On Tue, 15 Feb 2005 01:38:05 +, Michael Thompson
[EMAIL PROTECTED] wrote:
What do I need to do to enable the TARPIT match in IPTables?
I have version 1.2.11 of IPTables and I am running Kernel 2.4.28-gentoo-r5
When I try and add a tarpit rule, such as
iptables -A INPUT -p TCP --dport
On Tue, 15 Feb 2005, Michael Thompson wrote:
What do I need to do to enable the TARPIT match in IPTables?
I have version 1.2.11 of IPTables and I am running Kernel 2.4.28-gentoo-r5
When I try and add a tarpit rule, such as
iptables -A INPUT -p TCP --dport 80 -j TARPIT
I get back
What do I need to do to enable the TARPIT match in IPTables?
I have version 1.2.11 of IPTables and I am running Kernel 2.4.28-gentoo-r5
When I try and add a tarpit rule, such as
iptables -A INPUT -p TCP --dport 80 -j TARPIT
I get back
iptables: No chain/target/match by that name
Any help
Hi List,
I have previously used FWBuilder to build a firewall script, however now
I need a simple fw script to protect a single host that will not be
behind a net or anything like that...
Can someone point me in the direction of some easy scripts to reference
or some material good for a n00b to
Mal Herring ha scritto:
Hi List,
I have previously used FWBuilder to build a firewall script, however now
I need a simple fw script to protect a single host that will not be
behind a net or anything like that...
Can someone point me in the direction of some easy scripts to reference
or some
Hi,
There you go! That's very cool that calculator.
Chris
On 25 Jan 2005, at 20:02, Ralph Slooten wrote:
Thanks Chris ... it's not all 100% clear now, but slowly understanding
more. When I eventually get it I'll create a php script to do it for
me *g*.
Thanks again for your time.
I did find
Hello fellow gentoo users,
I run my own dedicated internet server from home with of course gentoo.
What I have noticed, as probably many of you have, is that users from
certain ISP's do daily attempts to relay mail, log into ssh etc etc ...
Ok, so I'm pretty well secured as they don't even come
Hi,
I found a nice IP address calculator at
http://www.telusplanet.net/public/sparkman/netcalc.htm
Using that, we get 218.144.0.0/12.
HTH,
Chris
Ralph Slooten wrote:
Hello fellow gentoo users,
I run my own dedicated internet server from home with of course
gentoo. What I have noticed, as
Wow, thanks Chris for the link I just asked my boss to explain it
to me (without showing him your answer) and he manually worked it out to
be exactly the same. The issue I have is binary etc ... it's still greek
to me (I will try learn it soon though).
Ok, now for the real n00b question
Hi,
I used the IP Address Converter section.
I got the binary for the first IP (218.144.0.0), which is:
11011010 1001
Then for the second (218.159.255.255), which is
11011010 1001
Notice how the first 12 bits stay the same, and the last 12 change? 12
is
Thanks Chris ... it's not all 100% clear now, but slowly understanding
more. When I eventually get it I'll create a php script to do it for
me *g*.
Thanks again for your time.
I did find this though: http://logi.cc/nw/NetBitCalc.html (using the
netaddr option).
Maybe it'll interest others
Greetings,
I have just finished a GRP installation on a box I was intending to use
as a router/firewall for my home computers. However, once I reboot the
system after the installation is done and emerge iptables (1.2.8-r1), I
can not add, list, or do anything to iptables itself.
The error I
Neil Rachynski wrote:
Greetings,
I have just finished a GRP installation on a box I was intending to use
as a router/firewall for my home computers. However, once I reboot the
system after the installation is done and emerge iptables (1.2.8-r1), I
can not add, list, or do anything to iptables
Not at home at the moment but when I did 'lsmod' earlier, only ip_tables was listed (I
would have to manually 'modprobe' other modules for iptables.
- Original Message -
From: Norbert Kamenicky [EMAIL PROTECTED]
Date: Monday, February 2, 2004 9:10 am
Subject: Re: [gentoo-user] iptables
sorry for this message, it was accidental
--
[EMAIL PROTECTED] mailing list
On Feb 2, 2004, at 2:50 pm, Neil Rachynski wrote:
iptables v1.2.8: can't intitialize iptables table 'filter': Tables
does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
When I went to view the file 'rules-save' in /var/lib/iptables, the
file was
Stroller wrote:
On Feb 2, 2004, at 2:50 pm, Neil Rachynski wrote:
iptables v1.2.8: can't intitialize iptables table 'filter': Tables
does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
When I went to view the file 'rules-save' in /var/lib/iptables, the
i get the following error when trying to add an iptables rule.
/lib/modules/2.4.22/kernel/net/ipv4/netfilter/ip_tables.o: unresolved symbol
nf_unregister_sockopt
/lib/modules/2.4.22/kernel/net/ipv4/netfilter/ip_tables.o: unresolved symbol
nf_register_sockopt
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Monday 26 January 2004 11:28, Catalin Constantin wrote:
i get the following error when trying to add an iptables rule.
/lib/modules/2.4.22/kernel/net/ipv4/netfilter/ip_tables.o: unresolved
symbol nf_unregister_sockopt
Emerge iptables again.
- Original Message -
From: Catalin Constantin [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Monday, January 26, 2004 12:28 PM
Subject: [gentoo-user] iptables error
i get the following error when trying to add an iptables rule.
/lib/modules/2.4.22/kernel/net
hi, i am seeking and application for easy building iptables scripts, its
not anything advanced, it just gotta block some ports from public, and
route some ports to another machine on my LAN, anyone can suggest an
app?
thanks!
--
Regards, Redeeman
() ascii ribbon campaign - against html e-mail
hi, i am seeking and application for easy building iptables
scripts, its
not anything advanced, it just gotta block some ports from public, and
route some ports to another machine on my LAN, anyone can suggest an
app?
thanks!
Many like shorewall, and some use fwbuilder. My
On Fri, 21 Nov 2003 15:29:45 -0800, Redeeman muttered:
hi, i am seeking and application for easy building iptables scripts, its
not anything advanced, it just gotta block some ports from public, and
route some ports to another machine on my LAN, anyone can suggest an
app?
rc.firewall - at
hi, i am running linux2.6-test9, and i want to use iptables, i read the
gentoo ip masqurading guide, but, i am wondering about the stuff kernel
side, i only want to filter some ports, and forward some ports, what
stuff should i enable in the kernel? and after that, should i emerge
iptables? (is
Hi Redeeman,
hi, i am running linux2.6-test9, and i want to use iptables,
i read the gentoo ip masqurading guide, but, i am wondering
about the stuff kernel side, i only want to filter some
ports, and forward some ports, what stuff should i enable in
the kernel? and after that, should i
OK, it's getting better, but it still doesn't work. Here's what happens:
root # iptables -t nat -I POSTROUTING -j MASQUERAQDE -s 192.168.1.3/16
/lib/modules/2.4.22-ck1/kernel/net/ipv4/netfilter/ip_tables.o: unresolved symbol
nf_unregister_sockopt
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Sunday 02 November 2003 23:27, Brian Doob wrote:
Changing that didn't seem to fix my problem. Here's what happened:
root # iptables -t nat -I POSTROUTING -j MASQUERADE -s 192.168.1.3/16
modprobe: Can't locate module ip_tables
iptables
I just re-emerged iptables, but that didn't seem to help. Here's what
happened:
root # iptables -t nat -I POSTROUTING -j MASQUERAQDE -s 192.168.1.3/16
modprobe: Can't locate module ip_tables
iptables v1.2.8: can't initialize iptables table `nat': Table does not
exist (do you need to
Hi everyone,
I tried iptables/shorewall with gentoo-sources and it didn't work. So I changed to
vanilla-sources and it works fine. I read somewhere that gentoo-sources had some
incompatibility with iptables.
This was some months ago, if I recall correctly. So the question is: is it all right
iptables sometimes requires re-emerging to work with a different
kernel. Dont know why, just that its needed sometimes.
BillK
On Sun, 2003-11-02 at 17:24, Jorge Almeida wrote:
Hi everyone,
I tried iptables/shorewall with gentoo-sources and it didn't work. So I changed to
vanilla-sources
On Sun, 2 Nov 2003, William Kenworthy wrote:
iptables sometimes requires re-emerging to work with a different
kernel. Dont know why, just that its needed sometimes.
If I understand your point correctly, it doesn't apply: I had gentoo-sources running
when I first installed iptables, and I
--- Simon_Kühling [EMAIL PROTECTED] wrote:
I wonder if your firewall is blocking ping scans. Disable the
firewall and see
if you can ping google.
well, you are right - disabling the firewall makes ping work again.
maybe it is easier to build my own script from scratch instead of
On Sunday 02 Nov 2003 13:28, Simon Kühling wrote:
ok, shorewall really seems to be quite popular in here :) so i should
give it a try
# emerge shorewall
Really?? I tried it when I was using Mandrake and didn't like it.
What worked for me was the IP-Masquerade-HOWTO.html. With that I do
--- Simon_Kühling [EMAIL PROTECTED] wrote:
http://www.shorewall.net
ok, shorewall really seems to be quite popular in here :) so i should
give it a try
# emerge shorewall
Hi Simon,
Like anything new, you will need to get familar with Shorewalls web
site which is top notch.
The other
I'm trying to get IPTables to work under Gentoo (to connect my Linux PDA (with
USB ethernet) to the net). This is what happens when I try to use IPTables:
root# iptables -t nat -I POSTROUTING -j MASQUERADE -s 192.168.1.200/16
modprobe: Can't locate module ip_tables
iptables v1.2.7a:
On Sun, 02 Nov 2003 12:32:31 -0800, Brian Doob muttered:
I'm trying to get IPTables to work under Gentoo (to connect my Linux
PDA (with USB ethernet) to the net). This is what happens when I try
to use IPTables:
snip
# CONFIG_FILTER is not set
There's your answer...
--
-- quoting Jorge Almeida --
If I understand your point correctly, it doesn't apply: I had
gentoo-sources running when I first installed iptables, and I changed to
vanilla-sources only because the former didn't work. Anyway, what I need
is just some input from people using
Changing that didn't seem to fix my problem. Here's what happened:
root # iptables -t nat -I POSTROUTING -j MASQUERADE -s 192.168.1.3/16
modprobe: Can't locate module ip_tables
iptables v1.2.7a: can't initialize iptables table `nat': Table does not exist (do you
need to insmod?)
Perhaps
On Sun, 02 Nov 2003 15:27:09 -0800, Brian Doob muttered:
Changing that didn't seem to fix my problem.
Hmm. Try re-emerging iptables?
--
Andrew Farmer
[EMAIL PROTECTED]
pgp0.pgp
Description: PGP signature
hi everyone,
i'm trying to get my gentoo box running as a firewall and nat-router for
my home-network. therefore i took the iptables-example script as seen in
the gentoo security guide
(http://www.gentoo.org/doc/en/gentoo-security.xml#doc_chap12) and
modified it a little.
the server is able to
Simon,
Save your self allot of time and headakeee and download emerge -p
shorewall Shorewall firewall. IPtables made easy. This site is well
maintained has a great mailing list and awesome easy to follow FAQ's
for Standalone workstation, 2 nic's and 3 nic setup with DMZ.
Shorewall is very light
I wonder if your firewall is blocking ping scans. Disable the firewall and see
if you can ping google.
In my firewall, I do:
# Block ping scans
iptables -A INPUT -p icmp --icmp-type echo-request -j DROP
# ... but not coming from our LAN
iptables -A FORWARD -p icmp --icmp-type echo-reply -j DROP
I wonder if your firewall is blocking ping scans. Disable the
firewall and see
if you can ping google.
well, you are right - disabling the firewall makes ping work again.
maybe it is easier to build my own script from scratch instead of using
the one from gentoo-security-guide.
In my
gshield and shorewall can build you a firewall..
I prefer gshield myself.
I wonder if your firewall is blocking ping scans. Disable the
firewall and see
if you can ping google.
well, you are right - disabling the firewall makes ping work again.
maybe it is easier to build my own
--- Simon_Kühling [EMAIL PROTECTED] wrote:
I wonder if your firewall is blocking ping scans. Disable the
firewall and see
if you can ping google.
well, you are right - disabling the firewall makes ping work again.
maybe it is easier to build my own script from scratch instead of
I have been running my own personally developed IPTABLES ruleset since I
converted from ipchains to iptables.
My topology is is pretty simple:
WAN (cable modem) --- eth1 [FW] eth0 --- [HUB] -- [LAN boxes]
Note that I am forwarding port 25 from the FW to an internet mail
On boot iptables script in /etc/runlenvels/boot/iptables complains about
iptables-restore. I know that /var/lib/iptables/rules-save should exist, but what to
put
int that file? Thanx. :o)
Meka[ni]
--
[EMAIL PROTECTED] mailing list
On boot iptables script in /etc/runlenvels/boot/iptables complains about
iptables-restore. I know that /var/lib/iptables/rules-save should exist, but what to
put
int that file? Thanx. :o)
I think you simply touch that file. it will stop complaining. and
then if type:
sorry about losing the citation:-(
Mojo == Mojo B Nichols [EMAIL PROTECTED] writes:
On boot iptables script in /etc/runlenvels/boot/iptables
complains about iptables-restore. I know that
/var/lib/iptables/rules-save should exist, but what to put int that
file? Thanx. :o)
I think
- Original Message -
From: gabriel [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Monday, September 01, 2003 2:57 PM
Subject: Re: [gentoo-user] iptables help
NO! that will pretty much negate the use of a firewall alltogether!
where
are you droping/rejecting packets? basically your
- Original Message -
From: gabriel [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Monday, September 01, 2003 2:57 PM
Subject: Re: [gentoo-user] iptables help
NO! that will pretty much negate the use of a firewall alltogether!
where
are you droping/rejecting packets? basically your
: [gentoo-user] iptables help
I'm trying to create a firewall using iptables. I want it to drop
incoming packets except to ports 22, 25, and 80 unless the source
address is 192.168.254.x. I'm asking before I do this because I'm
accessing the computer remotely right now and I don't want to cut myself
should this not be the second line line ?
first the
echo 1 /proc/sys/net/ipv4/ip_forward
then all the drop statements
and then the allow rules ?
Patrick
On Mon, 01 Sep 2003 12:23:38 -0500
Andrew Gaffney [EMAIL PROTECTED] wrote:
iptables -P INPUT DROP
--
Do you know what a Vulcan mind
Patrick Marquetecken wrote:
should this not be the second line line ?
first the
echo 1 /proc/sys/net/ipv4/ip_forward
then all the drop statements
and then the allow rules ?
I will probably move the DROP policy line back towards the top. I did it
this way so I could be sure I didn't lock
On September 1, 2003 01:23 pm, Andrew Gaffney wrote:
Based on replies on this list and another, I have come up with the
following iptables rules that work for me:
echo 1 /proc/sys/net/ipv4/ip_forward
iptables -P INPUT ACCEPT
iptables -F INPUT
iptables -P OUTPUT ACCEPT
gabriel wrote:
On September 1, 2003 01:23 pm, Andrew Gaffney wrote:
Based on replies on this list and another, I have come up with the
following iptables rules that work for me:
echo 1 /proc/sys/net/ipv4/ip_forward
iptables -P INPUT ACCEPT
iptables -F INPUT
iptables -P OUTPUT
-flags
SYB,RST,RST,ACK SYN -j ACCEPT
On August 29, 2003 01:41 pm, Andrew Gaffney wrote:
Andrew Dacey wrote:
- Original Message -
From: Andrew Gaffney [EMAIL PROTECTED]
To: Gentoo User [EMAIL PROTECTED]
Sent: Friday, August 29, 2003 12:47 PM
Subject: [gentoo-user] iptables help
On Fri, 29 Aug 2003 10:47:59 -0500
Andrew Gaffney [EMAIL PROTECTED] wrote:
I'm trying to create a firewall using iptables. I want it to drop
incoming packets except to ports 22, 25, and 80 unless the source
address is 192.168.254.x. I'm asking before I do this because I'm
accessing the
On Fri, 29 Aug 2003 20:52:42 +0200
Peter Eis [EMAIL PROTECTED] wrote:
Why hazzle with iptables?
I'd rather recommend using shorewall (emerge shorewall). It's much
easier to configure and has as lot features you'll probably want.
Peter
Andrew Gaffney wrote:
I'm trying to create a
On Friday 29 August 2003 20:12, Andrew Gaffney wrote:
Rudmer van Dijk wrote:
On Friday 29 August 2003 19:21, Andrew Gaffney wrote:
Andrew Gaffney wrote:
iptables -A INPUT -s 192.168.254.0/24 -p all -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -j ACCEPT
iptables -A INPUT -p tcp --dport 25
I'm trying to create a firewall using iptables. I want it to drop
incoming packets except to ports 22, 25, and 80 unless the source
address is 192.168.254.x. I'm asking before I do this because I'm
accessing the computer remotely right now and I don't want to cut myself
off from it. I'm
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I'd suggest the second option, but be sure to change the policy to DROP
_after_ you've set up rules to allow you access.
- -Jason Martin
On Fri, 29 Aug 2003, Andrew Gaffney wrote:
I'm trying to create a firewall using iptables. I want it to drop
So I should do:
iptables -A INPUT -s 192.168.254.0/24 -p all -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -j ACCEPT
iptables -A INPUT -p tcp --dport 25 -j ACCEPT
iptables -A INPUT -p tcp --dport 80 -j ACCEPT
iptables -P INPUT DROP
The first line would accept anything from any IP in the
At 29 August, 2003 Andrew Gaffney wrote:
I'm trying to create a firewall using iptables. I want it to drop
incoming packets except to ports 22, 25, and 80 unless the source
address is 192.168.254.x. I'm asking before I do this because I'm
accessing the computer remotely right now and I
- Original Message -
From: Andrew Gaffney [EMAIL PROTECTED]
To: Gentoo User [EMAIL PROTECTED]
Sent: Friday, August 29, 2003 12:47 PM
Subject: [gentoo-user] iptables help
I'm trying to create a firewall using iptables. I want it to drop
incoming packets except to ports 22, 25, and 80
Andrew Dacey wrote:
- Original Message -
From: Andrew Gaffney [EMAIL PROTECTED]
To: Gentoo User [EMAIL PROTECTED]
Sent: Friday, August 29, 2003 12:47 PM
Subject: [gentoo-user] iptables help
I'm trying to create a firewall using iptables. I want it to drop
incoming packets except
Andrew Gaffney wrote:
Andrew Dacey wrote:
- Original Message - From: Andrew Gaffney
[EMAIL PROTECTED]
To: Gentoo User [EMAIL PROTECTED]
Sent: Friday, August 29, 2003 12:47 PM
Subject: [gentoo-user] iptables help
I'm trying to create a firewall using iptables. I want it to drop
On Friday 29 August 2003 19:21, Andrew Gaffney wrote:
Andrew Gaffney wrote:
iptables -A INPUT -s 192.168.254.0/24 -p all -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -j ACCEPT
iptables -A INPUT -p tcp --dport 25 -j ACCEPT
iptables -A INPUT -p tcp --dport 80 -j ACCEPT
iptables -A INPUT
Rudmer van Dijk wrote:
On Friday 29 August 2003 19:21, Andrew Gaffney wrote:
Andrew Gaffney wrote:
iptables -A INPUT -s 192.168.254.0/24 -p all -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -j ACCEPT
iptables -A INPUT -p tcp --dport 25 -j ACCEPT
iptables -A INPUT -p tcp --dport 80 -j ACCEPT
In all this mess remember to accept packets to lo from your box as well as
posibly icmp errors
$iptables -A INPUT -i lo -j ACCEPT #Established related will take care of
the return packets
$iptables -A INPUT -p ICMP --icmp-type 0 -j ACCEPT
echo Accepting ECHO REPLYS
$iptables -A INPUT -p
Why hazzle with iptables?
I'd rather recommend using shorewall (emerge shorewall). It's much
easier to configure and has as lot features you'll probably want.
Peter
Andrew Gaffney wrote:
I'm trying to create a firewall using iptables. I want it to drop
incoming packets except to ports 22, 25,
On Fri, Aug 29, 2003 at 08:52:42PM +0200, Peter Eis wrote:
Why hazzle with iptables?
I'd rather recommend using shorewall (emerge shorewall). It's much
easier to configure and has as lot features you'll probably want.
I'll second that. Shorewall works at a higher level of abstraction -
apparently iptables was upgraded in my last 'emerge -u world' or
something. anyway, something has changed and a command that used to
work doesn't now. the command was :
# iptables -t nat -A POSTROUTING -j SNAT -o eth0 --to 10.1.0.27
now it says iptables: Invalid argument
so i discovered that
downtime null wrote:
apparently iptables was upgraded in my last 'emerge -u world' or
something. anyway, something has changed and a command that used to
work doesn't now. the command was :
# iptables -t nat -A POSTROUTING -j SNAT -o eth0 --to 10.1.0.27
now it says iptables: Invalid argument
so
i emerged iptables again ('emerge -p iptabes' showed that it was't
installed), mv the new init script over and restarted it. i'm still
getting the same error.
then, on kind of a fluke, i added the path to the executable on the
command line, and it accepts the command.
go figure.
I read this
]
Subject: Re: [gentoo-user] iptables 1.2.8 problem
i emerged iptables again ('emerge -p iptabes' showed that it was't
installed), mv the new init script over and restarted it. i'm still
getting the same error.
then, on kind of a fluke, i added the path to the executable on the
command line
begin quote
On Tue, 05 Aug 2003 14:55:31 -0500
Mike Bellemare [EMAIL PROTECTED] wrote:
hi
I've build myself a firewall with iptables.
it's working great and all, except that using nmap to check how to see
if i could see some difference on the OS detection option, and it's
doing none.
hi
I've build myself a firewall with iptables.
it's working great and all, except that using nmap to check how to see if i could see
some difference on the OS detection option, and it's doing none.
Remote operating system guess: Linux kernel 2.4.18 - 2.4.20 (X86)
as i read somewhere on the
Hi list!
Sebastian Bergmann schrieb:
iptables v1.2.8: can't initialize iptables table `filter': iptables who?
(do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
Any idea what's wrong?
I had the same problem! When I played around a bit with my
kernel-settings,
I'm using the Linux 2.4.20-gentoo-r5 kernel and iptables 1.2.8-r1.
When I use iptables -L I get
bash-2.05b# iptables -L
/lib/modules/2.4.20-gentoo-r5/kernel/net/ipv4/netfilter/ip_tables.o:
unresolved symbol nf_unregister_sockopt
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Monday 14 July 2003 16:29, Sebastian Bergmann wrote:
I'm using the Linux 2.4.20-gentoo-r5 kernel and iptables 1.2.8-r1.
When I use iptables -L I get
bash-2.05b# iptables -L
I had the same problem.
Did you emerged iptables??
Sebastian Bergmann wrote:
I'm using the Linux 2.4.20-gentoo-r5 kernel and iptables 1.2.8-r1.
When I use iptables -L I get
bash-2.05b# iptables -L
/lib/modules/2.4.20-gentoo-r5/kernel/net/ipv4/netfilter/ip_tables.o:
unresolved symbol
Hi,
i'm having trouble to get ftp working with my iptable settings.
I can connect login , but can't see files, then my connection is beeing closed. if i
stop iptables then everything workfine.
Must i use other setting then below ?
INPUT drops all
iptables -A INPUT -p tcp --sport 20 --dport
i'm having trouble to get ftp working with my iptable settings.
I can connect login , but can't see files, then my
connection is beeing closed. if i stop iptables then
everything workfine.
See:
http://www.sns.ias.edu/~jns/security/iptables/iptables_conntrack.html
Gwen.
--
[EMAIL
* Rick Sivernell [EMAIL PROTECTED] [28.06.03 22:48]:
I have a machine that boots up fine except that iptables says that mask 70 is
invalid and then terminate. What is wrong and how do I configure iptables in cl
mode.
