我尝试在RHEL中安装nf_conntrack模块,失败
[root @ boot]#modprobe nf_conntrack_ipv6
致命:找不到模块nf_conntrack_ipv6。
[root @ boot]#modprobe nf_conntrack
致命:找不到模块nf_conntrack。
[root @ boot]#lsmod | grep -i nf
nfnetlink_queue 16129 2
nfnetlink 10713 4 nfnetlink_queue,ip_conntrack
xt_NFQUEUE 6209 2
x_tables 17349 18 xt_tcpudp,xt_state,ipt_addrtype,ipt_TOS,ipt_tos,xt_string,ipt_owner,xt_multiport,xt_MARK,xt_mark,ipt_iprange,ipt_hashlimit,xt_c onntrack,xt_CONNMARK,xt_connmark,ip_tables,xt_NFQUEUE,ip6_tables
[root @ boot]#[root @ boot]#[root @ boot]#lsmod | grep -i nf
nfnetlink_queue 16129 2
nfnetlink 10713 4 nfnetlink_queue,ip_conntrack
xt_NFQUEUE 6209 2
x_tables 17349 18 xt_tcpudp,xt_state,ipt_addrtype,ipt_TOS,ipt_tos,xt_string,ipt_owner,xt_multiport,xt_MARK,xt_mark,ipt_iprange,ipt_hashlimit,xt_c onntrack,xt_CONNMARK,xt_connmark,ip_tables,xt_NFQUEUE,ip6_tables
[root @ boot]#[root @ boot]#lsmod | grep -i conntrack
xt_conntrack 6593 0
ip_conntrack 53281 4 xt_state,xt_conntrack,xt_CONNMARK,xt_connmark
nfnetlink 10713 4 nfnetlink_queue,ip_conntrack
x_tables 17349 18 xt_tcpudp,xt_state,ipt_addrtype,ipt_TOS,ipt_tos,xt_string,ipt_owner,xt_multiport,xt_MARK,xt_mark,ipt_iprange,ipt_hashlimit,xt_c onntrack,xt_CONNMARK,xt_connmark,ip_tables,xt_NFQUEUE,ip6_tables [root @ boot]#
[root @ boot]#cat config-2.6.18-194.el5PAE | grep -i“nf_”
CONFIG_IP_NF_CONNTRACK =米CONFIG_IP_NF_CT_ACCT = Y CONFIG_IP_NF_CONNTRACK_MARK = Y CONFIG_IP_NF_CONNTRACK_SECMARK = Y CONFIG_IP_NF_CONNTRACK_EVENTS = Y CONFIG_IP_NF_CONNTRACK_NETLINK =米CONFIG_IP_NF_CT_PROTO_SCTP =米CONFIG_IP_NF_FTP =米CONFIG_IP_NF_IRC =米CONFIG_IP_NF_NETBIOS_NS =米CONFIG_IP_NF_TFTP =米CONFIG_IP_NF_AMANDA =米CONFIG_IP_NF_PPTP =米CONFIG_IP_NF_H323 =米CONFIG_IP_NF_SIP =米CONFIG_IP_NF_QUEUE =米CONFIG_IP_NF_IPTABLES =米CONFIG_IP_NF_MATCH_IPRANGE =米CONFIG_IP_NF_MATCH_TOS =米CONFIG_IP_NF_MATCH_RECENT =米CONFIG_IP_NF_MATCH_ECN =米CONFIG_IP_NF_MATCH_DSCP =米CONFIG_IP_NF_MATCH_AH =米CONFIG_IP_NF_MATCH_TTL =米CONFIG_IP_NF_MATCH_OWNER =米CONFIG_IP_NF_MATCH_ADDRTYPE =米CONFIG_IP_NF_MATCH_HASHLIMIT =米CONFIG_IP_NF_FILTER =米CONFIG_IP_NF_TARGET_REJECT =米CONFIG_IP_NF_TARGET_LOG =米CONFIG_IP_NF_TARGET_ULOG =米CONFIG_IP_NF_TARGET_TCPMSS =米CONFIG_IP_NF_NAT =米CONFIG_IP_NF_NAT_NEEDED = y CONFIG_IP_NF_TARGET_MASQUERADE = m CONFIG_IP_NF_TARGET_REDIRECT = m CONFIG_IP_NF_TARGET_NETMAP = m CONFIG_IP_NF_TARGET_SAME = m CONFIG_IP_NF_NAT_ SNMP_BASIC =米CONFIG_IP_NF_NAT_IRC =米CONFIG_IP_NF_NAT_FTP =米CONFIG_IP_NF_NAT_TFTP =米CONFIG_IP_NF_NAT_AMANDA =米CONFIG_IP_NF_NAT_PPTP =米CONFIG_IP_NF_NAT_H323 =米CONFIG_IP_NF_NAT_SIP =米CONFIG_IP_NF_MANGLE =米CONFIG_IP_NF_TARGET_TOS =米CONFIG_IP_NF_TARGET_ECN =米CONFIG_IP_NF_TARGET_DSCP =米CONFIG_IP_NF_TARGET_TTL =米CONFIG_IP_NF_TARGET_CLUSTERIP =米CONFIG_IP_NF_RAW =米CONFIG_IP_NF_ARPTABLES =米CONFIG_IP_NF_ARPFILTER =米CONFIG_IP_NF_ARP_MANGLE =米CONFIG_IP6_NF_QUEUE =米CONFIG_IP6_NF_IPTABLES =米CONFIG_IP6_NF_MATCH_RT =米CONFIG_IP6_NF_MATCH_OPTS =米CONFIG_IP6_NF_MATCH_FRAG =米CONFIG_IP6_NF_MATCH_HL =米CONFIG_IP6_NF_MATCH_OWNER =米CONFIG_IP6_NF_MATCH_IPV6HEADER =米CONFIG_IP6_NF_MATCH_AH =米CONFIG_IP6_NF_MATCH_EUI64 =米CONFIG_IP6_NF_FILTER =米CONFIG_IP6_NF_TARGET_LOG =米CONFIG_IP6_NF_TARGET_REJECT =米CONFIG_IP6_NF_MANGLE =米CONFIG_IP6_NF_TARGET_HL =米CONFIG_IP6_NF_RAW = m CONFIG_BRIDGE_NF_EBTABLES = m [root @ boot]#
[root @ boot]#uname -a
Linux 2.6.18-194.el5PAE#1 SMP Tue 3月16日22:00:21 EDT 2010 i686 i686 i386 GNU / Linux [root @ boot]#
我相信答案是自己编译ipv6 conntrack模块,因为它们不包含在标准的RHEL 5内核中。 您的另一种select是将防火墙保持在相当开放的状态,以便您可以获取IPv6stream量,这可能是一个坏主意,但在某些情况下可能是可以接受的。
另一个解决方法是使用本地Web代理,以便至less您的Webstream量可以通过IPv6。 那么麻烦就是find一个支持IPv6的好的。