Mandriva 2006 -kernel 2.6.17.7

[Nik123]

Hallo all! I'm not sure, that this is the correct section for my problem, but it's dedicated to kernel, except the other, and my problem is with the kernel, I think, that's why I decided to write here. I apologise, if I'm wrong. The problem is: Recently I downloaded from www.kernel.org the source of 2.6.17.7 kernel, built and installed it. I have patched the kernel with Supermount (followed instructions from here) and with the last releases of the iptables and ipsets from ipset.netfilter.org. There was no problems with precompilling/installing the kernel. In tne network section of "make xconfig" I set up all functions for netfilter, IPv4 and IPv6. Now kernel is working on my machine- AMD Duron 1100 MHz, 512 of RAM, GeForce FX 5500 256 RAM, Mandriva 2006, Gnome 2.10 - but with that kernel (2.6.17.7) the mandi daemon isn't working. If I try to start it manually, that is the result:

[root@localhost ~]# service mandi start

Starting mandi daemon: mandi_daemon_add_watch(): READABLE

unable to open white list file

nl_bind_socket: No such file or directory

bind failed

unable to init netlink

unable to init "Interactive Firewall" plugin

[FAILED]

After a quite reading and browsing forums and googling, I discovered that mandi needs a module, called ipt_IFWLOG (ipt_IFWLOG.ko.gz), which is missing in my new kernel, but it exist in my old kernel- 2.6.12.22, installed via urpmi.

[root@localhost ~]# locate ipt_IFWLOG

/usr/include/linux/netfilter_ipv4/ipt_IFWLOG.h

/usr/src/linux-2.6.12-22mdk/include/linux/netfilter_ipv4/ipt_IFWLOG.h

/usr/src/linux-2.6.12-22mdk/net/ipv4/netfilter/ipt_IFWLOG.c

/lib/modules/2.6.12-12mdk/kernel/net/ipv4/netfilter/ipt_IFWLOG.ko.gz

/lib/modules/2.6.12-22mdk/kernel/net/ipv4/netfilter/ipt_IFWLOG.ko.gz

/lib/iptables.d/linux-2.6-pom/libipt_IFWLOG.so

My question is: Can someone help me to install that module, or just to tell me what should I do, to have mandi daemon working? How to have that module installed with 2.6.17.7 kernel? Thanks in advance

 

I'm newbie, using Mandriva for about six months

[ianw1974]

I compiled a kernel, and had the same problem, I solved it with:

 

chkconfig mandi off

 

and just disabled the service. You're using shorewall for the firewall anyway, si I wouldn't worry about it too much. The mandi daemon is supposed to be interactive firewall, but I never actually noticed it doing anything when it was running on normal Mandriva kernels.

 

You'll also probably find later, that a load of other things stop working as well. For some reason, Mandriva isn't a good distro for manual kernel compiles. So, I've tended to stick with just the kernels provided by Mandriva repositories.

[Nik123]

Thank you for the reply. Mandi is disabled now,but that isn't satisfy me, I want it working, if possible. Interactive firewall is good to me, because in my network there are so many stupid guys, using software such an angry IP scanner and other stuff like that, and I would like to be notified, when a kid, using stupid software, is trying to find my open ports, etc. I've managed to patch kernel sources with almost all stuff, to get Mandriva applications working- Supermount, Quickcam. Only mandi is a problem, but I think, if the kernels provided by Mandriva mirrors are patched with that module, ipt_IFWLOG, that means, that there is a way to patch kernel myself?

[scarecrow]

It's likely that you need newer initscripts to make 2.6.17 behaving properly in Mandy... here too never had much luck in building custom kernels for Mandriva without the usage of a gazillion distro-specific patches.

[Nik123]

Can you give me a link for those patches?

[scarecrow]

Can you give me a link for those patches?

 

You'll need to subscribe to the Cooker mailing lists to find out. Currently Cooker is somewhere between 2.6.17.1 and 2.6.17.2.

Getting the Cooker src.rpm and rebuilding it will likely fail, but anyway you can try that.

Using 2.6.17.8 here currently, but not in Mandriva and I'm not toying with Cooker anymore- so I have no exact idea what-and-how-has-been-patched.

Edited August 11, 2006 by scarecrow

[ianw1974]

If you can't find the patch, use firestarter instead of shorewall. Alternative firewall, and will notify you too.

 

Dunno about the patches, you could try a google as that's all we'd be able to do.

[Nik123]

I have searched with google all words containing "mandi" "ipt_IFWLOG" "IFWLOG extension" for a few weeks and nothing, but found the patch for Supermount.

@ianw1974: I have been told about firestarter by my friend, but if I decide to install the firestarter, I am supposed to deinstall Shorewall first, is this correct?

[ianw1974]

You can leave it installed if you like, and just do this:

 

chkconfig shorewall off
service shorewall stop

 

the first disables the service, the second stops it as it's most likely running. And then just install firestarter. If it doesn't do what you want, you can remove it, and just re-enable shorewall with:

 

service shorewall start
chkconfig shorewall on

 

and that's it.

[Nik123]

I couldn't manage with that firestarter. Installed firestarter, but if I want to have notifications for port scan, etc, I have to run firestarter by command "firestarter" in terminal, then the firestarter icon appears in system tray. In MCC-Services service firestarter is enabled on boot. Is there any way to run firestarter on boot, so not to have typing "firestarter" in terminal?

[ianw1974]

Are you using kde or gnome? If using kde, it should normally stay open if you shut down your machine. If not, you can create a symlink to it in /home/username/.kde/Autostart to make it start on login.

 

Not sure about Gnome, but I'd expect it to be the same if it was open on shutdown. But I don't use Gnome much, so no idea where to put it to get it to start when you login.

[Nik123]

I use Gnome 2.10, have a kde installed too, but only for the libs, because I use kde-programs too, but have no experience with kde- this environment is too heavy, gnome starts twice faster than kde. I will search for more info in other forums also.. thanks for the info