0.1.7 success and failure

Thomas Molina tmolina@home.com
Mon, 6 Sep 1999 09:27:06 -0500 (CDT)


netfilter 0.1.7 finally compiles (modulo the previously noted one-line
patch) and runs but has some problems.  Doing an insmod ipchains.o as
mentioned in the howto works, and the ipchains rules can be inserted as
expected.  However, netscape 4.6 performance from a masqueraded machine
on the home lan (a Win98 box) is extremely poor.  I'm getting the
following messages in /var/log/messages:

Sep  6 08:17:19 wr5z kernel: ip_fw_compat v0.1.7
Sep  6 08:17:19 wr5z kernel: ip_conntrack.o v0.1.7
Sep  6 08:17:19 wr5z kernel: nf_register_hook: pf=2 hook=0.
Sep  6 08:17:19 wr5z kernel: nf_register_hook: pf=2 hook=4.
Sep  6 08:17:19 wr5z kernel: nf_register_hook: pf=2 hook=2.
Sep  6 08:18:29 wr5z PAM_pwdb[413]: (login) session opened for user root
by (uid=0)
Sep  6 08:19:44 wr5z kernel: ip_fw: packet drop due to netlink failure
Sep  6 08:19:45 wr5z last message repeated 9 times
Sep  6 08:19:49 wr5z kernel: NET: 104 messages suppressed.
Sep  6 08:19:49 wr5z kernel: ip_fw: packet drop due to netlink failure
Sep  6 08:20:10 wr5z kernel: NET: 62 messages suppressed.
Sep  6 08:20:10 wr5z kernel: ip_fw: packet drop due to netlink failure
Sep  6 08:20:10 wr5z last message repeated 3 times
Sep  6 08:20:14 wr5z kernel: NET: 122 messages suppressed.
Sep  6 08:20:14 wr5z kernel: ip_fw: packet drop due to netlink failure
Sep  6 08:20:28 wr5z kernel: NET: 57 messages suppressed.
Sep  6 08:20:28 wr5z kernel: ip_fw: packet drop due to netlink failure
Sep  6 08:20:28 wr5z kernel: ip_fw: packet drop due to netlink failure
Sep  6 08:20:29 wr5z kernel: NET: 61 messages suppressed.