On Tue, 15 Feb 2005, Michael Thompson wrote:
> What do I need to do to enable the TARPIT match in IPTables?
>
> I have version 1.2.11 of IPTables and I am running Kernel 2.4.28-gentoo-r5
>
> When I try and add a tarpit rule, such as
>
> iptables -A INPUT -p TCP --dport 80 -j TARPIT
>
> I get back
On Tue, 15 Feb 2005 01:38:05 +, Michael Thompson
<[EMAIL PROTECTED]> wrote:
> What do I need to do to enable the TARPIT match in IPTables?
>
> I have version 1.2.11 of IPTables and I am running Kernel 2.4.28-gentoo-r5
>
> When I try and add a tarpit rule, such as
>
> iptables -A INPUT -p TCP
What do I need to do to enable the TARPIT match in IPTables?
I have version 1.2.11 of IPTables and I am running Kernel 2.4.28-gentoo-r5
When I try and add a tarpit rule, such as
iptables -A INPUT -p TCP --dport 80 -j TARPIT
I get back
iptables: No chain/target/match by that name
Any help app
Mal Herring ha scritto:
Hi List,
I have previously used FWBuilder to build a firewall script, however now
I need a simple fw script to protect a single host that will not be
behind a net or anything like that...
Can someone point me in the direction of some easy scripts to reference
or some materia
Hi List,
I have previously used FWBuilder to build a firewall script, however now
I need a simple fw script to protect a single host that will not be
behind a net or anything like that...
Can someone point me in the direction of some easy scripts to reference
or some material good for a n00b to ge
Hi,
There you go! That's very cool that calculator.
Chris
On 25 Jan 2005, at 20:02, Ralph Slooten wrote:
Thanks Chris ... it's not all 100% clear now, but slowly understanding
more. When I eventually "get it" I'll create a php script to do it for
me *g*.
Thanks again for your time.
I did find th
Thanks Chris ... it's not all 100% clear now, but slowly understanding
more. When I eventually "get it" I'll create a php script to do it for
me *g*.
Thanks again for your time.
I did find this though: http://logi.cc/nw/NetBitCalc.html (using the
netaddr option).
Maybe it'll interest others to
Hi,
I used the "IP Address Converter" section.
I got the binary for the first IP (218.144.0.0), which is:
11011010 1001
Then for the second (218.159.255.255), which is
11011010 1001
Notice how the first 12 bits stay the same, and the last 12 change? 12
i
Wow, thanks Chris for the link I just asked my boss to explain it
to me (without showing him your answer) and he manually worked it out to
be exactly the same. The issue I have is binary etc ... it's still greek
to me (I will try learn it soon though).
Ok, now for the real n00b question :-
Hi,
I found a nice IP address calculator at
http://www.telusplanet.net/public/sparkman/netcalc.htm
Using that, we get 218.144.0.0/12.
HTH,
Chris
Ralph Slooten wrote:
Hello fellow gentoo users,
I run my own dedicated internet server from home with of course
gentoo. What I have noticed, as probabl
Hello fellow gentoo users,
I run my own dedicated internet server from home with of course gentoo.
What I have noticed, as probably many of you have, is that users from
certain ISP's do daily attempts to relay mail, log into ssh etc etc ...
Ok, so I'm pretty well secured as they don't even come
Stroller wrote:
On Feb 2, 2004, at 2:50 pm, Neil Rachynski wrote:
iptables v1.2.8: can't intitialize iptables table 'filter': Tables
does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
When I went to view the file 'rules-save' in /var/lib/iptables, the
On Feb 2, 2004, at 2:50 pm, Neil Rachynski wrote:
iptables v1.2.8: can't intitialize iptables table 'filter': Tables
does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
When I went to view the file 'rules-save' in /var/lib/iptables, the
file was complete
sorry for this message, it was accidental
--
[EMAIL PROTECTED] mailing list
--
Regards,
Rust <[EMAIL PROTECTED]>
--
[EMAIL PROTECTED] mailing list
Not at home at the moment but when I did 'lsmod' earlier, only ip_tables was listed (I
would have to manually 'modprobe' other modules for iptables.
