTER_XT_MATCH_CONNTRACK=y CONFIG_NETFILTER_XT_MATCH_DCCP=y CONFIG_NETFILTER_XT_MATCH_ESP=y CONFIG_NETFILTER_XT_MATCH_HELPER=y CONFIG_NETFILTER_XT_MATCH_LENGTH=y CONFIG_NETFILTER_XT_MATCH_LIMIT=y CONFIG_NETFILTER_XT_MATCH_MAC=y CONFIG_NETFILTER_XT_MATCH_MARK=y CONFIG_NETFILTER_XT_MATCH_POLICY=y CONFIG_NETFILTER_XT_MATCH_MULTIPORT=y CONFIG_NETFILTER_XT_MATCH_PHYSDEV=y CONFIG_NETFILTER_XT_MATCH_PKTTYPE=y CONFIG_NETFILTER_XT_MATCH_REALM=y CONFIG_NETFILTER_XT_MATCH_SCTP=y CONFIG_NETFILTER_XT_MATCH_STATE=y CONFIG_NETFILTER_XT_MATCH_STRING=y CONFIG_NETFILTER_XT_MATCH_TCPMSS=y CONFIG_BRIDGE_EBT_T_FILTER=y CONFIG_PPP_FILTER=y And that was all. Nothing else from the usual Netfilter options that I used to configure previously. I started googling and only found out that there was a re-design of the Netfilter code in the kernel for 2.6.16 and that if I had all of the above options enabled, everything would be OK again. Not for me, though. What else am I missing and how can I get through that and my iptables up again? Your help will be highly appreciated, for at the moment I am desperate and very disappointed. Best regards Chavdar Videff -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
