From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 39AA6138334 for ; Wed, 14 Nov 2018 15:33:35 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 4B294E0CB7; Wed, 14 Nov 2018 15:33:25 +0000 (UTC) Received: from smarthost01c.mail.zen.net.uk (smarthost01c.mail.zen.net.uk [212.23.1.5]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id D1AAAE0C4D for ; Wed, 14 Nov 2018 15:33:24 +0000 (UTC) Received: from [82.69.80.10] (helo=peak.localnet) by smarthost01c.mail.zen.net.uk with esmtpsa (TLS1.2:DHE_RSA_AES_256_CBC_SHA256:256) (Exim 4.80) (envelope-from ) id 1gMxAQ-00054q-Qq for gentoo-user@lists.gentoo.org; Wed, 14 Nov 2018 15:33:22 +0000 From: Peter Humphrey To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] Shorewall config problem Date: Wed, 14 Nov 2018 15:33:22 +0000 Message-ID: <2963399.lMMIf6ZOui@peak> In-Reply-To: References: <2773204.5xrmTnOrsU@peak> <9528270e-79bf-c9b0-7c04-18b07ed9f035@iinet.net.au> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 Content-Transfer-Encoding: 7Bit Content-Type: text/plain; charset="us-ascii" X-Originating-smarthost01c-IP: [82.69.80.10] Feedback-ID: 82.69.80.10 X-Archives-Salt: 34a1c724-a729-43ff-82df-76dc9318a13e X-Archives-Hash: 0b9757f3e63e2d35e2744dd0863bfa5e On Tuesday, 13 November 2018 08:06:03 GMT Adam Carter wrote: > My .config hasnt changed, other than from setting the new options via make > oldconfig; > > /usr/src/configs # grep CONFIG_NF_CONNTRACK_IP config-2018-10-29 > config-2018-11-13 > config-2018-10-29:CONFIG_NF_CONNTRACK_IPV4=y > config-2018-10-29:CONFIG_NF_CONNTRACK_IPV6=y > > /usr/src/configs # head -n3 config-2018-10-29 config-2018-11-13 > ==> config-2018-10-29 <== > # > # Automatically generated file; DO NOT EDIT. > # Linux/x86 4.18.16-gentoo Kernel Configuration > > ==> config-2018-11-13 <== > # > # Automatically generated file; DO NOT EDIT. > # Linux/x86 4.19.0-gentoo Kernel Configuration > /usr/src/configs # That is odd. I tried inserting the IPV[4,6] .config entries by hand, but oldconfig removed them again. The help text in kernel 4.14.78 says: Defined at net/ipv4/netfilter/Kconfig:12 Depends on: NET [=y] && INET [=y] && NETFILTER [=y] && NF_CONNTRACK [=y] Selects: NF_DEFRAG_IPV4 [=y] None of those dependencies look likely to hide the IPV[4,6] options. I also tried copying in the old config file from 4.14.78 and running it through oldconfig again, this time including all the new netfilter options. Again there was no sign of the IPV[4,6] options. -- Regards, Peter.