Have most of you moved on to 2.6.x kernel? What version is best at this time. I have a current system on 2.4.31 patched for PPTP, running 2 isp interfaces and it works fine. I was building a new box (faster and a bit more memory) and thought I would use 2.6.13. The PPTP patch fails. Looking at the netfilter site it seems there may be big changes in the works. I found that 2.6.11 has pptp patches has anyone used this. Netfilter has never been the easiest for me to keep up with. They do nothing forever then bamb, rock my world with some new document free idea. I really want to stay abreast of Shorewall/netfilter improvements. Thanks --John Hill -- This mail was scanned by AntiVir Milter. This product is licensed for non-commercial use. See www.antivir.de for details. ------------------------------------------------------- This SF.Net email is sponsored by the JBoss Inc. Get Certified Today * Register for a JBoss Training Course Free Certification Exam for All Training Attendees Through End of 2005 Visit http://www.jboss.com/services/certification for more information
John HIll wrote:> Have most of you moved on to 2.6.x kernel? What version is best at this > time. > > I have a current system on 2.4.31 patched for PPTP, running 2 isp interfaces > and it works fine. I was building a new box (faster and a bit more memory) > and thought I would use 2.6.13. The PPTP patch fails. Looking at the > netfilter site it seems there may be big changes in the works. I found that > 2.6.11 has pptp patches has anyone used this. > > Netfilter has never been the easiest for me to keep up with. They do nothing > forever then bamb, rock my world with some new document free idea. > > I really want to stay abreast of Shorewall/netfilter improvements. > > Thanks > --John Hill > >Hi I use 2.6.12 without any problems. Regards Ray Booysen ------------------------------------------------------- This SF.Net email is sponsored by the JBoss Inc. Get Certified Today * Register for a JBoss Training Course Free Certification Exam for All Training Attendees Through End of 2005 Visit http://www.jboss.com/services/certification for more information
On Tuesday 25 October 2005 07:46, Ray Booysen wrote:> > I use 2.6.12 without any problems. >Vanilla 2.6.12 has issues if you want to use bridging -- I would recommend that if you want to run that release that you patch up to level 2.6.12.8. I would definitely avoid 2.6.14 when it comes out -- there are *many* Netfilter/iptables changes which I''m predicting will break Shorewall is some way or the other. Once Shorewall 3.0 is out the door, I will begin playing with 2.6.14 and it''s wonderful new bugs^H^H^H^H features. On a positive note, there *is* a new PPTP-tracking patch for that release (or will be shortly -- Harald has posted it on the Netfilter development list). -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
On Tuesday 25 October 2005 08:09, Tom Eastep wrote:> On Tuesday 25 October 2005 07:46, Ray Booysen wrote: > > I use 2.6.12 without any problems. > > Vanilla 2.6.12 has issues if you want to use bridging -- I would recommend > that if you want to run that release that you patch up to level 2.6.12.8.Duh -- 2.6.11 had a .8 patch level -- 2.6.12 only goes to .2 (or that''s the one that I ran) so make that 2.6.12.2. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
I found 2.6.12.6 on Kernel.org. I did not see 2.6.12.8. I''m compiling 2.6.12.6 now. It patched as Ray said. I think most everything I know about netfilter I learned for you and Shorewall. Thanks. --john> -----Original Message----- > From: shorewall-users-admin@lists.sourceforge.net > [mailto:shorewall-users-admin@lists.sourceforge.net] On > Behalf Of Tom Eastep > Sent: Tuesday, October 25, 2005 10:10 AM > To: shorewall-users@lists.sourceforge.net > Subject: Re: [Shorewall-users] Kernel 2.6 > > On Tuesday 25 October 2005 07:46, Ray Booysen wrote: > > > > > I use 2.6.12 without any problems. > > > > Vanilla 2.6.12 has issues if you want to use bridging -- I > would recommend > that if you want to run that release that you patch up to > level 2.6.12.8. > > I would definitely avoid 2.6.14 when it comes out -- there are *many* > Netfilter/iptables changes which I''m predicting will break > Shorewall is some > way or the other. > > Once Shorewall 3.0 is out the door, I will begin playing with > 2.6.14 and it''s > wonderful new bugs^H^H^H^H features. On a positive note, > there *is* a new > PPTP-tracking patch for that release (or will be shortly -- > Harald has posted > it on the Netfilter development list). > > -Tom > -- > Tom Eastep \ Nothing is foolproof to a sufficiently talented fool > Shoreline, \ http://shorewall.net > Washington USA \ teastep@shorewall.net > PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key >-- This mail was scanned by AntiVir Milter. This product is licensed for non-commercial use. See www.antivir.de for details. ------------------------------------------------------- This SF.Net email is sponsored by the JBoss Inc. Get Certified Today * Register for a JBoss Training Course Free Certification Exam for All Training Attendees Through End of 2005 Visit http://www.jboss.com/services/certification for more information
On 10/25/05, John HIll <jhill@noach.com> wrote:> > Have most of you moved on to 2.6.x kernel? What version is best at this > time.We''ve frozen our FC4 kernels at 2.6.11-1.1369 after having several 2.6.12.x upgraded boxes lock up and spew "badness" messages after running in heavy network service for a few hours. Even the older kernel may have some issues. A few days ago I did a "shorewall status" with 2.4.5 and locked up a remote machine. After driving across town, I again found the console scrolling kernel error messages. This was a generic LAMP server with no haywires or anything out of the ordinary installed. I''m sorry that I don''t have any specifics or log entries to contribute about what may have happened. If I stopped to document every selinux, app update and kernel problem I''ve had with Fedora 4, I''d never get anything else done! :) -Tom ------------------------------------------------------- This SF.Net email is sponsored by the JBoss Inc. Get Certified Today * Register for a JBoss Training Course Free Certification Exam for All Training Attendees Through End of 2005 Visit http://www.jboss.com/services/certification for more information