[OpenWrt-Tickets] [OpenWrt] #2462: disabling ip_conntrack

OpenWrt openwrt-devel at lists.openwrt.org
Sun May 4 03:03:12 CEST 2008 

#2462: disabling ip_conntrack
---------------------------------------------+------------------------------
 Reporter:  acoul <alex at ozo.com>             |        Owner:  developers
     Type:  defect                           |       Status:  closed    
 Priority:  high                             |    Milestone:  Kamikaze  
Component:  kernel                           |   Resolution:  worksforme
 Keywords:  disable conntrack module choice  |  
---------------------------------------------+------------------------------
Changes (by nico):

  * status:  reopened => closed
  * resolution:  => worksforme

Comment:

 Having ip_conntrack built as a module is possible since [8955]. Like
 florian said, you have to edit your kernel configuation first.

 Here are the changes required with a 2.6.24 kernel using [11038]:
 {{{
 +CONFIG_IP_NF_TARGET_MASQUERADE=m
 +CONFIG_NETFILTER_XT_MATCH_STATE=m
 +CONFIG_NF_CONNTRACK=m
 +CONFIG_NF_CONNTRACK_ENABLED=m
 +CONFIG_NF_CONNTRACK_IPV4=m
 +CONFIG_NF_NAT=m
 }}}

 And here's a nice capture:
 {{{
 BusyBox v1.8.2 (2008-05-03 06:00:28 CEST) built-in shell (ash)
 Enter 'help' for a list of built-in commands.

   _______                     ________        __
  |       |.-----.-----.-----.|  |  |  |.----.|  |_
  |   -   ||  _  |  -__|     ||  |  |  ||   _||   _|
  |_______||   __|_____|__|__||________||__|  |____|
           |__| W I R E L E S S   F R E E D O M
  KAMIKAZE (bleeding edge, r11038) -------------------
   * 10 oz Vodka       Shake well with ice and strain
   * 10 oz Triple sec  mixture into 10 shot glasses.
   * 10 oz lime juice  Salute!
  ---------------------------------------------------
 root at OpenWrt:/# lsmod
 Module                  Size  Used by    Not tainted
 nf_conntrack_tftp       3596  0
 nf_conntrack_irc        4696  0
 nf_conntrack_ftp        6024  0
 xt_NOTRACK              1408  0
 xt_CONNMARK             1792  0
 xt_state                1664  0
 ipt_recent              6320  0
 xt_limit                1792  0
 xt_helper               1792  0
 xt_conntrack            1920  0
 xt_connmark             1664  0
 xt_connbytes            1920  0
 nf_conntrack_ipv4       9100  0
 nf_conntrack           32168  11
 nf_conntrack_tftp,nf_conntrack_irc,nf_conntrack_ftp,xt_NOTRACK,xt_CONNMARK,xt_state,xt_helper,xt_conntrack,xt_connmark,xt_connbytes,nf_conntrack_ipv4
 ppp_async               7684  0
 ppp_generic            18324  1 ppp_async
 slhc                    4224  1 ppp_generic
 crc_ccitt               1664  1 ppp_async
 }}}

-- 
Ticket URL: <https://dev.openwrt.org/ticket/2462#comment:4>
OpenWrt <http://openwrt.org>
Opensource Wireless Router Technology

More information about the openwrt-tickets mailing list