Atomicorp

what modules are there now?
Is there any extended functionality or new vulbernities that we should be aware of?

No new vulns. The new modules are all related to firewalling, here is the current list in the next ASL release:

#Load IPv6 module if not already loaded
modprobe ipv6

#core firewalling modules
modprobe ip_tables
modprobe ip6_tables
modprobe iptable_filter
modprobe ip6table_filter
modprobe iptable_nat
modprobe iptable_mangle
modprobe nf_nat

modprobe x_tables # good stuff is in here
modprobe ipt_stealth # stealth drops
modprobe ipt_owner # owner based fw rules.
modprobe ipt_REJECT # icmp reject drops
modprobe ipt_recent # used to track recent connections
modprobe ip6t_REJECT #IPv6 REJECT
modprobe ipt_REDIRECT # redirect traffic
modprobe xt_tcpudp
modprobe xt_conntrack 2> /dev/null
modprobe nf_conntrack # conntrack module
modprobe nf_conntrack_ipv6 # IPv6 conntrack module
modprobe nf_conntrack_ipv4 # IPv6 conntrack module
modprobe nf_conntrack_netbios_ns # CIFS tracking
modprobe nf_conntrack_ftp # FTP module
modprobe nf_nat_ftp # FTP NAT module

modprobe xt_state
modprobe xt_length
modprobe xt_limit
modprobe xt_mac
modprobe xt_physdev
modprobe xt_pkttype
modprobe xt_multiport
modprobe xt_mac
modprobe xt_MARK
modprobe xt_DSCP
modprobe xt_TCPMSS
modprobe xt_mark
modprobe xt_connlimit
modprobe xt_string
modprobe xt_owner
modprobe xt_iprange
modprobe ipt_ECN 2> /dev/null
modprobe ipt_ecn 2> /dev/null
modprobe ipt_LOG

# Load the vpn module
modprobe tun

#Load the fuse module
modprobe fuse

#load cifs
modprobe cifs

Is the code that looks at these part of the ASL kernel package, or is it elsewhere? I'm just thinking that trying to load these in a VPS is going to cause a lot of error messages if they have not been loaded (or are not avaulable) on the hardware node.

Also why load ipv6 modules? Just curious.

Faris.

In case anyone comes to this thread over a year later (cough), this is the current list: