-
Iptstate on Knoppix 6.4.4 - not working
Hi Managed to install Iptstate in Debian-Lenny(installed), PuppyLinux(Live CD) and Debian-Squeeze(Live CD) without problem. I am unable to install/use it in Knoppix 6.4.4(Live DVD). The program starts but does not show any connection states. I installed Iptstate in running Live DVD by doing following: 1. sudo su 2. apt-get update 3. apt-get install Iptstate 4. Iptstate Regards. V.Krishn
-
Senior Member
registered user
Late reply. You need to load the conntrack modules prior to using iptstate.
Code:
# modprobe nf_conntrack_ipv4
# modprobe nf_conntrack ipv6
Bottomline there should be a /proc/net/ip_conntrack there. If not, the required kernel modules have not been loaded.
-
![Quote](images/misc/quote_icon.png)
Originally Posted by
kl522
Late reply. You need to load the conntrack modules prior to using iptstate.
Code:
# modprobe nf_conntrack_ipv4
# modprobe nf_conntrack ipv6
Bottomline there should be a /proc/net/ip_conntrack there. If not, the required kernel modules have not been loaded.
Code:
root@Microknoppix:~# ll /proc/net/ip_conntrack
-r--r----- 1 root root 0 Jul 4 05:05 /proc/net/ip_conntrack
Though this method works in Squeeze(Live CD) but I am still not able to make it work in Knoppix-6.4.4(DVD).
-
Senior Member
registered user
![Quote](images/misc/quote_icon.png)
Originally Posted by
vkrishn
Code:
root@Microknoppix:~# ll /proc/net/ip_conntrack
-r--r----- 1 root root 0 Jul 4 05:05 /proc/net/ip_conntrack
Though this method works in Squeeze(Live CD) but I am still not able to make it work in Knoppix-6.4.4(DVD).
There are two possibilities. Either there is something wrong with the version of iptstate loaded, or still there is some other kernel modules not loaded ( load all the netlink and conntrack modules!) . As I don't exactly use Knoppix-6.4.4 and my kernel is custom compiled, I can't have first hand experience on knoppix 6.4.4.
-
Senior Member
registered user
![Quote](images/misc/quote_icon.png)
Originally Posted by
kl522
I can't have first hand experience on knoppix 6.4.4....
I tried it on knoppix 6.4.4 in a virtual machine and found this problem is a lot more interesting than I originally thought. Yes, basically I can confirm that I could repeat the same problem. More specifically, when I do a 'cat /proc/net/ip_conntrack' this is what I get :-
Code:
# cat /proc/net/ip_conntrack
cat /proc/net/ip_conntrack: no more space on device
A check on similar error message on the net revealed this post :-
https://bbs.archlinux.org/viewtopic.php?pid=890384
Basically it says kernel 2.6.37 is broken in nf_conntrack. I don't know whether to believe it or not, it is a very serious claim, or perhaps it is fixed in the subversion 2.6.37.X, but if this is true, it renders Knoppix 6.4.4 hopeless for any serious networking/iptables/conntrack applications.
Last edited by kl522; 07-05-2011 at 02:54 AM.
-
![Quote](images/misc/quote_icon.png)
Originally Posted by
kl522
Basically it says kernel 2.6.37 is broken in nf_conntrack. I don't know whether to believe it or not, it is a very serious claim, or perhaps it is fixed in the subversion 2.6.37.X, but if this is true, it renders Knoppix 6.4.4 hopeless for any serious networking/iptables/conntrack applications.
Well I am able to get realtime event log by doing:
Code:
root@Microknoppix:~# conntrack -E
Not sure, maybe iptstate is incompatible with knoppix 6.4.4.
Would try to run on older knoppix version.
-
Senior Member
registered user
There is indeed a kernel bug for 2.6.37. Read this kernel bug report :-
https://bugzilla.kernel.org/show_bug.cgi?id=28862
I read in some other posts that kernel version 2.6.37.5 has got this fixed - vaguely - as I am not dwelling into the details.
Recompiling the kernel is not everybody's cup of tea. Either use a lower kernel version or a newer one. Perhaps consider using Knoppix 6.4.3 or Knoppix 6.5 if you could find it.
Cheers.
-
Hope 6.5 gets out for downloading sooner.
By the way does 6.5 have a newer kernel or new apps addition and app updates only?
Last edited by vkrishn; 07-07-2011 at 02:40 PM.
Reason: spelling
-
... it seems Knoppix 6.5.1 will have 2.6.39.2
-
Senior Member
registered user
![Quote](images/misc/quote_icon.png)
Originally Posted by
vkrishn
Hope 6.5 gets out for downloading sooner.
It won't happen because 6.5 is packaged with some Linux magazine. But if you look hard enough you might find someone putting it on p2p download.
By the way does 6.5 have a newer kernel or new apps addition and app updates only?
I have never tried it but my guess, it is probably using kernel 2.6.38. Eventually one should know how to compile the his own kernel, then one is not held at the mercy of a particular bug of a kernel version. Recently Klaus K released some debian packages to allow one to (slightly more easily) compile kernel 2.6.39 for Knoppix.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
![Fortinet Fortigate FG-61E Firewall Network Security Appliance ATP Bundle 1 years picture](/store/img/g/nH4AAOSwvpJlnbt9/s-l225/Fortinet-Fortigate-FG-61E-Firewall-Network-Securit.jpg)
Fortinet Fortigate FG-61E Firewall Network Security Appliance ATP Bundle 1 years
$263.99
![Fortinet FortiGate 60F | 10 Gbps Firewall Network Security EXPIRED (FG-60F)- New picture](/store/img/g/raUAAOSwJYhjzwg-/s-l225/Fortinet-FortiGate-60F-10-Gbps-Firewall-Network-Se.jpg)
Fortinet FortiGate 60F | 10 Gbps Firewall Network Security EXPIRED (FG-60F)- New
$226.79
![Cisco ASA5506-K9 ASA 5506-X Network Security Firewall picture](/store/img/g/N60AAOSwDr1mYvWj/s-l225/Cisco-ASA5506-K9-ASA-5506-X-Network-Security-Firew.jpg)
Cisco ASA5506-K9 ASA 5506-X Network Security Firewall
$40.00
![Cisco ASA 5506-X Network Security Firewall w/ AC Adapter picture](/store/img/g/N3IAAOSwrbNmfskh/s-l225/Cisco-ASA-5506-X-Network-Security-Firewall-w-AC-Ad.jpg)
Cisco ASA 5506-X Network Security Firewall w/ AC Adapter
$39.99
![Fortinet Fortigate-61e Security Firewall Appliance No AC Adapter/SSD picture](/store/img/g/gswAAOSwFGxkLCZX/s-l225/Fortinet-Fortigate-61e-Security-Firewall-Appliance.jpg)
Fortinet Fortigate-61e Security Firewall Appliance No AC Adapter/SSD
$44.99
![Fortinet FortiWiFi-60E Network Security Appliance - White picture](/store/img/g/FmsAAOSwLRdmb3a0/s-l225/Fortinet-FortiWiFi-60E-Network-Security-Appliance-.jpg)
Fortinet FortiWiFi-60E Network Security Appliance - White
$38.40
![pfSense Firewall VPN AES-NI Celeron N3350 1.10GHz 6GB RAM 80GB SSD 5x Intel NIC picture](/store/img/g/ObkAAOSwQuhi9bAX/s-l225/pfSense-Firewall-VPN-AES-NI-Celeron-N3350-1-10GHz-.jpg)
pfSense Firewall VPN AES-NI Celeron N3350 1.10GHz 6GB RAM 80GB SSD 5x Intel NIC
$81.00
![Fortinet Fortigate-50E Network Security Firewall Initialized FG-50E w/Adapter JP picture](/store/img/g/t50AAOSwEz9mW0-I/s-l225/Fortinet-Fortigate-50E-Network-Security-Firewall-I.jpg)
Fortinet Fortigate-50E Network Security Firewall Initialized FG-50E w/Adapter JP
$42.00
![Cisco ASA 5516-X Adaptive Security Firewall Appliance Network Device picture](/store/img/g/qmEAAOSwtntmaFTz/s-l225/Cisco-ASA-5516-X-Adaptive-Security-Firewall-Applia.jpg)
Cisco ASA 5516-X Adaptive Security Firewall Appliance Network Device
$249.99
![Palo Alto Networks PA-850 Firewall VPN Gateway w/ Rack Ears and Dual PSU picture](/store/img/g/SoIAAOSwvGRmcg84/s-l225/Palo-Alto-Networks-PA-850-Firewall-VPN-Gateway-w-R.jpg)
Palo Alto Networks PA-850 Firewall VPN Gateway w/ Rack Ears and Dual PSU
$194.99