IPtables nf_conntrack_ipv4

Issues related to configuring your network
Post Reply
maas187
Posts: 5
Joined: 2016/12/16 10:13:19

IPtables nf_conntrack_ipv4

Post by maas187 » 2016/12/16 10:17:55

Hey Guys,

I have a packages that needs a kernel that needs 2.6.18-398.el5, for some reason it cant work with CentOS 6 - So I installed CentOS 5 to get it to work.

http://lnlb.sourceforge.net/gettingstarted.html

Now - I was working with Centos5 to run some IP tables commands, however it seems that some modules are missing.

It says in the documentation that The following kernel module must be loaded: # modprobe nf_conntrack_ipv4

[root@localhost ~]# iptables -t mangle -N DIVERT
[root@localhost ~]# iptables -t mangle -A DIVERT -j MARK --set-mark 0x01/0x01
iptables v1.3.5: Bad MARK value `0x01/0x01'
Try `iptables -h' or 'iptables --help' for more information.

Anyone can help that would be great.

Thanks

User avatar
TrevorH
Site Admin
Posts: 33191
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: IPtables nf_conntrack_ipv4

Post by TrevorH » 2016/12/16 10:33:05

I had a quick look at the page you linked to and the lnlb package that you're trying to use was last updated in 2008 - that's now 8 years ago. If it only works with CentOS 5 then you have a problem as CentOS 5 goes End Of Life in approximately 3 months time and there will be no more security updates for it after that. It's already falling behind in the security stakes as RH have only been patching things marked as "critical" for the last 2 years or so so it has a number of "important" and less vulnerabilities present that will never be fixed. There also the small matter that lnlb itself has had no TLC at all for 8 years or so.

Perhaps you'd be better off using CentOS 6 or, better, 7 and using something other than lnlb. I didn't read too much about what it does (did) but perhaps you can use http://lartc.org/howto/lartc.rpdb.multiple-links.html or http://www.lartc.org/autoloadbalance.html
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke

maas187
Posts: 5
Joined: 2016/12/16 10:13:19

Re: IPtables nf_conntrack_ipv4

Post by maas187 » 2016/12/16 23:11:59

Hey TrevorH,

Thanks for your respond,

I am looking for a Layer 3 Load Balancer, What I am trying to setup is http://thewalter.net/stef/software/proxsmtp/.

Now having one system works fine - however the load is too high so I needed some way to Load Balance Layer 3 traffic not Ports (Layer 4). So having that tool will have the VIP IP on all three servers. Now I believe the link you have provided kind of does the same. ( Crossing Fingers ).

and yes - All my servers are CentOS 7 and I would like to keep it that way.

Thanks again and I will keep you posted.

Post Reply