sslug-teknik team mailing list archive
-
sslug-teknik team
-
Mailing list archive
-
Message #28665
Re: Kerne 2.4-test9 og ipchains
In <39E76734.8684786C@xxxxxxxxxxxxxx> root <leanf@xxxxxxxxxxxxxx> writes:
[netfilter i kerne 2.4]
>Jeg har prøvet at køre scriptet, men den brokker sig med
>"iptables v1.1.1: can't initialize iptables table `filter': iptables who? (do
>you need to insmod?)
>Perhaps iptables or your kernel needs to be upgraded."
[snip]
>Jeg har compiled kernen med option
>[*] Network packet filtering (replaces ipchains)
>[*] Network packet filtering debugging
>[*] Socket Filtering
Hvad med alle de forskellige netfilter moduler ? Der er et særligt
afsnit i konfigurationen der hedder "IP: Netfilter Configuration",
hvad har du valgt der ?
Du bør have disse slået til (byg dem ind i kernen - ikke som moduler):
* Connection tracking
* FTP protocol support
* IP Tables support
* Connection state match support
* Packet filtering
* REJECT target support
* Full NAT
* MASQUERADE target support
* LOG target support
--
Henrik Storner | "Crackers thrive on code secrecy. Cockcroaches breed
<henrik@xxxxxxxxxx> | in the dark. It's time to let the sunlight in."
|
| Eric S. Raymond, re. the Frontpage backdoor
Follow ups
References