- Original Message -
From: Norbert Kamenicky <[EMAIL PROTECTED]>
Date: Monday, February 2, 2004 9:10 am
Subject:
Neil Rachynski wrote:
Greetings,
I have just finished a GRP installation on a box I was intending to use
as a router/firewall for my home computers. However, once I reboot the
system after the installation is done and emerge iptables (1.2.8-r1), I
can not add, list, or do anything to iptables i
Greetings,
I have just finished a GRP installation on a box I was intending to use
as a router/firewall for my home computers. However, once I reboot the
system after the installation is done and emerge iptables (1.2.8-r1), I
can not add, list, or do anything to iptables itself.
The error I re
Emerge iptables again.
- Original Message -
From: "Catalin Constantin" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, January 26, 2004 12:28 PM
Subject: [gentoo-user] iptables error
> i get the following error when trying to add an iptables rule
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Monday 26 January 2004 11:28, Catalin Constantin wrote:
> i get the following error when trying to add an iptables rule.
>
> /lib/modules/2.4.22/kernel/net/ipv4/netfilter/ip_tables.o: unresolved
> symbol nf_unregister_sockopt
> /lib/modules/2.4.22/k
i get the following error when trying to add an iptables rule.
/lib/modules/2.4.22/kernel/net/ipv4/netfilter/ip_tables.o: unresolved symbol
nf_unregister_sockopt
/lib/modules/2.4.22/kernel/net/ipv4/netfilter/ip_tables.o: unresolved symbol
nf_register_sockopt
/lib/modules/2.4.22/kernel/net/ipv4/n
On Fri, 21 Nov 2003 15:29:45 -0800, Redeeman muttered:
> hi, i am seeking and application for easy building iptables scripts, its
> not anything advanced, it just gotta block some ports from public, and
> route some ports to another machine on my LAN, anyone can suggest an
> app?
rc.firewall - at
>
>
> hi, i am seeking and application for easy building iptables
> scripts, its
> not anything advanced, it just gotta block some ports from public, and
> route some ports to another machine on my LAN, anyone can suggest an
> app?
>
> thanks!
>
Many like shorewall, and some use fwbuilder. My
hi, i am seeking and application for easy building iptables scripts, its
not anything advanced, it just gotta block some ports from public, and
route some ports to another machine on my LAN, anyone can suggest an
app?
thanks!
--
Regards, Redeeman
() ascii ribbon campaign - against html e-mail
Hi Redeeman,
> hi, i am running linux2.6-test9, and i want to use iptables,
> i read the gentoo ip masqurading guide, but, i am wondering
> about the stuff kernel side, i only want to filter some
> ports, and forward some ports, what stuff should i enable in
> the kernel? and after that, shoul
hi, i am running linux2.6-test9, and i want to use iptables, i read the
gentoo ip masqurading guide, but, i am wondering about the stuff kernel
side, i only want to filter some ports, and forward some ports, what
stuff should i enable in the kernel? and after that, should i emerge
iptables? (is ipt
OK, it's getting better, but it still doesn't work. Here's what happens:
root # iptables -t nat -I POSTROUTING -j MASQUERAQDE -s 192.168.1.3/16
/lib/modules/2.4.22-ck1/kernel/net/ipv4/netfilter/ip_tables.o: unresolved symbol
nf_unregister_sockopt
/lib/modules/2.4.22-ck1/kernel/net/ipv4/n
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Sunday 02 November 2003 23:27, Brian Doob wrote:
> Changing that didn't seem to fix my problem. Here's what happened:
>
> root # iptables -t nat -I POSTROUTING -j MASQUERADE -s 192.168.1.3/16
> modprobe: Can't locate module ip_tables
> iptabl
I just re-emerged iptables, but that didn't seem to help. Here's what
happened:
root # iptables -t nat -I POSTROUTING -j MASQUERAQDE -s 192.168.1.3/16
modprobe: Can't locate module ip_tables
iptables v1.2.8: can't initialize iptables table `nat': Table does not
exist (do you need to insmo
On Sun, 02 Nov 2003 15:27:09 -0800, Brian Doob muttered:
> Changing that didn't seem to fix my problem.
Hmm. Try re-emerging iptables?
--
Andrew Farmer
[EMAIL PROTECTED]
pgp0.pgp
Description: PGP signature
Changing that didn't seem to fix my problem. Here's what happened:
root # iptables -t nat -I POSTROUTING -j MASQUERADE -s 192.168.1.3/16
modprobe: Can't locate module ip_tables
iptables v1.2.7a: can't initialize iptables table `nat': Table does not exist (do you
need to insmod?)
