From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 7F2F0138334 for ; Mon, 12 Nov 2018 10:19:33 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 08A0FE0AF3; Mon, 12 Nov 2018 10:19:27 +0000 (UTC) Received: from gw2.antarean.org (gw2.antarean.org [141.105.125.208]) by pigeon.gentoo.org (Postfix) with ESMTP id 770FBE0AE4 for ; Mon, 12 Nov 2018 10:19:26 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by gw2.antarean.org (Postfix) with ESMTP id C492912421B for ; Mon, 12 Nov 2018 11:20:08 +0100 (CET) X-Virus-Scanned: amavisd-new at antarean.org Received: from gw2.antarean.org ([127.0.0.1]) by localhost (gw2.antarean.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id V1reaY_IuIC5 for ; Mon, 12 Nov 2018 11:20:08 +0100 (CET) Received: from mailstore1.antarean.org (localhost [127.0.0.1]) by gw2.antarean.org (Postfix) with ESMTP id 8837A1240AC for ; Mon, 12 Nov 2018 11:20:08 +0100 (CET) Received: from andromeda.localnet (unknown [10.55.16.200]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mailstore1.antarean.org (Postfix) with ESMTPSA id 828B425 for ; Mon, 12 Nov 2018 11:19:24 +0100 (CET) From: "J. Roeleveld" To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] Shorewall config problem Date: Mon, 12 Nov 2018 11:19:24 +0100 Message-ID: <2427846.qq7pUSgiCD@andromeda> In-Reply-To: <2773204.5xrmTnOrsU@peak> References: <2773204.5xrmTnOrsU@peak> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 Content-Transfer-Encoding: 7Bit Content-Type: text/plain; charset="us-ascii" X-Archives-Salt: acaba8eb-6ec4-4a14-97cf-84ce720304f1 X-Archives-Hash: 0ad60aaf3ca44dd721a86ff72103825e On Monday, November 12, 2018 11:11:52 AM CET Peter Humphrey wrote: > Morning all, > > When emerging shorewall-5.2.1.1 I get an error from the kernel settings > check: > > CONFIG_NF_CONNTRACK_IPV4: is not set when it should be. > > This is with gentoo-sources-4.19.1. And indeed there is no such kernel > parameter: > > $ grep CONFIG_NF_CONNTRACK /usr/src/linux/.config > CONFIG_NF_CONNTRACK=m <<< Note > # CONFIG_NF_CONNTRACK_MARK is not set > CONFIG_NF_CONNTRACK_SECMARK=y > # CONFIG_NF_CONNTRACK_ZONES is not set > CONFIG_NF_CONNTRACK_PROCFS=y > # CONFIG_NF_CONNTRACK_EVENTS is not set > # CONFIG_NF_CONNTRACK_TIMEOUT is not set > # CONFIG_NF_CONNTRACK_TIMESTAMP is not set > # CONFIG_NF_CONNTRACK_LABELS is not set > # CONFIG_NF_CONNTRACK_AMANDA is not set > CONFIG_NF_CONNTRACK_FTP=m > # CONFIG_NF_CONNTRACK_H323 is not set > CONFIG_NF_CONNTRACK_IRC=m > # CONFIG_NF_CONNTRACK_NETBIOS_NS is not set > # CONFIG_NF_CONNTRACK_SNMP is not set > # CONFIG_NF_CONNTRACK_PPTP is not set > # CONFIG_NF_CONNTRACK_SANE is not set > CONFIG_NF_CONNTRACK_SIP=m > # CONFIG_NF_CONNTRACK_TFTP is not set > > On another box with gentoo sources 4.14.78 I get this: > > $ grep CONFIG_NF_CONNTRACK_IP /usr/src/linux/.config > CONFIG_NF_CONNTRACK_IPV4=y > CONFIG_NF_CONNTRACK_IPV6=y > > So far I've been ignoring the error, assuming that the entry I've noted > above now combines IPV4 and IPV6. > > Does the panel think this is worth a bug report against shorewall? Does it show up when you search for that config-item from within "make menuconfig"? Not all config-items end up in the config-file, especially if pre-requisites are disabled themselves. -- Joost