• Home
  • Help
  • Search
  • Login
  • Register
  Show Posts
Pages: [1]
1  Linux Stuff / Kernel / Re: Netfilter Issues Getting xt_state.ko (2.6.30rc1-rc3) on: April 27, 2009, 02:56:14 PM
grep for NETFILTER_XT_MATCH_STATE on the kernel Kconfig files (probably the one under "net/") and check on what is it depended on and follow it...
Ah, looks like it required NET && INET && NETFILTER && NETFILTER_XTABLES && NF_CONNTRACK and I was missing NF_CONNTRACK.  This is what happens when you get used to using someone else's kernel config.

2  Linux Stuff / Kernel / Netfilter Issues Getting xt_state.ko (2.6.30rc1-rc3) on: April 24, 2009, 06:13:52 PM
I'm attempting to recompile the kernel to enable full IP Tables for Shorewall.

The shipping kernel didn't have any netfilter support; so I grabbed 2.6.30rc1 source and turned all the netfilter stuff on as modules.  The new kernel worked great; I moved over the new kernel modules I compiled and they'd load but Shorewall still failed to start.  Some tracking down led me to ensure I had xt_state.ko; and I didn't.  It doesn't appear to exist in any of the 2.6.30rc1-rc3 versions when basing off the kirkwood_defconfig:

Now, if I use the config of the kernel of my host machine (the one Ubuntu kindly puts in /boot) the netfilter options include state:

I tried manually adding the 'CONFIG_NETFILTER_XT_MATCH_STATE=m' line to my .config between 'CONFIG_NETFILTER_XT_MATCH_SCTP=m' and 'CONFIG_NETFILTER_XT_MATCH_STATISTIC=m' (which is where it appears it *should* be), but 'make -j2 ARCH=arm CROSS_COMPILE=/plug/arm-2008q3/bin/arm-none-eabi- uImage' decides the .config is broken (and restarts configuration).

I'm not especially experienced with cross-compiling Linux kernels so perhaps there is a trick I'm missing.  Or perhaps ARM just doesn't support this particular module, though I can't think of a good reason why that might be the case.  I'd appreciate any input folks may have on the topic.
Pages: [1]