Perhaps
-- quoting Jorge Almeida --
> If I understand your point correctly, it doesn't apply: I had
> gentoo-sources running when I first installed iptables, and I changed to
> vanilla-sources only because the former didn't work. Anyway, what I need
> is just some input from people using ge
On Sun, 02 Nov 2003 12:32:31 -0800, Brian Doob muttered:
> I'm trying to get IPTables to work under Gentoo (to connect my Linux
> PDA (with USB ethernet) to the net). This is what happens when I try
> to use IPTables:
> # CONFIG_FILTER is not set
There's your answer...
--
An
I'm trying to get IPTables to work under Gentoo (to connect my Linux PDA (with
USB ethernet) to the net). This is what happens when I try to use IPTables:
root# iptables -t nat -I POSTROUTING -j MASQUERADE -s 192.168.1.200/16
modprobe: Can't locate module ip_tables
iptables v1.2.7a: can'
--- Simon_Kühling <[EMAIL PROTECTED]> wrote:
> > http://www.shorewall.net
>
> ok, shorewall really seems to be quite popular in here :) so i should
> give it a try
> # emerge shorewall
Hi Simon,
Like anything new, you will need to get familar with "Shorewalls" web
site which is top notch.
The
On Sunday 02 Nov 2003 13:28, Simon Kühling wrote:
> ok, shorewall really seems to be quite popular in here :) so i should
> give it a try
> # emerge shorewall
Really?? I tried it when I was using Mandrake and didn't like it.
What worked for me was the IP-Masquerade-HOWTO.html. With that I do
f
> --- Simon_Kühling <[EMAIL PROTECTED]> wrote:
> > > I wonder if your firewall is blocking ping scans. Disable the
> > > firewall and see
> > > if you can ping google.
> >
> > well, you are right - disabling the firewall makes ping work again.
> > maybe it is easier to build my own script from s
On Sun, 2 Nov 2003, William Kenworthy wrote:
> iptables sometimes requires re-emerging to work with a different
> kernel. Dont know why, just that its needed "sometimes".
>
If I understand your point correctly, it doesn't apply: I had gentoo-sources running
when I first installed iptables, and
iptables sometimes requires re-emerging to work with a different
kernel. Dont know why, just that its needed "sometimes".
BillK
On Sun, 2003-11-02 at 17:24, Jorge Almeida wrote:
> Hi everyone,
>
> I tried iptables/shorewall with gentoo-sources and it didn't work. So I changed to
> vanilla-sour
Hi everyone,
I tried iptables/shorewall with gentoo-sources and it didn't work. So I changed to
vanilla-sources and it works fine. I read somewhere that gentoo-sources had some
incompatibility with iptables.
This was some months ago, if I recall correctly. So the question is: is it all right
to
I have been running my own personally developed IPTABLES ruleset since I
converted from ipchains to iptables.
My topology is is pretty simple:
WAN (cable modem) ---> eth1 [FW] eth0 ---> [HUB] --> [LAN boxes]
Note that I am forwarding port 25 from the FW to an internet mail
serv
--- Simon_Kühling <[EMAIL PROTECTED]> wrote:
> > I wonder if your firewall is blocking ping scans. Disable the
> > firewall and see
> > if you can ping google.
>
> well, you are right - disabling the firewall makes ping work again.
> maybe it is easier to build my own script from scratch instea
gshield and shorewall can build you a firewall..
I prefer gshield myself.
> > I wonder if your firewall is blocking ping scans. Disable the
> > firewall and see
> > if you can ping google.
>
> well, you are right - disabling the firewall makes ping work again.
> maybe it is easier to build my
> I wonder if your firewall is blocking ping scans. Disable the
> firewall and see
> if you can ping google.
well, you are right - disabling the firewall makes ping work again.
maybe it is easier to build my own script from scratch instead of using
the one from gentoo-security-guide.
> In my f
I wonder if your firewall is blocking ping scans. Disable the firewall and see
if you can ping google.
In my firewall, I do:
# Block ping scans
iptables -A INPUT -p icmp --icmp-type echo-request -j DROP
# ... but not coming from our LAN
iptables -A FORWARD -p icmp --icmp-type echo-reply -j DROP
Simon,
Save your self allot of time and headakeee and download "emerge -p
shorewall" Shorewall firewall. IPtables made easy. This site is well
maintained has a great mailing list and awesome easy to follow FAQ's
for Standalone workstation, 2 nic's and 3 nic setup with DMZ.
Shorewall is very light
hi everyone,
i'm trying to get my gentoo box running as a firewall and nat-router for
my home-network. therefore i took the iptables-example script as seen in
the gentoo security guide
(http://www.gentoo.org/doc/en/gentoo-security.xml#doc_chap12) and
modified it a little.
the server is able to es
sorry about losing the citation:-(
> "Mojo" == Mojo B Nichols <[EMAIL PROTECTED]> writes:
> On boot iptables script in /etc/runlenvels/boot/iptables
> complains about iptables-restore. I know that
> /var/lib/iptables/rules-save should exist, but what to put int that
> file? Thanx. :o)
On boot iptables script in /etc/runlenvels/boot/iptables complains about
iptables-restore. I know that /var/lib/iptables/rules-save should exist, but what to
put
int that file? Thanx. :o)
I think you simply touch that file. it will stop complaining. and
then if type:
/etc/init.d/iptabl
On boot iptables script in /etc/runlenvels/boot/iptables complains about
iptables-restore. I know that /var/lib/iptables/rules-save should exist, but what to
put
int that file? Thanx. :o)
Meka[ni]
--
[EMAIL PROTECTED] mailing list
: [gentoo-user] iptables help
I'm trying to create a firewall using iptables. I want it to drop
incoming packets except to ports 22, 25, and 80 unless the source
address is 192.168.254.x. I'm asking before I do this because I'm
accessing the computer remotely right now and I don'
- Original Message -
From: "gabriel" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, September 01, 2003 2:57 PM
Subject: Re: [gentoo-user] iptables help
> NO! that will pretty much negate the use of a firewall alltogether!
where
> are y
- Original Message -
From: "gabriel" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, September 01, 2003 2:57 PM
Subject: Re: [gentoo-user] iptables help
> NO! that will pretty much negate the use of a firewall alltogether!
where
> are y
gabriel wrote:
On September 1, 2003 01:23 pm, Andrew Gaffney wrote:
Based on replies on this list and another, I have come up with the
following iptables rules that work for me:
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -P INPUT ACCEPT
iptables -F INPUT
iptables -P OUTPUT ACC
On September 1, 2003 01:23 pm, Andrew Gaffney wrote:
> Based on replies on this list and another, I have come up with the
> following iptables rules that work for me:
>
> echo 1 > /proc/sys/net/ipv4/ip_forward
> iptables -P INPUT ACCEPT
> iptables -F INPUT
> iptables -P OUTPUT A
Patrick Marquetecken wrote:
should this not be the second line line ?
first the
echo 1 > /proc/sys/net/ipv4/ip_forward
then all the drop statements
and then the allow rules ?
I will probably move the DROP policy line back towards the top. I did it
this way so I could be sure I didn't lock mysel
should this not be the second line line ?
first the
echo 1 > /proc/sys/net/ipv4/ip_forward
then all the drop statements
and then the allow rules ?
Patrick
On Mon, 01 Sep 2003 12:23:38 -0500
Andrew Gaffney <[EMAIL PROTECTED]> wrote:
> iptables -P INPUT DROP
--
"Do you know what a Vulcan min
Based on replies on this list and another, I have come up with the
following iptables rules that work for me:
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -P INPUT ACCEPT
iptables -F INPUT
iptables -P OUTPUT ACCEPT
iptables -F OUTPUT
iptables -P FORWARD ACCEPT
iptab
On Fri, 29 Aug 2003 20:52:42 +0200
Peter Eis <[EMAIL PROTECTED]> wrote:
> Why hazzle with iptables?
> I'd rather recommend using shorewall (emerge shorewall). It's much
> easier to configure and has as lot features you'll probably want.
>
> Peter
>
> Andrew Gaffney wrote:
>
> > I'm trying to c
On Fri, 29 Aug 2003 10:47:59 -0500
Andrew Gaffney <[EMAIL PROTECTED]> wrote:
> I'm trying to create a firewall using iptables. I want it to drop
> incoming packets except to ports 22, 25, and 80 unless the source
> address is 192.168.254.x. I'm asking before I do this because I'm
> accessing th
Sent: Friday, August 29, 2003 12:47 PM
> > Subject: [gentoo-user] iptables help
> >
> >>I'm trying to create a firewall using iptables. I want it to drop
> >>incoming packets except to ports 22, 25, and 80 unless the source
> >>address is 192.168.254.x. I&
On Friday 29 August 2003 20:12, Andrew Gaffney wrote:
> Rudmer van Dijk wrote:
> > On Friday 29 August 2003 19:21, Andrew Gaffney wrote:
> >>Andrew Gaffney wrote:
> >>>iptables -A INPUT -s 192.168.254.0/24 -p all -j ACCEPT
> >>>iptables -A INPUT -p tcp --dport 22 -j ACCEPT
> >>>iptables -A INPUT -p
On Fri, Aug 29, 2003 at 08:52:42PM +0200, Peter Eis wrote:
> Why hazzle with iptables?
> I'd rather recommend using shorewall (emerge shorewall). It's much
> easier to configure and has as lot features you'll probably want.
I'll second that. Shorewall works at a higher level of abstraction -
lett
Why hazzle with iptables?
I'd rather recommend using shorewall (emerge shorewall). It's much
easier to configure and has as lot features you'll probably want.
Peter
Andrew Gaffney wrote:
I'm trying to create a firewall using iptables. I want it to drop
incoming packets except to ports 22, 25,
In all this mess remember to accept packets to "lo" from your box as well as
posibly icmp errors
$iptables -A INPUT -i lo -j ACCEPT #Established related will take care of
the return packets
$iptables -A INPUT -p ICMP --icmp-type 0 -j ACCEPT
echo "Accepting ECHO REPLYS"
$iptables -A INPUT -
On Fri, 2003-08-29 at 11:47, Andrew Gaffney wrote:
> I'm trying to create a firewall using iptables. I want it to drop
> incoming packets except to ports 22, 25, and 80 unless the source
> address is 192.168.254.x. I'm asking before I do this because I'm
> accessing the computer remotely right n
Rudmer van Dijk wrote:
On Friday 29 August 2003 19:21, Andrew Gaffney wrote:
Andrew Gaffney wrote:
iptables -A INPUT -s 192.168.254.0/24 -p all -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -j ACCEPT
iptables -A INPUT -p tcp --dport 25 -j ACCEPT
iptables -A INPUT -p tcp --dport 80 -j ACCEPT
iptab
On Friday 29 August 2003 19:21, Andrew Gaffney wrote:
> Andrew Gaffney wrote:
> > iptables -A INPUT -s 192.168.254.0/24 -p all -j ACCEPT
> > iptables -A INPUT -p tcp --dport 22 -j ACCEPT
> > iptables -A INPUT -p tcp --dport 25 -j ACCEPT
> > iptables -A INPUT -p tcp --dport 80 -j ACCEPT
> > iptables
On Friday 29 August 2003 18:41, Andrew Gaffney wrote:
> Andrew Dacey wrote:
> > - Original Message -
> >>I'm trying to create a firewall using iptables. I want it to drop
> >>incoming packets except to ports 22, 25, and 80 unless the source
> >>address is 192.168.254.x. I'm asking before I
Andrew Gaffney wrote:
Andrew Dacey wrote:
- Original Message - From: "Andrew Gaffney"
<[EMAIL PROTECTED]>
To: "Gentoo User" <[EMAIL PROTECTED]>
Sent: Friday, August 29, 2003 12:47 PM
Subject: [gentoo-user] iptables help
I'm trying to create a firew
Andrew Dacey wrote:
- Original Message -
From: "Andrew Gaffney" <[EMAIL PROTECTED]>
To: "Gentoo User" <[EMAIL PROTECTED]>
Sent: Friday, August 29, 2003 12:47 PM
Subject: [gentoo-user] iptables help
I'm trying to create a firewall using iptable
- Original Message -
From: "Andrew Gaffney" <[EMAIL PROTECTED]>
To: "Gentoo User" <[EMAIL PROTECTED]>
Sent: Friday, August 29, 2003 12:47 PM
Subject: [gentoo-user] iptables help
> I'm trying to create a firewall using iptables. I want it to drop
&
At 29 August, 2003 Andrew Gaffney wrote:
> I'm trying to create a firewall using iptables. I want it to drop
> incoming packets except to ports 22, 25, and 80 unless the source
> address is 192.168.254.x. I'm asking before I do this because I'm
> accessing the computer remotely right now and I d
So I should do:
iptables -A INPUT -s 192.168.254.0/24 -p all -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -j ACCEPT
iptables -A INPUT -p tcp --dport 25 -j ACCEPT
iptables -A INPUT -p tcp --dport 80 -j ACCEPT
iptables -P INPUT DROP
The first line would accept anything from any IP in the 192.168.25
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I'd suggest the second option, but be sure to change the policy to DROP
_after_ you've set up rules to allow you access.
