␡
- Introduction
- Backward Compatibility
- Netfilter and iptables
- Configuring Your Kernel
- The Netfilter Modules
- IPTABLES
The Netfilter Modules
Before going any further, you'll want to insert all the brand-spanking, shiny new Netfilter modules you just built. Here you have two choices: Pick and choose the modules you want and then do it by hand, or just copy my Perl hack that follows and run it. It ain't pretty, but it does the job. I'm lazy, and this was a quick kludge to handle the situation. If you didn't include the ipv6 modules, remove the comma and the "ipv6" from the @dirs list. (Included farther down is a script to remove all Netfilter modules as well, if you want.)
------cut here-------
#!/usr/bin/perl -w
# modules.pl written by D. Bandel
# licensed under the GPL v2.0
use strict;
use File::Basename;
my ($file,$path,$suff,$uname,$dir);
chomp($uname=`uname -r`);
my @dirs=("ipv4","ipv6");
foreach $dir (@dirs) {
$path="/lib/modules/$uname/kernel/net/$dir/Netfilter/";
my @list=(`ls $path`);
foreach $file (@list) {
($file,$path,$suff)=fileparse($file,".o");
`modprobe $file 2>&1 /dev/null`;
}
}
------cut here-------
------cut here-------
#!/usr/bin/perl -w
# rmmodules.pl written by D. Bandel
# licensed under the GPL v2.0
# crude hack to unload lots of modules quickly
use strict;
use File::Basename;
my ($file,$path,$suff,$uname,$dir,$subdir,$count);
chomp($uname=`uname -r`);
#subdirs containing the modules we want removed
my @subdirs=("ipv4","ipv6");
#a kludge to remove modules with dependencies. It's this or
#keep a list of failed modules and retry only those
my @count=("1","2","3");
foreach $count (@count) {
foreach $subdir (@subdirs) {
$dir="/lib/modules/$uname/kernel/net/$subdir/Netfilter/";
my @list=(`ls $dir`);
foreach $file (@list) {
($file,$path,$suff)=fileparse($file,".o");
if (`lsmod | grep $file`) {
# the work is done here:
`rmmod $file 2>&1 /dev/null`;
}
}
}
}
------cut here-------