Mail archive
alpine-devel

Re: [alpine-devel] iptables error on 2.6.26-vsgrsec

From: Natanael Copa <natanael.copa_at_gmail.com>
Date: Thu, 27 Aug 2009 12:37:14 +0200

On Thu, Aug 27, 2009 at 10:13 AM, John Keith Hohm <john_at_hohm.net> wrote:

> Alpine Linux is awesome, thanks so much to all the contributors.
>
> This morning when I upgraded our Alpine Linux 1.7.27 firewall with
> kernel 2.6.25-hardened-r10 to Alpine Linux 1.8.3 with kernel
> 2.6.26-vsgrsec I was unable to start shorewall; it complained like:
>
> iptables: Memory allocation problem


The 2.6.26-vsgrsec kernel have known issues. If you need a vserver host then
you'd probably need an older 2.6.22 based kernel (something like alpine
1.7.26 or earlier)


> Fortunately I was able to reboot into the upgraded system with the
> older 2.6.25-hardened-r10 kernel and get the firewall working (well,
> after some racoon.conf edits, but I digress).
>
> How do I allow iptables to use more memory on the 2.6.26-vsgrsec kernel?
> The server is not low on physical memory (it has 2 GB installed). I
> have a similar system with the same Alpine Linux 1.8.3 running the same
> 2.6.26-vsgrsec kernel and the same custom shorewall-4.2.10 packages but
> a much simpler shorewall rule set, which starts up fine.


i would recommend try 1.9 beta4 if you need more recent kernel. (it does
have some issues with kernel modules that needs string parameters but i
think that was fixed in the update i did today - i havent been able to test
it yet thoug). beta4 should also have the shorewall 4.x packages. If you
have problems with this, please let us know and we will fix asap. (im on
vacation right now so probabably next week)

-nc



---
Unsubscribe:  alpine-devel+unsubscribe_at_lists.alpinelinux.org
Help:         alpine-devel+help_at_lists.alpinelinux.org
---
Received on Thu Aug 27 2009 - 12:37:14 UTC