On 3/8/06, Dave Jones <[EMAIL PROTECTED]
> wrote:
Hi Andrew,
Andrew Frink wrote on 03/08/06 14:57:
> You could also just add the "extensions" USE flag to iptables and that
> should give you tarpit support
> On 3/7/06, *Dave Jones* < [EMAIL PROTECTED]
> <mailto:[EMAIL PROTECTED] >> wrote:
> Erik Westenbroek wrote on 03/07/06 04:18:
> > I am attempting create a tarpit to protect against SSH Brute force
> > attempts. I tried this:
> --snip--
> > iptables -A SSH_Brute_Force -p tcp -j TARPIT
> > After I type the last command typed I got this error message:
> > iptables: No chain/target/match by that name
> The standard Gentoo-sources kernel does not include the TARPIT target.
> You need to pick up an updated kernel iptables source from
> netfilter.org <http://netfilter.org>
--- snip---
Simply adding "extensions" to your /etc/make.conf USE is not enough.
Without the iptables kernel source updates you still won't have the
TARPIT target, even though the iptables package will have support for
support it in its library routines.
Cheers, Dave
--
gentoo-user@gentoo.org mailing list
