[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ipfilter
Subject:    "Can't load module" and rules continuation lines?
From:       Paul Slootman <paul () wau ! mis ! ah ! nl>
Date:       1998-01-23 9:46:34
[Download RAW message or body]

I've been running 3.2beta9 for some time on about 10 Solaris 2.5.1 x86
systems. On two of these I've had problems loading the module; I get the
following error when doing modload:

    can't load module: Out of memory or no room in system tables

A reboot on one of these systems solved the problem; the other I haven't
been able to reboot yet because it's a production system, and not
interrupting the system is more important than a working ipfilter (at
the moment anyway).

This is a bit disturbing. If we decide to use ipfilter (which is looking
more and more likely), we will be installing it on 650 systems(*) scattered
throughout the country. I don't want to be around when that happens and
2 in 10 installations can't load the module!

(*) AH is the largest supermarket chain in the Netherlands, and each
    supermarket has a Solaris system connected to a VPN (virtual private
    network). Additionally in-store there are a couple of local
    networks.  A system on one of these networks (with a 192.168. - type
    number) has to be able to connect to the head office, i.e. via NAT
    through the Solaris system.  It also looks like the reverse will
    also have to be possible, i.e. head office connecting to the system
    on the 192.168 network in-store. This should also be possible,
    right?


I'm going to try out 3.2.3 soon to see if that goes any better. This
brings me to my second point: the existing rules files now give me
errors.  I used '\' at the end of long lines to increase the (human)
readability of the rules, which worked fine. Now 3.2.3 gives me

    unexpected keyword (\) - to
    unknown keyword (to)

errors. Has the continuation stuff explicitly been removed, or is it a
side effect of some other changes? It's not important, of course, I was
just wondering...


Paul Slootman
-- 
home: paul@wurtel.demon.nl | work: paul@murphy.nl
http://www.wurtel.demon.nl | Murphy Software, Enschede, the Netherlands

[prev in list] [next in list] [prev in thread] [next in thread]