On Thu, Sep 07, 2006 at 11:12:09PM +0100, Mick wrote
> On Thursday 07 September 2006 22:26, Walter Dnes wrote:

> >   I'm on baselayout-1.12.4-r7, and I invoke ppp for dialup with
> > pon/poff.  I use pppconfig for setup.  Is it safe for me to delete
> > the files?
> 
> It is safer to mv them to a different name/place.  Mine worked fine
> after I renamed them and completed the emerge.

  Dohhhh.  I feel stupid for missing the obvious solution.  Dialup works
OK without those files.  I checked.  At least I managed to figure out
the iptables problem.  A year ago, I included just about everything in
iptables via "make menuconfig".  This has been inherited by subsequent
kernels via "make oldconfig".  When that blew up on me Wednesday, I had
to *MANUALLY* re-enter everything into "make menuconfig".  There was a
bunch of new stuff, so I read the "Help" for items I wasn't sure about.

  In that process, I decided I don't need raw or mangle support.  I'm
not doing any NAT stuff; my Netgear router/modem handles that.  So this
time around, I did not include raw or mangle.  However, I left in the
references in /var/lib/iptables/rules-save, which started like so...

# Generated by iptables-save v1.3.5 on Wed Sep  6 18:41:29 2006
*raw
:PREROUTING ACCEPT [8675812:8112852860]
:OUTPUT ACCEPT [7421674:1137157572]
COMMIT
# Completed on Wed Sep  6 18:41:29 2006
# Generated by iptables-save v1.3.5 on Wed Sep  6 18:41:29 2006
*mangle
:PREROUTING ACCEPT [75679798:80347321466]
:INPUT ACCEPT [75679763:80347310753]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [60668907:37528863764]
:POSTROUTING ACCEPT [60668897:37528208414]
COMMIT
# Completed on Wed Sep  6 18:41:29 2006
# Generated by iptables-save v1.3.5 on Wed Sep  6 18:41:29 2006
*filter
...

  I simply deleted every line before "*filter" and iptables now works
OK.  It doesn't attempt to use raw or mangle, which I haven't built.

-- 
Walter Dnes <[EMAIL PROTECTED]> In linux /sbin/init is Job #1
My musings on technology and security at http://tech_sec.blog.ca
-- 
gentoo-user@gentoo.org mailing list

Reply via email to