- -Jason Martin
On Fri, 29 Aug 2003, Andrew Gaffney wrote:
> I'm trying to create a firewall using iptables. I want it to drop
I'm trying to create a firewall using iptables. I want it to drop
incoming packets except to ports 22, 25, and 80 unless the source
address is 192.168.254.x. I'm asking before I do this because I'm
accessing the computer remotely right now and I don't want to cut myself
off from it. I'm thinkin
]
Subject: Re: [gentoo-user] iptables 1.2.8 problem
i emerged iptables again ('emerge -p iptabes' showed that it was't
installed), mv the new init script over and restarted it. i'm still
getting the same error.
then, on kind of a fluke, i added the path to the executable on the
i emerged iptables again ('emerge -p iptabes' showed that it was't
installed), mv the new init script over and restarted it. i'm still
getting the same error.
then, on kind of a fluke, i added the path to the executable on the
command line, and it accepts the command.
go figure.
> I read this wa
downtime null wrote:
apparently iptables was upgraded in my last 'emerge -u world' or
something. anyway, something has changed and a command that used to
work doesn't now. the command was :
# iptables -t nat -A POSTROUTING -j SNAT -o eth0 --to 10.1.0.27
now it says "iptables: Invalid argument"
s
apparently iptables was upgraded in my last 'emerge -u world' or
something. anyway, something has changed and a command that used to
work doesn't now. the command was :
# iptables -t nat -A POSTROUTING -j SNAT -o eth0 --to 10.1.0.27
now it says "iptables: Invalid argument"
so i discovered that '
begin quote
On Tue, 05 Aug 2003 14:55:31 -0500
"Mike Bellemare" <[EMAIL PROTECTED]> wrote:
>
> hi
> I've build myself a firewall with iptables.
> it's working great and all, except that using nmap to check how to see
> if i could see some difference on the OS detection option, and it's
> doing
hi
I've build myself a firewall with iptables.
it's working great and all, except that using nmap to check how to see if i could see
some difference on the OS detection option, and it's doing none.
Remote operating system guess: Linux kernel 2.4.18 - 2.4.20 (X86)
as i read somewhere on the int
Hi list!
Sebastian Bergmann schrieb:
iptables v1.2.8: can't initialize iptables table `filter': iptables who?
(do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
Any idea what's wrong?
I had the same problem! When I played around a bit with my
kernel-settings, suddenl
I had the same problem.
Did you emerged iptables??
Sebastian Bergmann wrote:
I'm using the Linux 2.4.20-gentoo-r5 kernel and iptables 1.2.8-r1.
When I use "iptables -L" I get
bash-2.05b# iptables -L
/lib/modules/2.4.20-gentoo-r5/kernel/net/ipv4/netfilter/ip_tables.o:
unresolved symbol nf_u
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Monday 14 July 2003 16:29, Sebastian Bergmann wrote:
> I'm using the Linux 2.4.20-gentoo-r5 kernel and iptables 1.2.8-r1.
>
> When I use "iptables -L" I get
>
> bash-2.05b# iptables -L
> /lib/modules/2.4.20-gentoo-r5/kernel/net/ipv4/netfilter/ip
I'm using the Linux 2.4.20-gentoo-r5 kernel and iptables 1.2.8-r1.
When I use "iptables -L" I get
bash-2.05b# iptables -L
/lib/modules/2.4.20-gentoo-r5/kernel/net/ipv4/netfilter/ip_tables.o:
unresolved symbol nf_unregister_sockopt
/lib/modules/2.4.20-gentoo-r5/kernel/net/ipv4/netfilter/ip_tab
> i'm having trouble to get ftp working with my iptable settings.
