Logo 
Search:

Unix / Linux / Ubuntu Forum

Ask Question   UnAnswered
Home » Forum » Unix / Linux / Ubuntu       RSS Feeds

iptables upgrade problem

  Date: Nov 24    Category: Unix / Linux / Ubuntu    Views: 327
  

There is no "CONFIG_IP_NF_TARGET_NETLINK" entry in the .config file. i am using 2.4.18 kernel, i have looked for that entry in the xconfig, i didnt find it there either, plz mail me about it as soon as possible ... i need to implement iptables 1.2.4 or 1.2.5 as soon as possible ..

my iptables file entries are :

# Generated by iptables-save v1.2.3 on Sun Jan 20 21:45:36 2002
*nat
:PREROUTING ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-N HTTP_TRAFFIC
[0:0] -A HTTP_TRAFFIC -i eth0 -s 172.16.0.0/16 -p tcp -m tcp
--dport 80 -j REDIRECT --to-ports 3128
[0:0] -A PREROUTING -i eth0 -s 172.16.0.0/16 -d 172.16.10.29 -p
tcp -m tcp --dport 80 -j ACCEPT
[0:0] -A PREROUTING -i eth0 -s 172.16.3.51 -p tcp -m tcp -j
ACCEPT
[0:0] -A PREROUTING -i eth0 -p tcp -m tcp --dport 3128 -j DROP
#[0:0] -A PREROUTING -i eth1 -s 192.168.0.0/16 -j DROP
#[0:0] -A PREROUTING -i eth1 -s 10.10.0.0/8 -j DROP
#[0:0] -A PREROUTING -i eth1 -s 172.16.0.0/12 -j DROP
[0:0] -A PREROUTING -i eth0 -s 172.16.10.29 -p tcp -m tcp --dport
80 -j REDIRECT --to-ports 80
# Completed on Sun Jan 20 21:45:36 2002
# Generated by iptables-save v1.2.3 on Sun Jan 20 21:45:36 2002
*mangle
:PREROUTING ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
COMMIT
# Completed on Sun Jan 20 21:45:36 2002
# Generated by iptables-save v1.2.3 on Sun Jan 20 21:45:36 2002
*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT DROP [0:0]
[0:0] -A INPUT -d 127.0.0.1 -i lo -j ACCEPT
[0:0] -A INPUT -d 172.16.10.29 -i lo -j ACCEPT
[0:0] -A INPUT -d 202.140.144.99 -i lo -j ACCEPT
[0:0] -A INPUT -s 172.16.0.0/255.255.0.0 -d 172.16.10.29 -i eth0
-p icmp -j ACCEPT
[0:0] -A INPUT -s 172.16.0.0/255.255.0.0 -d 172.16.10.29 -i eth0
-p tcp -m tcp --dport 80 -j ACCEPT
[0:0] -A INPUT -s 172.16.0.0/255.255.0.0 -d 172.16.10.29 -i eth0
-p tcp -m tcp --dport 53 -j ACCEPT
[0:0] -A INPUT -s 172.16.0.0/255.255.0.0 -d 172.16.10.29 -i eth0
-p udp -m udp --dport 53 -j ACCEPT
[0:0] -A INPUT -s 172.16.0.0/255.255.0.0 -d 172.16.10.29 -i eth0
-p tcp -m tcp --dport 22 -j ACCEPT
#[0:0] -A INPUT -d 202.140.144.99 -i eth1 -j ACCEPT
[0:0] -A INPUT -i eth0 -p udp -m udp --dport 67:68 -j ACCEPT
[0:0] -A INPUT -i eth0 -p udp -m udp --dport 137:139 -j ACCEPT
#[0:0] -A FORWARD -p tcp ! --syn -m state --state NEW -j DROP
[0:0] -A FORWARD -s ! 172.16.10.29 -d ! 172.16.10.29 -p tcp -m
tcp --dport 3128 -j DROP
[0:0] -A OUTPUT -s 127.0.0.1 -d 127.0.0.1 -j ACCEPT
[0:0] -A OUTPUT -s 172.16.10.29 -d 172.16.10.29 -j ACCEPT
[0:0] -A OUTPUT -p udp -m udp --sport 67:68 -j ACCEPT
[0:0] -A OUTPUT -p udp -m udp --sport 137:139 -j ACCEPT
[0:0] -A OUTPUT -s 172.16.10.29 -d 172.16.0.0/255.255.0.0 -p icmp
-j ACCEPT
[0:0] -A OUTPUT -s 172.16.10.29 -d 172.16.0.0/255.255.0.0 -p tcp
-m tcp --sport 80 -j ACCEPT
[0:0] -A OUTPUT -s 172.16.10.29 -d 172.16.0.0/255.255.0.0 -p tcp
-m tcp --sport 53 -j ACCEPT
[0:0] -A OUTPUT -s 172.16.10.29 -d 172.16.0.0/255.255.0.0 -p udp
-m udp --sport 53 -j ACCEPT
[0:0] -A OUTPUT -s 172.16.10.29 -d 172.16.0.0/255.255.0.0 -p tcp
-m tcp --sport 22 -j ACCEPT
[0:0] -A OUTPUT -s 202.140.144.99 -j ACCEPT
COMMIT
# Completed on Sun Jan 20 21:45:36 2002


these entries are working fine on iptables 1.2.3 but throw error when i start iptabes. plz let me know if there is any problem with the file entries with respect to the iptables 1.2.4 or 1.2.5

Share: 

 

No Answers Found. Be the First, To Post Answer.

 
Didn't find what you were looking for? Find more on iptables upgrade problem Or get search suggestion and latest updates.




Tagged: