| View previous topic :: View next topic |
| Author |
Message |
cwr
Veteran
Joined: 17 Dec 2005
Posts: 1969
|
 Posted: Mon May 29, 2017 8:42 pm Post subject: iptables and comments [SOLVED] |
 |
|
I've been trying to use the iptables '-m comment --comment "This is a comment"'
setup to annotate some iptables rules, but although loading rules with such comments
doesn't give an error, the rules fail (and the comments don't seem to persist).
Comments seem to be part of the standard iptables setup, not xtables-addons,
but I can't find a comment module anywhere in the kernel config file. Does anyone
know the module's name, or how comments can be installed?
Thanks - Will
Last edited by cwr on Tue May 30, 2017 8:48 am; edited 1 time in total |
|
| Back to top |
|
 |
Ant P.
Watchman
Joined: 18 Apr 2009
Posts: 6920
|
| Posted: Mon May 29, 2017 9:33 pm Post subject: |
|
|
It's in the kernel:
| Code: | CONFIG_NETFILTER_XT_MATCH_COMMENT:
Type : tristate
Prompt: "comment" match support
Location:
-> Networking support (NET [=y])
-> Networking options
-> Network packet filtering framework (Netfilter) (NETFILTER [=y])
-> Core Netfilter Configuration
-> Netfilter Xtables support (required for ip_tables) (NETFILTER_XTABLES [=m]) |
|
|
| Back to top |
|
|
cwr
Veteran
Joined: 17 Dec 2005
Posts: 1969
|
| Posted: Tue May 30, 2017 8:47 am Post subject: |
|
|
Thanks - although iptables work, it looks as if that netfilter section is switched off,
so the option doesn't appear. I'll take a look at it.
Will |
|
| Back to top |
|
|
|
Networking & Security
