Jaroslav Vrbicky
2007-07-04 21:16:43 UTC
Hi list,
i'd like to ask, if there's anyone using layer7 (iptables module)
filtering with sucsess on recent Trustix 3.0.5 version (swup to date) ?
Yesterday i tried to use some iptables rules with -m layer7 option, but it
alwayed failed like this:
***@server2 /# iptables -A FORWARD -m layer7 --l7proto bittorrent -j ACCEPT
iptables: Invalid argument
Then i searched the google a bit and found out, that there is a problem
with this iptables module and kernel 2.6.19.x, but no info found whether
it's already fixed in the next - either iptables or kernel version... Only
confirmation, that it worked OK with kernels up to 2.6.18.x
Few info about the system i run:
***@server2 /# uname -r
2.6.19.7-1trsmp
***@server2 /# rpm -qa |egrep "iptables|l7"
l7-protocols-2006.06.03-2tr
iptables-1.3.7-2tr
iptables-devel-1.3.7-2tr
***@server2 /# lsmod |grep layer7
ipt_layer7 11524 0
Did iptables layer7 module ever work for anyone running TSL 3.0.5 with
kernel 2.6.19.x ?
I've already filled a bug report that new iptables package is available,
but i think we are a bit behind with the kernel package... The latest
stable kernel on www.kernel.org is 2.6.21.5. Is there any important reason
for not upgrading the kernel package(s) ?
Comments are wellcome ;-)
Many thanks in advance.
i'd like to ask, if there's anyone using layer7 (iptables module)
filtering with sucsess on recent Trustix 3.0.5 version (swup to date) ?
Yesterday i tried to use some iptables rules with -m layer7 option, but it
alwayed failed like this:
***@server2 /# iptables -A FORWARD -m layer7 --l7proto bittorrent -j ACCEPT
iptables: Invalid argument
Then i searched the google a bit and found out, that there is a problem
with this iptables module and kernel 2.6.19.x, but no info found whether
it's already fixed in the next - either iptables or kernel version... Only
confirmation, that it worked OK with kernels up to 2.6.18.x
Few info about the system i run:
***@server2 /# uname -r
2.6.19.7-1trsmp
***@server2 /# rpm -qa |egrep "iptables|l7"
l7-protocols-2006.06.03-2tr
iptables-1.3.7-2tr
iptables-devel-1.3.7-2tr
***@server2 /# lsmod |grep layer7
ipt_layer7 11524 0
Did iptables layer7 module ever work for anyone running TSL 3.0.5 with
kernel 2.6.19.x ?
I've already filled a bug report that new iptables package is available,
but i think we are a bit behind with the kernel package... The latest
stable kernel on www.kernel.org is 2.6.21.5. Is there any important reason
for not upgrading the kernel package(s) ?
Comments are wellcome ;-)
Many thanks in advance.
--
Jaroslav Vrbicky
Jaroslav Vrbicky