From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id C1EC9138334 for ; Mon, 12 Nov 2018 10:12:02 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id D8CE1E0ADF; Mon, 12 Nov 2018 10:11:55 +0000 (UTC) Received: from smarthost01a.mail.zen.net.uk (smarthost01a.mail.zen.net.uk [212.23.1.1]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 58426E0AAC for ; Mon, 12 Nov 2018 10:11:55 +0000 (UTC) Received: from [82.69.80.10] (helo=peak.localnet) by smarthost01a.mail.zen.net.uk with esmtpsa (TLS1.2:DHE_RSA_AES_256_CBC_SHA256:256) (Exim 4.80) (envelope-from ) id 1gM9CD-0001Ck-HU for gentoo-user@lists.gentoo.org; Mon, 12 Nov 2018 10:11:53 +0000 From: Peter Humphrey To: gentoo-user@lists.gentoo.org Subject: [gentoo-user] Shorewall config problem Date: Mon, 12 Nov 2018 10:11:52 +0000 Message-ID: <2773204.5xrmTnOrsU@peak> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 Content-Transfer-Encoding: 7Bit Content-Type: text/plain; charset="us-ascii" X-Originating-smarthost01a-IP: [82.69.80.10] Feedback-ID: 82.69.80.10 X-Archives-Salt: dc4f674c-6b72-4835-b53b-0d8e9592174e X-Archives-Hash: 3818672fee2dcdc0b6d4ceb78d21a878 Morning all, When emerging shorewall-5.2.1.1 I get an error from the kernel settings check: CONFIG_NF_CONNTRACK_IPV4: is not set when it should be. This is with gentoo-sources-4.19.1. And indeed there is no such kernel parameter: $ grep CONFIG_NF_CONNTRACK /usr/src/linux/.config CONFIG_NF_CONNTRACK=m <<< Note # CONFIG_NF_CONNTRACK_MARK is not set CONFIG_NF_CONNTRACK_SECMARK=y # CONFIG_NF_CONNTRACK_ZONES is not set CONFIG_NF_CONNTRACK_PROCFS=y # CONFIG_NF_CONNTRACK_EVENTS is not set # CONFIG_NF_CONNTRACK_TIMEOUT is not set # CONFIG_NF_CONNTRACK_TIMESTAMP is not set # CONFIG_NF_CONNTRACK_LABELS is not set # CONFIG_NF_CONNTRACK_AMANDA is not set CONFIG_NF_CONNTRACK_FTP=m # CONFIG_NF_CONNTRACK_H323 is not set CONFIG_NF_CONNTRACK_IRC=m # CONFIG_NF_CONNTRACK_NETBIOS_NS is not set # CONFIG_NF_CONNTRACK_SNMP is not set # CONFIG_NF_CONNTRACK_PPTP is not set # CONFIG_NF_CONNTRACK_SANE is not set CONFIG_NF_CONNTRACK_SIP=m # CONFIG_NF_CONNTRACK_TFTP is not set On another box with gentoo sources 4.14.78 I get this: $ grep CONFIG_NF_CONNTRACK_IP /usr/src/linux/.config CONFIG_NF_CONNTRACK_IPV4=y CONFIG_NF_CONNTRACK_IPV6=y So far I've been ignoring the error, assuming that the entry I've noted above now combines IPV4 and IPV6. Does the panel think this is worth a bug report against shorewall? -- Regards, Peter.