Hey

I am trying to install hogwash on a host that sits between my network and my firewall so i can use it as a packet sniffer and forwarder. However, before I can do this i need to disable TCP/IP so that it is more secure and is transparent to the rest of the network (essentially acting as a layer 2 bridge.

Unfortunately i get stuck at the first hurdle and cannot disable my TCP/IP from within the kernel xconfig without getting an error saying

/usr/src/linux-2.4.20-8/include/net/TCP_ECN.h:54 union has no member named af_inet
/usr/src/linux-2.4.20-8/include/net/TCP_ECN.h:61 union has no member named af_inet


I have found that ecn is a congestion thing to help the performance of routers and firewalls on a network and is normally disabled in my redhat9.0 configuration . This is as it should be normally because it is junk and screws up f/w and routers that do not support it. I can not reenable it without enabling tcp/ip support which is not what i want.

How can i get around this compile error.

I have thought of compiling a kernel with tcp/ip enabled and this enabled so that it is in the folder when i recompile the kernel again with it disabled.

Is there a switch in the bzImage command that allows me to ignore errors(although i realise this is not good practice)

Thxs

Stumpers

If all you want is just level 2 functionality, just don't give your ethernet ports IP addresses.

That way, even though you'd be running the TCP/IP stack, you wouldn't have any way to address the machine over a network.

I am a slightly new at this so bare with my ignorance.

This is a task assigned to me by a guy i work with and he has informed me that the TCP/IP stack has to be disabled to prevent the machine being tampered with. He intends on introducing a micro TCP/ip stack that will do all sorts of things that are way over my head.

Regardless i think i should stick to the task at hand. I understand what your saying and it is a good idea but i think it is the disabling of the TCP/IP stack that is important and not the fact the host is just a bridge with no I/P.

I will however put it to him but i am pretty sure he wants the whole TCP/IP disabled for this hogwash software


Thanks for your suggestion

Stumpers

then disable it entirely in the kernel.

Under "Networking Options", uncheck "TCP/IP Networking", recompile kernel, done.

theres an article about Hogwash in the September "Linux Magazine" and it states that you can disable the TCP/IP stack.

If you're getting compilation errors after disabling the TCP/IP stack (and without ECN -- ECN is a networking option, so it should be disabled if you don't want networking), then it may be a bug in your kernel. Try a different kernel version from RedHat, or look at www.kernel.org and get one of their versions.

Ok i have tried to use a different kernel although a slightly eartlier version.

Initially i was using kernel 2.4.20-8 which was a RH 9.0 distro.

I have at home 2.4.18-20 on a RH 8.0 distro but i get exactly the same error as i did with the RH 9 kernel.

Is it possible that the make file could be attempting to compile some options for the benifit of the network devices before it reaches the option to not use tcp/ip. If so i have not a clue how to ammend it. I have a possible contact for someone who had the same problem but i can't seem to find what his or her solution was. I shall try them and see if they fix it.

Stumpers

Try a non Red Hat kernel, like 2.4.22 off www.kernel.org

Ok for those who want to know. I first installed the 2.4.21 kernel from www.kernel.org as a normal configuration used from the very first install.

Although this worked fine on compile and booted ok when i tried to recompile it with the tcp/ip option disabled i got as far as make module_install and it gave me this crap about not giving the first argument

After a couple of failures i went and installed kernel 2.4.22 and compiled it with the option of no tcp/ip from the start instead of altering it after compilation and then recompiling it into a new bootable with the tcp/ip off

This worked and can now boot into this kernel with no problem. Although i am getting some really weird errors but this is to be expected as i really do not think linux likes having no tcp/ip support. However, because all i have been asked to do is make a build with no tcp/ip then as far as i am concerned my job is done. Let my software guy do the rest.

Thanks for all your help everybody. You have broaden my horizons

The stumpertron