[Firehol-support] Errors when running firehol
Tsaousis, Costa
costa at tsaousis.gr
Tue Jan 27 21:22:33 GMT 2015
Phil,
What if we write a 'check' function in firehol that runs a number of
checks in the system to identify possible issues? We could include a
check for this kernel option there.
A user will be able to execute 'firehol check' to run the checks and
possibly find suggestions to impove his system. The same check could
be run automatically if the execution stops due to an error.
There are already a number of checks spread in firehol to detect if
iptables is enabled in the kernel, if the required kernel modules are
present, if certain commands are present in the system, etc
We could have a file like /var/spool/firehol/system.conf with all the
results of the checks, which is sourced every time firehol runs (this
will also speed it a bit). If the file is not present, the check()
function will be run to generate it. If we detect a kernel version
change since the last time we executed check(), we could call it again
and so forth.
Do you agree? Shall I open it in github?
Costa
On Tue, Jan 27, 2015 at 8:45 PM, Phil Whineray <phil at sanewall.org> wrote:
> On Tue, Jan 27, 2015 at 09:29:22AM -0800, Jason Miller wrote:
>> Since I found the answer, and previously found 2 similar questions
>> through google with no answer, I figured I'd answer it here for
>> posterity.
>>
>> I needed the module xt_helper loaded, which is controlled by
>> CONFIG_NETFILTER_XT_MATCH_HELPER and only is available as an option if
>> you select "advanced configuration of netfilter" in the kernel
>> configuration.
>>
>> -Jason
>
> Jason
>
> Glad you got it working and many thanks for posting the solution.
>
> Cheers
> Phil
> _______________________________________________
> Firehol-support mailing list
> Firehol-support at lists.firehol.org
> http://lists.firehol.org/mailman/listinfo/firehol-support
More information about the Firehol-support
mailing list