modprobe: Can't locate module ip_conntrack_ftp

[thomasjb]

based on a suggestion in another thread i emerged "guarddog" to setup a firewall on my machine. i had quite a few problems configuring the kernel correctly for iptables and finally ended up compiling most every option related to iptables into the kernel. however, i still get a very last error message when configuring iptables with guarddog, which is:

"modprobe: Can't locate module ip_conntrack_ftp".

i figure it's because when choosing the "protocols" under "filetransfer" i also checked "ftp". when unchecking "ftp" i don't get this error message.

could somebody by so kind and help me out on this. thanks!

regards,

thomas.

[Kosmo]

When you built the kernel, under the Netfilter configuration is an option called Connection Tracking. If you say Y to that one, it will give you 2 more options: Connection tracking for ftp or for irc. Apparently, you missed at least the ftp one. Since it want to track an ftp connection, it needs that code and tries to load it.

You can compile it as a module now, you only have to

[thomasjb]

thanks a lot for your reply kosmo. i did say yes to "connection tracking" and also to the "ftp" and "irc" options (they are compiled into the kernel). that's why the error message is so confusing. everything else (with regards to iptable) seems to work fine.

is there any "rc-update add .... default" i have to perform with regards to "connection tracking"? i have added "iptables" to the default runlevel already.

regards,
thomas.

[mksoft]

Is it compiled as a module or into the kernel (marked as M or *)

If it is compiled into the kernel, of course modprobe will fail since there's no such module

In that case, removing the offending line from the firewall script will prevent this error.

But it should work even in the presence of the error, since the support is present in the kernel (unless the script checks dor the outcome of modprobe and aborts on an error).
_________________
There's someone in my head but it's not me - Pink Floyd