Antonio, You are missing the flag to turn on proto_gre. That's why it's not available to you. --- kernel-2.6.9-i686.config.orig 2005-01-05 16:17:41.000000000 -0800 +++ kernel-2.6.9-i686.config 2005-02-22 11:58:30.000000000 -0800 @@ -640,6 +640,14 @@ CONFIG_IP_NF_CT_PROTO_SCTP=m # CONFIG_IP_NF_COMPAT_IPCHAINS is not set # CONFIG_IP_NF_COMPAT_IPFWADM is not set +CONFIG_IP_NF_MATCH_CONNLIMIT=m +CONFIG_IP_NF_TARGET_TARPIT=m +CONFIG_IP_NF_NAT_H323=m +CONFIG_IP_NF_H323=m +CONFIG_IP_NF_CT_PROTO_GRE=m +CONFIG_IP_NF_PPTP=m +CONFIG_IP_NF_NAT_PPTP=m +CONFIG_IP_NF_NAT_PROTO_GRE=m # # IPv6: Netfilter Configuration @@ -947,7 +955,8 @@ CONFIG_PPP_SYNC_TTY=m CONFIG_PPP_DEFLATE=m CONFIG_IPPP_FILTER=y -# CONFIG_PPP_BSDCOMP is not set +CONFIG_PPP_BSDCOMP=m +CONFIG_PPP_MPPE=m CONFIG_PPPOE=m # CONFIG_SLIP is not set > -----Original Message----- > From: netfilter-devel-bounces@xxxxxxxxxxxxxxxxxxx [mailto:netfilter-devel- > bounces@xxxxxxxxxxxxxxxxxxx] On Behalf Of Antonio > Sent: Friday, October 14, 2005 2:24 PM > To: Harald Welte > Cc: Netfilter Development Mailinglist; Netfilter Mailinglist > Subject: Re: pptp-conntrack-nat & kernel 2.6.11 > > On 10/13/05, Antonio <anton.ananich@xxxxxxxxx> wrote: > > Dear Harald! > > > > On 10/12/05, Harald Welte <laforge@xxxxxxxxxxxxx> wrote: > > > if you compile a kernel with static support for pptpconntrack+nat, you > > > will see neither of the two in "lsmod". Can you please send me > > > (privately) your kernel .config file that was used for the "statically > > > linked" kernel, and (if possible) also the kernel binary itself? > > > > To reproduce my kernel configuration you need: > > 1) kernel 2.6.14-rc3 > > 2) patch for mppe&mppc support (in attachment) > > 3) .config.old (also in attachment) > > > > file .config contains config which works fine > > > > -- > > Best Regards, > > Antonio > > > > I'm still trying to make NAT work. Now I'm using kernel 2.6.14-rc3. > And I whant to say that it almost working! :) My Linux box connects to > Internet through router. But everyone else (who uses Windows) have not > this happy possibility... > > I think that reason is There is no modules ip_conntrack_proto_gre and > ip_nat_proto_gre anywhere :( When I was using kernel 2.4 there was > not such troubles with PPTP and NAT integration... > > How can I enable connaction tracking & nat for the gre protocol? Is it > neccessary? Is it a reason of gre packets loss? > > Additional information: > > servak linux # cat .config | grep GRE > CONFIG_NET_IPGRE=y > # CONFIG_NET_SCH_GRED is not set > CONFIG_NET_SCH_INGRESS=y > servak linux # cat .config | grep PPTP > CONFIG_IP_NF_PPTP=m > CONFIG_IP_NF_NAT_PPTP=m > servak linux # cat .config | grep NAT > CONFIG_IP_NF_NAT=m > CONFIG_IP_NF_NAT_NEEDED=y > # CONFIG_IP_NF_NAT_SNMP_BASIC is not set > CONFIG_IP_NF_NAT_IRC=m > CONFIG_IP_NF_NAT_FTP=m > CONFIG_IP_NF_NAT_PPTP=m > # CONFIG_NATSEMI is not set > > I'm using the only one rule > $IPTABLES -t nat -A POSTROUTING -o eth1 -j MASQUERADE > > I hope it will be helpful to take a look at ethereal output from attach. > > -- > Best Regards, > Antonio
