← Back to team overview

sslug-teknik team mailing list archive

Re: Kerne 2.4-test9 og ipchains

 

In <39E76734.8684786C@xxxxxxxxxxxxxx> root <leanf@xxxxxxxxxxxxxx> writes:

[netfilter i kerne 2.4]

>Jeg har prøvet at køre scriptet, men den brokker sig med
>"iptables v1.1.1: can't initialize iptables table `filter': iptables who? (do
>you need to insmod?)
>Perhaps iptables or your kernel needs to be upgraded."
[snip]
>Jeg har compiled kernen med option
>[*] Network packet filtering (replaces ipchains)
>[*]   Network packet filtering debugging
>[*] Socket Filtering

Hvad med alle de forskellige netfilter moduler ? Der er et særligt
afsnit i konfigurationen der hedder "IP: Netfilter Configuration",
hvad har du valgt der ?

Du bør have disse slået til (byg dem ind i kernen - ikke som moduler):

* Connection tracking
* FTP protocol support
* IP Tables support
* Connection state match support
* Packet filtering
* REJECT target support
* Full NAT
* MASQUERADE target support
* LOG target support
-- 
Henrik Storner      | "Crackers thrive on code secrecy. Cockcroaches breed 
<henrik@xxxxxxxxxx> |  in the dark. It's time to let the sunlight in."
                    |  
                    |          Eric S. Raymond, re. the Frontpage backdoor


Follow ups

References