nf_conntrack_proto_gre not installed by default proxmox 6.2?

[Inlakesh]

I am on the latest version of proxmox, I tried to load nf_conntrack_proto_gre and get this respons:
# modprobe nf_conntrack_proto_gre
modprobe: FATAL: Module nf_conntrack_proto_gre not found in directory /lib/modules/5.3.18-3-pve

It would be great if someone could guide me. Thanks.

 

[Stoiko Ivanov]

seems the functionality is compiled in instead of provided as module:

 grep CONFIG_NF_CT_PROTO_GRE /boot/config-5.3.18-3-pve 
CONFIG_NF_CT_PROTO_GRE=y

so does the firewalling/conntracking for gre work even if you cannot load the module?

 

[Inlakesh]

Thanks for the info.
How can I check if the firewall works in an easy way?

 

[Stoiko Ivanov]

How can I check if the firewall works in an easy way?

This depends on your firewall ruleset and where you use a GRE tunnel - but I would start a connection inside the tunnel (where you have stateful firewalling rules) and see whether the return packets make it through the firewall

I hope this helps!