70 is not a mask, I think it should be 700 or perhaps 770
search a config
I have a machine that boots up fine except that iptables says that mask 70 is
invalid and then terminate. What is wrong and how do I configure iptables in cl
mode.
thanks
cheers
--
Rick Sivernell
Dallas, Texas 75287
972 306-2296
[EMAIL PROTECTED]
Gentoo Linux
Registered Linux User
I wish to install iptables for the obvious reason of securing my
machine. I tried to emerge the package with 'emerge iptables', the pkg
is downloaded and compilation starts, but I then receive the error
below, I tried 3 other mirrors, I also did an 'emerge sync', removed the
file from
Hi,
ip_conntrack_tftp.o != ip_conntrack_ftp.o
You need to activate the module in your kernel config.
/CrPy
Am Samstag, 21. Juni 2003 02:09 schrieb Jorge Almeida:
On Sat, 21 Jun 2003, Norbert Kamenicky wrote:
Jorge Almeida wrote:
unable to load module ip_conntrack_ftp
ip_nat_ftp: error
On Sat, 21 Jun 2003, CrPy wrote:
Hi,
ip_conntrack_tftp.o != ip_conntrack_ftp.o
You need to activate the module in your kernel config.
/CrPy
Well, it seems that it should be there! Maybe some option of uninformative
name is missing ...
localhost root # ls
Hi Jorge,
there is no Problem, because you have it in your Kernel and not as Module.
This means that shorewall fails to load it as module.
You have to do one of this:
1. live with the error message.
2. configure it as module (kernel)
3. change the shorewall skript
I would prefer to make it as
On Sat, 21 Jun 2003, CrPy wrote:
Hi Jorge,
there is no Problem, because you have it in your Kernel and not as Module.
This means that shorewall fails to load it as module.
You have to do one of this:
1. live with the error message.
2. configure it as module (kernel)
3. change the
I installed iptables+shorewall in single workstation (cable modem, no
local network, no services provided). The config files are the ones
provided by the vendor Shoreline (except that I commented out the rule
allowing the box to be ping'ed, the purpose of which I can't guess). The
thing works (I
Jorge Almeida wrote:
unable to load module ip_conntrack_ftp
ip_nat_ftp: error registering helper for port 21
Can somebody tell me what this means? I'm using kernel 2.4.21 vanilla.
Let's have look to /lib/modules/2.4.21/kernel/net/ipv4/netfilter if
you have these modules ...
--
[EMAIL
On Sat, 21 Jun 2003, Norbert Kamenicky wrote:
Jorge Almeida wrote:
unable to load module ip_conntrack_ftp
ip_nat_ftp: error registering helper for port 21
Can somebody tell me what this means? I'm using kernel 2.4.21 vanilla.
Let's have look to
Thank you for all your help. I found another script that works for me to
replace the old one.
Mark
--
[EMAIL PROTECTED] mailing list
Hello,
I am setting up a wireless network and am using gentoo with the hostap driver
as a access point. I can both ping from and to the machine from a wireless
device to the machine and from a wired device to the machine, but i can not
ping from a wireless device to another wired device on the
]
To: [EMAIL PROTECTED]
Sent: Wednesday, June 04, 2003 1:53 PM
Subject: [gentoo-user] iptables
Hi.
Quick question. I would like to block an ip temporarily. I would like to
accomplish this without modifying my firewall just on the fly. I am
banking that all I would need to do is type
iptables
On Thursday 05 June 2003 04:22 am, Mark Fisher wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Thursday 05 Jun 2003 3:08 am, Klaus D. Neumann wrote:
modprobe: Can't locate module ip_tables
iptables v1.2.8: can't initialize iptables table `nat': iptables who? (do
you need to
On Thursday 05 June 2003 04:22 am, Mark Fisher wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Thursday 05 Jun 2003 3:08 am, Klaus D. Neumann wrote:
modprobe: Can't locate module ip_tables
iptables v1.2.8: can't initialize iptables table `nat': iptables who? (do
you need to
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Friday 06 Jun 2003 7:12 am, Klaus D. Neumann wrote:
After recompiling my kernel, iptables as module this time, the comand gives
my this:
bash-2.05b# insmod ip_tables
Using /lib/modules/2.4.20-gentoo-r5/kernel/net/ipv4/netfilter/ip_tables.o
1 - 100 of 117 matches
Mail list logo