Martin a écrit :
On ip_conntrack modules, I use to load some modules that open a second port (ftp, quake3, and so) and make it able to mark packets as related.
Conntrack modules do not open any port, they just mark packets as RELATED. The actual filtering job is done by iptables rules.
Those modules were ip_conntrack_ftp, ip_conntrack_quake3 and ip_conntrack_amanda. So, now netfilter packages and modules are in mainstream, some names and modules have changed, and I'm searching for the replace of those modules under the new nomenclature (nf_conntrack).
ip_conntrack_* helper modules have been replaced by nf_conntrack_* when available and moved from net/ipv4/netfilter to net/netfilter.
My problem comes as there are not a nf_conntrack_(ftp/quake3/amanda), but there are nf_nat_(ftp/amanda).ko files, and wonder to know if those file are the replace of the old ip_conntrack, or if I must install some kind of patches or something else.
If you have some NAT helper modules, then you should have the corresponding conntrack helpers as NAT depends on conntrack, unless you messed with your .config file. Maybe you have the conntrack helpers built-in instead of built as modules. Check in your .config or /proc/config.gz if available.
AFAIK quake3 conntrack support was never included in mainstream, it was only in patch-o-matic for ip_conntrack. I don't know if it has been converted to nf_conntrack.
-- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
