iptables-1.3.8 BLFS book svn-20100105 compile error

Bruce Dubbs bruce.dubbs at gmail.com
Wed Jan 6 10:58:07 PST 2010


stosss wrote:
> If the following modprobes are built into the kernel and not modules,
> should I comment out the modprobes below as in my sample below?
> 
> cat > /etc/rc.d/rc.iptables << "EOF"
> #!/bin/sh
> 
> # Begin $rc_base/rc.iptables
> 
> # Insert connection-tracking modules
> # (not needed if built into the kernel)
> # modprobe ip_tables
> # modprobe iptable_filter
> # modprobe ip_conntrack
> # modprobe ip_conntrack_ftp
> # modprobe ipt_state
> # modprobe ipt_LOG
> 
> Is this correct or can it just be left alone like this?
> 
> cat > /etc/rc.d/rc.iptables << "EOF"
> #!/bin/sh
> 
> # Begin $rc_base/rc.iptables
> 
> # Insert connection-tracking modules
> # (not needed if built into the kernel)
> modprobe ip_tables
> modprobe iptable_filter
> modprobe ip_conntrack
> modprobe ip_conntrack_ftp
> modprobe ipt_state
> modprobe ipt_LOG

If you run modprobe on something that is already loaded (as a module or 
built in) then modprobe does nothing by consume a few cpu cycles.  The 
wall clock time is negligible.  You can do it either way.

   -- Bruce



More information about the blfs-support mailing list