> I can connect login , but can't see files, then my
> connection is beeing closed. if i stop iptables then
> everything workfine.
See:
http://www.sns.ias.edu/~jns/security/iptables/iptables_conntrack.html
Gwen.
--
[EMAIL PRO
Hi,
i'm having trouble to get ftp working with my iptable settings.
I can connect login , but can't see files, then my connection is beeing closed. if i
stop iptables then everything workfine.
Must i use other setting then below ?
INPUT drops all
iptables -A INPUT -p tcp --sport 20 --dport 1024
* Rick Sivernell <[EMAIL PROTECTED]> [28.06.03 22:48]:
> I have a machine that boots up fine except that iptables says that mask 70 is
> invalid and then terminate. What is wrong and how do I configure iptables in cl
> mode.
70 is not a mask, I think it should be 700 or perhaps 770
search a conf
I have a machine that boots up fine except that iptables says that mask 70 is
invalid and then terminate. What is wrong and how do I configure iptables in cl
mode.
thanks
cheers
--
Rick Sivernell
Dallas, Texas 75287
972 306-2296
[EMAIL PROTECTED]
Gentoo Linux
Registered Linux User
.~.
I wish to install iptables for the obvious reason of securing my
machine. I tried to emerge the package with 'emerge iptables', the pkg
is downloaded and compilation starts, but I then receive the error
below, I tried 3 other mirrors, I also did an 'emerge sync', removed the
file from /usr/portage/
On Sat, 21 Jun 2003, CrPy wrote:
> Hi Jorge,
>
> there is no Problem, because you have it in your Kernel and not as Module.
> This means that shorewall fails to load it as module.
>
> You have to do one of this:
> 1. live with the error message.
> 2. configure it as module (kernel)
> 3. change
Hi Jorge,
there is no Problem, because you have it in your Kernel and not as Module.
This means that shorewall fails to load it as module.
You have to do one of this:
1. live with the error message.
2. configure it as module (kernel)
3. change the shorewall skript
I would prefer to make it as m
On Sat, 21 Jun 2003, CrPy wrote:
> Hi,
>
> ip_conntrack_tftp.o != ip_conntrack_ftp.o
>
> You need to activate the module in your kernel config.
>
> /CrPy>
Well, it seems that it should be there! Maybe some option of uninformative
name is missing ...
localhost root # ls /lib/modules/2.4.21/
Hi,
ip_conntrack_tftp.o != ip_conntrack_ftp.o
You need to activate the module in your kernel config.
/CrPy
Am Samstag, 21. Juni 2003 02:09 schrieb Jorge Almeida:
> On Sat, 21 Jun 2003, Norbert Kamenicky wrote:
> > Jorge Almeida wrote:
> > >unable to load module ip_conntrack_ftp
> > >ip_nat_ftp:
On Sat, 21 Jun 2003, Norbert Kamenicky wrote:
> Jorge Almeida wrote:
>
> >unable to load module ip_conntrack_ftp
> >ip_nat_ftp: error registering helper for port 21
> >
> >Can somebody tell me what this means? I'm using kernel 2.4.21 vanilla.
> >
> >
> Let's have look to /lib/modules/2.4.21/ker
Jorge Almeida wrote:
unable to load module ip_conntrack_ftp
ip_nat_ftp: error registering helper for port 21
Can somebody tell me what this means? I'm using kernel 2.4.21 vanilla.
Let's have look to /lib/modules/2.4.21/kernel/net/ipv4/netfilter if
you have these modules ...
--
[EMAIL PROTEC
I installed iptables+shorewall in single workstation (cable modem, no
local network, no services provided). The config files are the ones
provided by the vendor Shoreline (except that I commented out the rule
allowing the box to be ping'ed, the purpose of which I can't guess). The
thing works (I
Thank you for all your help. I found another script that works for me to
replace the old one.
Mark
--
[EMAIL PROTECTED] mailing list
MIKE MacMartin wrote:
One last question for today:
How can I make the comands:
echo "1" >/proc/sys/net/ipv4/ip_forward
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
permanent, meaning executed at boot time?
Copy one of the /etc/init.d scripts and make it your own. For example (here's
a
1 - 100 of 128 matches
Mail list logo