Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
iptables issue
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
parado
n00b
n00b


Joined: 20 Apr 2013
Posts: 2

PostPosted: Sat Apr 20, 2013 10:27 am    Post subject: iptables issue Reply with quote

Hello guys,

I try to setup my firewall and have a little problem with it:

Quote:
iptables -A FORWARD -p tcp --syn -m limit --limit 1/s -j ACCEPT
iptables: No chain/target/match by that name.

iptables -A FORWARD -p tcp --tcp-flags SYN,ACK,FIN,RST RST -m limit --limit 1/s -j ACCEPT
iptables: No chain/target/match by that name.

iptables -A FORWARD -p icmp --icmp-type echo-request -m limit --limit 1/s -j ACCEPT
iptables: No chain/target/match by that name.

iptables -A INPUT -i eth0 -p tcp --dport 80 -j LOG --log-prefix "Apache Access" --log-level 6 -m limit --limit 25/m
iptables: No chain/target/match by that name.


I am running a kernel builded by myself
I tought, this is the problem, then I build a fresh bzImage where ALL netfilter options are checked, but the problem is still the same

Does anyone have an idea what can be the problem?
Back to top
View user's profile Send private message
Schnulli
Apprentice
Apprentice


Joined: 25 Jun 2010
Posts: 155

PostPosted: Sat Apr 20, 2013 11:57 am    Post subject: Re: iptables issue Reply with quote

parado wrote:
Hello guys,

I try to setup my firewall and have a little problem with it:

Quote:
iptables -A FORWARD -p tcp --syn -m limit --limit 1/s -j ACCEPT
iptables: No chain/target/match by that name.

iptables -A FORWARD -p tcp --tcp-flags SYN,ACK,FIN,RST RST -m limit --limit 1/s -j ACCEPT
iptables: No chain/target/match by that name.

iptables -A FORWARD -p icmp --icmp-type echo-request -m limit --limit 1/s -j ACCEPT
iptables: No chain/target/match by that name.

iptables -A INPUT -i eth0 -p tcp --dport 80 -j LOG --log-prefix "Apache Access" --log-level 6 -m limit --limit 25/m
iptables: No chain/target/match by that name.


I am running a kernel builded by myself
I tought, this is the problem, then I build a fresh bzImage where ALL netfilter options are checked, but the problem is still the same

Does anyone have an idea what can be the problem?


a missing chain maybe? ;)
let me ask, ur writing the rules urself? what kind of firewall you need?
How you planed to load them? by autostart iptables? or a script? i wouldt load it by a script so you can leave a few more lines of usefull instructions ;)
I am using for some reasons webmin... > networking > linux-firewall (quick but in this case not dirty)
here you have an easy way to set up a very simple firewall and, if you like some rules, this module also reads them and reports mistakes.... or u use some Gui Firewall interfaces , up to you
seems to me you need to read a little abt iptables "mangle" ;)

regards
Back to top
View user's profile Send private message
khayyam
Veteran
Veteran


Joined: 07 Jun 2012
Posts: 1552

PostPosted: Sat Apr 20, 2013 12:33 pm    Post subject: Reply with quote

parado ...

by the looks of things your missing CONFIG_NETFILTER_XT_MATCH_LIMIT and possibly CONFIG_NETFILTER_XT_TARGET_LOG.

best ... khay
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum