Kernel module - Networking

This is a discussion on Kernel module - Networking ; Hello there, could anyone tell me which (exactly by name or by .config option) kernel module is responsible for this entry in proc: /proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_timeout_established?? Kernel 2.4.18 (on MIPS -> RTL8186). I don't have this entry (whole netfilter directory) on my ...

+ Reply to Thread
Results 1 to 10 of 10

Thread: Kernel module

  1. Kernel module

    Hello there,

    could anyone tell me which (exactly by name or by .config option) kernel
    module is responsible for this entry in proc:

    /proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_timeout_established??

    Kernel 2.4.18 (on MIPS -> RTL8186).

    I don't have this entry (whole netfilter directory) on my router in
    "DIY" firmware. It exists on factory firmware and on my desktop.
    I'm thinking i have included netfilter modules.

    W.P.

  2. Re: Kernel module

    Am Thu, 29 Mar 2007 12:23:16 +0200 schrieb W.P.:

    > Hello there,
    >
    > could anyone tell me which (exactly by name or by .config option) kernel
    > module is responsible for this entry in proc:
    >
    > /proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_timeout_established??
    >
    > Kernel 2.4.18 (on MIPS -> RTL8186).
    >
    > I don't have this entry (whole netfilter directory) on my router in
    > "DIY" firmware. It exists on factory firmware and on my desktop.
    > I'm thinking i have included netfilter modules.
    >
    > W.P.


    CONFIG_NF_CONNTRACK_ENABLED=y

    --
    Burkhard Ott
    E-Mail burkhard.ott@evolver.de
    Web www.evolver.de

  3. Re: Kernel module

    W.P. wrote:

    > U?ytkownik Burkhard Ott napisa?:
    >> Am Thu, 29 Mar 2007 12:23:16 +0200 schrieb W.P.:
    >>
    >>
    >>>Hello there,
    >>>
    >>>could anyone tell me which (exactly by name or by .config option) kernel
    >>>module is responsible for this entry in proc:
    >>>
    >>>/proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_timeout_established??
    >>>
    >>>Kernel 2.4.18 (on MIPS -> RTL8186).
    >>>
    >>>I don't have this entry (whole netfilter directory) on my router in
    >>>"DIY" firmware. It exists on factory firmware and on my desktop.
    >>>I'm thinking i have included netfilter modules.
    >>>
    >>>W.P.

    >>
    >>
    >> CONFIG_NF_CONNTRACK_ENABLED=y
    >>

    > But it IS set to Y.
    > I attach .config
    >
    > So what is wrong?
    >
    > W.P.


    The proc entry is created in a file called ip_conntrack_standalone.c

    I'm not sure I understand the Makefile fully, but it looks like
    this file may be only included if you compile contrack as a module.

    Try compiling it as a module. The proc entry should appear after
    the module is loaded.

    Kind regards,

    Iwo


  4. Re: Kernel module

    Am Thu, 29 Mar 2007 12:56:39 +0200 schrieb W.P.:



    >> CONFIG_NF_CONNTRACK_ENABLED=y
    >>

    > But it IS set to Y.
    > I attach .config
    >
    > So what is wrong?
    >


    Ok, I used a 2.6.config file in 2.4 it should be the option below but you
    will also loose some NAT functionality :-).
    Why do you want to remove this option?


    > CONFIG_IP_NF_CONNTRACK=n


    --
    E-Mail burkhard.ott@evolver.de
    Web www.evolver.de



  5. Re: Kernel module

    Hello,

    W.P. a écrit :
    >
    > could anyone tell me which (exactly by name or by .config option) kernel
    > module is responsible for this entry in proc:
    >
    > /proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_timeout_established??
    >
    > Kernel 2.4.18 (on MIPS -> RTL8186).


    The /proc/sys/net/ipv4/netfilter/ip_conntrack_*_timeout* sysctls are not
    present in the vanilla 2.4.18 kernel. They were added in version 2.4.23.

    They depend on the CONFIG_IP_NF_CONNTRACK option. Since 2.6.20 kernels,
    they are also available with the CONFIG_NF_CONNTRACK_PROC_COMPAT option
    when layer 3 independent connection tracking (CONFIG_NF_CONNTRACK) is
    selected instead of IP connection tracking (CONFIG_IP_NF_CONNTRACK).

  6. Re: Kernel module

    W.P. a écrit :
    >
    > could anyone tell me which (exactly by name or by .config option) kernel
    > module is responsible for this entry in proc:
    >
    > /proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_timeout_established??


    In addition : the module name (when built as module) is ip_conntrack or
    nf_conntrack.

  7. Re: Kernel module

    Użytkownik Pascal Hambourg napisał:
    > Hello,
    >
    > W.P. a écrit :
    >
    >>
    >> could anyone tell me which (exactly by name or by .config option) kernel
    >> module is responsible for this entry in proc:
    >>
    >> /proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_timeout_established??
    >>
    >> Kernel 2.4.18 (on MIPS -> RTL8186).

    >
    >
    > The /proc/sys/net/ipv4/netfilter/ip_conntrack_*_timeout* sysctls are not
    > present in the vanilla 2.4.18 kernel. They were added in version 2.4.23.
    >
    > They depend on the CONFIG_IP_NF_CONNTRACK option. Since 2.6.20 kernels,
    > they are also available with the CONFIG_NF_CONNTRACK_PROC_COMPAT option
    > when layer 3 independent connection tracking (CONFIG_NF_CONNTRACK) is
    > selected instead of IP connection tracking (CONFIG_IP_NF_CONNTRACK).


    Great thaks for this answer.

    So what is solution? Taking 2.4.23 sources (in ipv4/netfilter part) and
    put it in 2.4.18 tree?? Will it work? Or simply remove entry in startup
    files that attempts to set this sysctl?

    Other problem, but looks similar.
    There are 2 more entries -> fast_pptp, fast_l2tp. I think, they are
    related to closed source modules from RealTek (not published by Edimax,
    opposite to fast_nat module). How do you think, not having those will
    lead only to performance degradation, or anything else?. And how to
    check this??

    W.P.

  8. Re: Kernel module

    W.P. a écrit :
    >
    >>The /proc/sys/net/ipv4/netfilter/ip_conntrack_*_timeout* sysctls are not
    >>present in the vanilla 2.4.18 kernel. They were added in version 2.4.23.

    >
    > So what is solution? Taking 2.4.23 sources (in ipv4/netfilter part) and
    > put it in 2.4.18 tree?? Will it work?


    You can try, but I strongly doubt it. I suggest that you use a more
    recent kernel, because the 2.4.18 kernel is *very* old (thus very broken).
    Or you can try to apply the patches from the latest (but obsolete)
    patch-o-matic tarball (patch-o-matic-20031219.tar.bz2) which can be
    found in . I think you need
    to apply submitted/01_2.4.19.patch up to submitted/05_2.4.23.patch to
    your 2.4.18 tree. The last one provides the conntrack timeout sysctls.

    > Other problem, but looks similar.
    > There are 2 more entries -> fast_pptp, fast_l2tp. [...]


    Sorry, I do not know anything about this.

  9. Re: Kernel module



    > Or you can try to apply the patches from the latest (but obsolete)
    > patch-o-matic tarball (patch-o-matic-20031219.tar.bz2) which can be
    > found in . I think you need
    > to apply submitted/01_2.4.19.patch up to submitted/05_2.4.23.patch to
    > your 2.4.18 tree. The last one provides the conntrack timeout sysctls.



    Thanks, have downloaded those. But excuse me for a stupid question: how
    do I apply? I have copied *.patch file to kernel source directory but
    patch -i ./xxx.patch complains about missing file (at very beginning,
    line 4). File it complains about is present. Could you point me how
    should it be done? (I have never patched any program).

    W.P.

  10. Re: Kernel module

    W.P. a écrit :
    >
    > Thanks, have downloaded those. But excuse me for a stupid question: how
    > do I apply? I have copied *.patch file to kernel source directory but
    > patch -i ./xxx.patch complains about missing file (at very beginning,
    > line 4). File it complains about is present. Could you point me how
    > should it be done? (I have never patched any program).


    Usually you need to add the option -p1 when patching at the base source
    directory.

+ Reply to Thread