Help! What's going on in 2.4?
Henrik Nordstrom
hno@marasystems.com
Fri, 06 Jul 2001 04:05:00 +0200
David Krider wrote:
> This is good info! I am read the first HOWTO on the "unreliable docs," but I
> still find that I'm lacking info on the kernel module situation. I do indeed
> intent to NAT, so at least the FTP part of the puzzle has been fixed.
>
> There are MANY kernel modules in my RedHat 7.1
> /lib/modules/2.4.2-2/kernel/net/ipv4/netfilter/ directory. Can anyone point
> me at a reference about what they all do and which ones are required for
> what?
Most of what you need to know is in the iptables man page.
The modules (for iptables) are:
ip_conntrack netfilter connection tracking
ip_conntrack_* connection tracking helpers
ip_nat_* NAT helpers
ipt_[TARGET] targets
ipt_[match] matches
iptable_* tables
Of all the modules, only the helper modules need to be loaded manually. The
other are loaded automatically by iptables when required by your ruleset.
For a short description/usage of a specific target, run
iptables -j TARGET --help
For a short description/usage of a specific match, run
iptables -m match --help
All modules are quite extensively described in the kernel documentation. See
/usr/src/linux/Documentation/Configure.help or the kernel netfilter
configuration menus.
--
Henrik Nordstrom
MARA Systems