On Thu, 24 Oct 2002, Antony Stone wrote: > On Thursday 24 October 2002 7:44 pm, Robert P. J. Day wrote: > > > in looking through the system script for iptables under red hat 8.0, > > i notice the occasional reference to the file > > /proc/net/ip_tables_names, which contains, one per line, the names > > of one of more of the possible netfilter tables (filter, nat > > and/or mangle). > > > > what does it mean for a table to have its name in this file? > > It means that this particular netfilter system supports rules in those tables. > > If you compile netfilter without mangle table support and then try to add > rules to the mangle table, you will get errors. > > By reading this file you can find out which tables are supported on a given > machine. not quite. as i see it, that a table name is in that file means nothing more than that it's currently being *required* by your rule set. in my case, when i looked, all that was in there was "filter". but i did a quick modprobe and added the module for nat, and suddenly nat was in that file as well. so, if all your table support is modular, it looks like that file will represent just those modules that had to be loaded for your rule set. if you're not mangling, it won't show mangle since that module never needed to be loaded. what i *don't* know is what that file will show if your table support is compiled directly into the kernel. and that's what i'm asking here. anyone know? rday
