Can't load conntract support for proto=2

I'm trying to build kernel 2.6.22.10 from source, for use in what was
originally configured as a Fedora Core 4 system. It's for a system
that works as an unattended internet-connected device, and as such it
has a pretty harsh firewall. FC4 rpms only go up to 2.6.17, and I'm
trying to find out if a newer kernel version fixes (what looks for all
the world to be) a serial driver bug.

The build succeeds and the kernel boots but iptables aren't loaded.
It says "can't load conntrack support for proto=2." The error goes
away if I remove all the lines that say "-m state" but of course
that's not useful. I can insmod *every* module in /lib/modules/
2.6.22.10/kernel/net/netfilter and it does the same thing.

In case it's germane, here's the whole list of netfilter modules:

nf_conntrack_ftp.ko

nf_conntrack.ko

nfnetlink.ko

nfnetlink_log.ko

nfnetlink_queue.ko

x_tables.ko

xt_CLASSIFY.ko

xt_comment.ko

xt_connbytes.ko

xt_connmark.ko

xt_CONNMARK.ko

xt_CONNSECMARK.ko

xt_conntrack.ko

xt_dccp.ko

xt_dscp.ko

xt_DSCP.ko

xt_esp.ko

xt_hashlimit.ko

xt_helper.ko

xt_length.ko

xt_limit.ko

xt_mac.ko

xt_mark.ko

xt_MARK.ko

xt_multiport.ko

xt_NFLOG.ko

xt_NFQUEUE.ko

xt_NOTRACK.ko

xt_physdev.ko

xt_pkttype.ko

xt_policy.ko

xt_quota.ko

xt_realm.ko

xt_sctp.ko

xt_SECMARK.ko

xt_state.ko

xt_statistic.ko

xt_string.ko

xt_tcpmss.ko

xt_TCPMSS.ko

xt_tcpudp.ko


What am I missing? Thanks.

Hello,

Richard Krehbiel a écrit :
> I'm trying to build kernel 2.6.22.10 from source, for use in what was
> originally configured as a Fedora Core 4 system. It's for a system
> that works as an unattended internet-connected device, and as such it
> has a pretty harsh firewall. FC4 rpms only go up to 2.6.17, and I'm
> trying to find out if a newer kernel version fixes (what looks for all
> the world to be) a serial driver bug.
>
> The build succeeds and the kernel boots but iptables aren't loaded.
> It says "can't load conntrack support for proto=2." The error goes
> away if I remove all the lines that say "-m state" but of course
> that's not useful. I can insmod *every* module in /lib/modules/
> 2.6.22.10/kernel/net/netfilter and it does the same thing.
>
> In case it's germane, here's the whole list of netfilter modules:
[...]

Did you check in /lib/modules/2.6.22.10/kernel/net/ipv4/netfilter/ ?

> What am I missing? Thanks.

IPv4 connection tracking (nf_conntrack_ipv4.ko), I'd say.

On Nov 1, 8:18 am, Pascal Hambourg <boite-a-s...@plouf.fr.eu.org>
wrote:
> Hello,
>
> Richard Krehbiel a écrit :> I'm trying to build kernel 2.6.22.10 from source, for use in what was
> > originally configured as a Fedora Core 4 system. It's for a system
> > that works as an unattended internet-connected device, and as such it
> > has a pretty harsh firewall. FC4 rpms only go up to 2.6.17, and I'm
> > trying to find out if a newer kernel version fixes (what looks for all
> > the world to be) a serial driver bug.
>
> > The build succeeds and the kernel boots but iptables aren't loaded.
> > It says "can't load conntrack support for proto=2." The error goes
> > away if I remove all the lines that say "-m state" but of course
> > that's not useful. I can insmod *every* module in /lib/modules/
> > 2.6.22.10/kernel/net/netfilter and it does the same thing.
>
> > In case it's germane, here's the whole list of netfilter modules:
>
> [...]
>
> Did you check in /lib/modules/2.6.22.10/kernel/net/ipv4/netfilter/ ?
>
> > What am I missing? Thanks.
>
> IPv4 connection tracking (nf_conntrack_ipv4.ko), I'd say.


Ah, thanks. It'll take me a few hours to rebuild and test that, but
it looks like you're right.