Mailing List Archive
tlug.jp
Mailing List
tlug archive
tlug Mailing List Archive
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [tlug] Is having no "iptables" bad?
- Date: Tue, 1 Aug 2006 16:30:58 +0900
- From: Al Hoang <hoanga@example.com>
- Subject: Re: [tlug] Is having no "iptables" bad?
- References: <44CEC200.7050501@example.com> <20060801085730.0dd1cbee@example.com>
- User-agent: Mutt/1.5.12-2006-07-14
On Tue, Aug 01, 2006 at 08:57:30AM +0200, Botond Botyanszki wrote: > On Tue, 01 Aug 2006 11:52:48 +0900 > Dave M G <martin@example.com> wrote: > > > Your kernel does not support iptables. > Did you copy the .config file from ubuntu's kernel source when you > compiled your new kernel or just used the defaults? Just for note. If he's going from a 2.6.15.x configuration to 2.6.16+ configuration, some of the kernel configuration parameters were changed internally so even if you moved your 2.6.15.x configuration to 2.6.16+ there's a very good chance all those settings will be lost EVEN if he copies the .config file from an 2.6.15.x kernel version to a 2.6.16+ kernel config. I suggest running 'make menuconfig' or whatever tool you like and make sure to enable iptables support in the kernel explicitly. I got bitten by this on a machine I that I had to move a kernel revision forward in order to support some funky hardware on it. Needless, to say I wasn't happy about this at all. I've not had troubles with migrating the .config from 2.6.16 to higher kernel versions but since that debacle I explicitly go through all the configuration options to make sure all things I want are enabled. In general, compiling a kernel isn't that big a problem once you understand the process. The bigger deal is trying to keep track of the gazillion parameters that you want enabled to have working features. I used to subscribe to the theory of compile only what you need but I've found this kills you when you move your system to different hardware. I'd much rather waste a few extra megabytes and CPU compile cycles to keep around 'unnecessary' modules in the event you need to migrate to different hardware. The only time I'd reconsider is when performance is becoming a real issue to look at the kernel OR I can specify the exact system environment this configured kernel will live in (ex. Computing cluster). For desktop purposese, I'm pretty convinced that you'll spend a lot more time playing kernel module hell if something breaks and you need to switch some hardware out to troubleshoot if you follow the 'compile only what I need' philosophy. Alain
- References:
- [tlug] Is having no "iptables" bad?
- From: Dave M G
- Re: [tlug] Is having no "iptables" bad?
- From: Botond Botyanszki
- [tlug] Is having no "iptables" bad?
- Prev by Date: Re: [tlug] Do I have to rebuild my kernel again? [SOLVED]
- Next by Date: Re: [tlug] Is having no "iptables" bad?
- Previous by thread: Re: [tlug] Is having no "iptables" bad?
- Next by thread: [tlug] iPod considered harmful
- Index(es):
| Home Page | Mailing List | Linux and Japan | TLUG Members | Links |