Hi Daniel Daniel Iliev wrote on 01/04/07 15:03: > Recently I was looking through my logs when I got pissed off (again) by > the big number of lines showing something like 'sshd: auth. error: > unknown user "XXX" from "some IP address"'. I wrote a script which > automatically sets all connections from those IP addresses to be > dropped. Next I decided to change "-j DROP" with "-j TARPIT" and I > realized that gentoo-sources doesn't provide the netfilter target "TARPIT".
> My question: what is the best way get this iptables module working w/o > diverting too much from the official Gentoo installation. I mean the > normal way is to use patch-o-matic to patch iptables source and vanilla > kernel source, then build and install. I have the feeling that it is not > exactly the right thing to with Gentoo. cd /usr/src svn co https://svn.netfilter.org/netfilter/trunk/patch-o-matic-ng svn co https://svn.netfilter.org/netfilter/trunk/iptables cd patch-o-matic-ng ./runme extra cd /usr/src/linux make menuconfig make && make modules_install && make install make sure you have USE "extensions" in your make.conf emerge iptables Cheers, Dave -- gentoo-user@gentoo.org mailing list
