Question on insmod module being dropped.

Alexander Dalloz alexander.dalloz at uni-bielefeld.de
Thu May 6 17:58:56 UTC 2004 

Am Do, den 06.05.2004 schrieb Michael D. Setzer II um 18:30:

> I've run into a problem with the ip_conntract_ftp and ip_nat_ftp 
> modules being dropped. I've got a script that adds this called from 
> rc.local, and it works fine, but the later the modules disappear. 
> 
> The script has the following lines and works fine.
> insmod ip_conntrack_ftp
> insmod ip_nat_ftp

Why not using the setup which is made for that? See
/etc/sysconfig/iptables-config:

IPTABLES_MODULES=""

> Here is a lsmod list, and it shows the modules loaded, but later, both 
> disappear. They don't have the autoclean, but further down the 
> iptable_nat and ip_conntrack include these and the autoclean. After 
> a while, these would diappear from the top, and from the iptable_nat 
> and the ip_conntrack which do have the autoclean. This machine 
> has 9 ethernet ports, with one connected to the backbone, and 8 
> others going to individual labs. (Planned) 

Will the iptable_nat and ip_conntrack modules not be used for a long
period? I never saw them autocleaning on my NAT systems.

> Is there a way to have these modules loaded so they will not be 
> dropped. Currently I've added a cron option to reload every minute 
> since the auto clean talkes about the time being about 1 minute. 
> This is Fedora Core 1 with the 2.188 kernel.
> 
> Module                  Size  Used by    Not tainted
> ip_nat_ftp              3728   0  (unused)
> ip_conntrack_ftp        4944   1 
> iptable_mangle          2776   0  (autoclean) (unused)
> ipt_REJECT              4248   1  (autoclean)
> ipt_state               1080   8  (autoclean)
> iptable_filter          2444   1  (autoclean)
> ipt_MASQUERADE          2200   8  (autoclean)
> iptable_nat            21848   2  (autoclean) [ip_nat_ftp 
> ipt_MASQUERADE]
> ip_conntrack           28552   3  (autoclean) [ip_nat_ftp 
> ip_conntrack_ftp ipt_state ipt_MASQUERADE iptable_nat]
> ip_tables              15136   8  [iptable_mangle ipt_REJECT ipt_state 
> iptable_filter ipt_MASQUERADE iptable_nat]

Try following adds to /etc/modules.conf

options -k iptable_nat
options -k ip_conntrack
options -k ip_nat_ftp
options -k ip_conntrack_ftp

Alexander


-- 
Alexander Dalloz | Enger, Germany | GPG key 1024D/ED695653 1999-07-13
Fedora GNU/Linux Core 1 (Yarrow) on Athlon CPU kernel 2.4.22-1.2188.nptl
Sirendipity 19:03:08 up 9 days, 17:51, load average: 0.05, 0.08, 0.12 
                   [ Γνωθι σ'αυτον - gnothi seauton ]
             my life is a planetarium - and you are the stars
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20040506/2c3aa686/attachment-0001.sig>

More information about the fedora-list mailing list