Hi, Hi, I do not understant why you are using kernel+iptables ....etc... You should include support for iptables in kernel there is I think in networking options. After kernel compilation ( with iptables support ) you will have iptables packet included and be able to make iptables rules. patch-o-matic is neccessary when you want to add some features into iptables that is not yet included in kernel version and then you patch kernel ( adding that feature to iptables ). For example, for L-7 filtering you will need ( AFAIK ) to patch kernel to add that feature. Google for " patching kernel " and you will find a lot of links with detailed informations. In following link is example how is patched kernel to add geiop feature to iptables http://www.debian-administration.org/articles/518 With regards Elvir Kuric PS: Sorry, I forgot to " reply to all " in prior mail :) On 8/8/07, Hrad Miroslav <m.hrad@xxxxxxx> wrote: > Hi > I would like to have one questionregarding to the compilation of the > linux-kernel (2.6) and iptables. > > I need to run a firewall within the linux box, which could support at > least ipp2p filtering, l7-layer filtering, connlimit, quota, tarpit, > ip_mark. > > I would like to know which version of the kernel, iptables, > patch-o-magic and other patchs to use to make compilation of the kernel > and iptables without any errors. > > I have aleady tried to use kernels and iptables of many versions but the > compilation of kernel was broken with some errors. > > For instance I used this packages: > linux-2.6.16.27.tar.bz2 > iptables-1.3.5.tar.bz2 > patch-o-matic-ng-20060626.tar.bz2 > patch-o-matic-ng-20060511.tar.bz2 > > linux-2.6.16-imq2.diff > iptables-1.3.0-imq1.diff > esfq-2.6.15.1.tar.gz > > netfilter-layer7-v2.2.tar.gz > l7-protocols-2006-05-21.tar.gz > > - but without success. (there was incompatibily pointer with connlimit > and tarpit) > > > Please, can you tell me which version can I use for proper kernel > compilation ? > > Thanks > > Regards > > Miroslav > >
