View previous topic :: View next topic |
Author |
Message |
z0qxD0rf n00b
Joined: 22 Jan 2019 Posts: 1 Location: West-Europe
|
Posted: Tue Jan 22, 2019 11:50 am Post subject: [ ufw-0.35-r1 & Iptables-1.8.2-r2 ] : no target LOG |
|
|
Hello all,
I'm new to gentoo so this will be my first post on the forum. GENTOO ROCKS!
I have a problem with enabling ufw.
It seems that there is some misconfiguration in the: user.rules and user6.rules.
when i:
:
Quote: | ERROR: Could not load logging rules |
also when:
Code: | /usr/share/ufw/check-requirements |
Quote: |
=== IPv4 ===
...
DROP: pass
REJECT: pass
LOG: FAIL
error was: iptables v1.8.2 (legacy): Couldn't load target `LOG':No such file or directory
...
=== IPv6 ===
...
DROP: pass
REJECT: pass
LOG: FAIL
error was: ip6tables v1.8.2 (legacy): Couldn't load target `LOG':No such file or directory
...
|
My user.rules file follows default:
Quote: |
7 *filter
6 :ufw-user-input - [0:0]
5 :ufw-user-output - [0:0]
4 :ufw-user-forward - [0:0]
3 :ufw-before-logging-input - [0:0]
2 :ufw-before-logging-output - [0:0]
1 :ufw-before-logging-forward - [0:0]
0 :ufw-user-logging-input - [0:0]
1 :ufw-user-logging-output - [0:0]
2 :ufw-user-logging-forward - [0:0]
3 :ufw-after-logging-input - [0:0]
4 :ufw-after-logging-output - [0:0]
5 :ufw-after-logging-forward - [0:0]
6 :ufw-logging-deny - [0:0]
7 :ufw-logging-allow - [0:0]
8 :ufw-user-limit - [0:0]
9 :ufw-user-limit-accept - [0:0]
10 ### RULES ###
11
12 ### END RULES ###
13
14 ### LOGGING ###
15 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] "
16 -A ufw-after-logging-output -j LOG --log-prefix "[UFW ALLOW] "
17 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] "
18 -A ufw-logging-deny -m conntrack --ctstate INVALID -j LOG --log-prefix "[UFW AUDIT INVALID] "
19 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] "
20 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] "
21 -I ufw-before-logging-input -j LOG --log-prefix "[UFW AUDIT] " -m limit --limit 3/min --limit-burst 10
22 -I ufw-before-logging-output -j LOG --log-prefix "[UFW AUDIT] " -m limit --limit 3/min --limit-burst 10
23 -I ufw-before-logging-forward -j LOG --log-prefix "[UFW AUDIT] " -m limit --limit 3/min --limit-burst 10
24 ### END LOGGING ###
25
26 ### RATE LIMITING ###
27 -A ufw-user-limit -m limit --limit 3/minute -j LOG --log-prefix "[UFW LIMIT BLOCK] "
28 -A ufw-user-limit -j REJECT
29 -A ufw-user-limit-accept -j ACCEPT
30 ### END RATE LIMITING ###
31 COMMIT
|
I've disabled IPv6 support
and some poking around i think it might be this line that's causing the no-joy
( i've re-emerged and couldn't reproduce this specific error)
Quote: |
27 -A ufw-user-limit -m limit --limit 3/minute -j LOG --log-prefix "[UFW LIMIT BLOCK] "
|
Is there anyone that can shine some light?
Much appreciated! |
|
Back to top |
|
|
mike155 Advocate
Joined: 17 Sep 2010 Posts: 4438 Location: Frankfurt, Germany
|
Posted: Tue Jan 22, 2019 10:00 pm Post subject: |
|
|
Hello z0qxD0rf,
welcome to the Gentoo forums!
I'm not an expert, but I think the error message
Code: | error was: iptables v1.8.2 (legacy): Couldn't load target 'LOG': No such file or directory |
was thrown because your test program tried to add a rule with a LOG target. It failed because the kernel Netfilter LOG module was not available. It tried to load that module, but it couldn't find it.
Please show us the output of
Code: | zcat /proc/config.gz | grep "CONFIG_N.*LOG" |
and of
and of
Mike |
|
Back to top |
|
|
Schnulli Guru
Joined: 25 Jun 2010 Posts: 320 Location: Bremen DE
|
Posted: Wed Jan 23, 2019 11:18 pm Post subject: |
|
|
Hey....
i was using ufw and gufw as well for a while, lazy as i am i...
But......
If you realy want to have it working and fully compatible to other deamons like fail2ban and others, you better use directly iptables.
Security Deamons will automaticly read the log files and if in need add some rules automaticliy to iptables.
Years ago i was figuring out how to secure smtp and dovecot i changed the path to the log and fail2ban was able to read the syslog and block .....
i hopep you got it
The logic behind iptable is pure logic.
I am about to kick on all my systems ufw and gufw it is nothing more like a Desktop Firewall for endusers, nothing for Servers or complex security solutions......
Regards. |
|
Back to top |
|
|
|