LinuxQuestions.org
Register a domain and help support LQ
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 02-22-2005, 06:05 AM   #1
wooshyFox
Member
 
Registered: Feb 2005
Distribution: debian sarge
Posts: 102

Rep: Reputation: 15
iptables module installation?


hi, wonder if anyone can help...

I just got a new (leased) server (debian sarge 3.1, kernel 2.6.10), and the 1st thing i do is to try and set up a firewall and find it doesn't seem to have iptables support configured. This isnt the first time this has happened, my last debian box didn't either but I redid the kernel and included it and all was well....

I can't see anywhere to do this on this new system, and am wondering if it's been taken out and made into a module.

I don't have a clue how to create an ipstable module, and I've looked all over and only ended up getting more confused. I have apt-get install'ed iptables, but got no further.

I've been using unix/linux for years but i don't really get enough time to stay up-to-date is my problem - any pointers would be very welcome....

Thanks,
woosh
 
Old 02-22-2005, 07:21 AM   #2
harken
Member
 
Registered: Jan 2005
Location: Between the chair and the desk
Distribution: Debian Sarge, kernel 2.6.13
Posts: 666

Rep: Reputation: 30
I was going to reply to your other post but since you started tihs one...look here:
http://www.debian.org/doc/manuals/se...firewall-setup
 
Old 02-22-2005, 07:23 AM   #3
Bruce Hill
HCL Maintainer
 
Registered: Jun 2003
Location: McCalla, AL
Distribution: Funtoo
Posts: 6,926

Rep: Reputation: 128Reputation: 128
edit ;-)

Last edited by Bruce Hill; 02-22-2005 at 07:25 AM.
 
Old 02-22-2005, 08:02 AM   #4
wooshyFox
Member
 
Registered: Feb 2005
Distribution: debian sarge
Posts: 102

Original Poster
Rep: Reputation: 15
still can't figure out how to install iptables... can't see anywhere in make menuconfig to include it or Mod it....

I'll be OK if i can get that far... (I think!)

Wooshy
 
Old 02-22-2005, 08:28 AM   #5
wooshyFox
Member
 
Registered: Feb 2005
Distribution: debian sarge
Posts: 102

Original Poster
Rep: Reputation: 15
hah - finally found it in make menuconfig....

under 'device drivers/networking support/networking options/network packet filter/netfilter config/IP tables support'.... phew!

but it appears to be 'on' : theres a * by networl packet filtering, and an M by IP tables support, so there *should* be a module for ip_tables for the kernel to load, but I can't see one anywhere - it certainly isnt in /etc/modules;

when i look in
/lib/modules/2.4.18-bf2.4/kernel/drivers/net/
there are quite a lot of files with .o at the end (are these modules?) but nothing that looks like ip_tables or netfilter, and in
/lib/modules/2.6.10/kernel/drivers/net where I should think they SHOULD go (?) there aren't many at all, just 5:
drwxr-xr-x 2 root root 4096 Jan 27 10:21 bonding
-rw-r--r-- 1 root root 3832 Jan 17 10:25 dummy.ko
-rw-r--r-- 1 root root 6531 Jan 17 10:25 eql.ko
-rw-r--r-- 1 root root 7534 Jan 17 10:25 shaper.ko
-rw-r--r-- 1 root root 8296 Jan 17 10:25 tun.ko


I hate it when someone else sets a system up for you - you spend ages just trying to find out wehats been done...

HEEELP !

wooshy
 
Old 02-22-2005, 08:38 AM   #6
peter_robb
Senior Member
 
Registered: Feb 2002
Location: Szczecin, Poland
Distribution: Gentoo, Debian
Posts: 2,458

Rep: Reputation: 48
Try in /lib/modules/2.6.10/kernel/net/ipv4/netfilter

Last edited by peter_robb; 02-22-2005 at 08:40 AM.
 
Old 02-22-2005, 08:53 AM   #7
wooshyFox
Member
 
Registered: Feb 2005
Distribution: debian sarge
Posts: 102

Original Poster
Rep: Reputation: 15
....doesnt even have a /lib/modules/2.6.10/kernel/net directory

only arch, drivers and fs

wooshy
 
Old 02-22-2005, 09:00 AM   #8
peter_robb
Senior Member
 
Registered: Feb 2002
Location: Szczecin, Poland
Distribution: Gentoo, Debian
Posts: 2,458

Rep: Reputation: 48
How did you install that kernel? And check if it exists in the 2.4.18-bf2 directory..

It may be possible that they are complied into the kernel..
Read /boot/config-2.6.10 if it exists and see if modules were made M, or compiled in *..

You will have to install the "testing" packages to match that 2.6.10 kernel..

Last edited by peter_robb; 02-22-2005 at 09:02 AM.
 
Old 02-22-2005, 09:19 AM   #9
wooshyFox
Member
 
Registered: Feb 2005
Distribution: debian sarge
Posts: 102

Original Poster
Rep: Reputation: 15
unfortunately I dint install the kernel - I lease the box...
I did check th 2.4.18-bf2 directory - nothing there either...
Looking at make menuconfig settings (I loaded the config file), it has been compiled with Network packet filtering built-in(*) and IP tables support as a Module (M)...
[Don't really know what to look 4 in /boot/config (symlink) file - no occurences of ip_tables or netfilter (but there isnt in my other server and that is running ip_tables fine - albeit built-in to kernel)]
...where have all me modules gone?
I did a modprobe ip_tables and it says:
FATAL: Module ip_tables not found.
 
Old 02-22-2005, 10:04 AM   #10
wooshyFox
Member
 
Registered: Feb 2005
Distribution: debian sarge
Posts: 102

Original Poster
Rep: Reputation: 15
should i just remake the kernel? if i do will this put all my modules in the right place(s)?

????????
 
Old 02-22-2005, 10:40 AM   #11
peter_robb
Senior Member
 
Registered: Feb 2002
Location: Szczecin, Poland
Distribution: Gentoo, Debian
Posts: 2,458

Rep: Reputation: 48
Better to apt-get the standard kernel package and iptables package
Check /etc/apt/sources.list and make sure you have entries for testing..
eg
deb ftp://ftp.nl.debian.org/debian testing main contrib non-free
deb http://security.debian.org/ testing/updates main contrib non-free

The mirror list is at http://www.debian.org/mirror/list

Do apt-get update to referesh the list
Do apt-get upgrade to get a list of packages that need upgrading
See if kernel and iptables are in the list. If so you can say yes..
There may be other upgrades that will require some interactive work answering config questions, so make the list shorter manually if you want..
You may need to redo lilo manually. Do it anyway after the install to be sure it's done.
Check /boot to make sure the kernel has installed and /lib/modules/2.6.10/kernel/net/ipv4/netfilter, then do lilo -v
Check the config files that were updated and reboot, smiling..

Last edited by peter_robb; 02-22-2005 at 10:42 AM.
 
Old 02-22-2005, 10:59 AM   #12
wooshyFox
Member
 
Registered: Feb 2005
Distribution: debian sarge
Posts: 102

Original Poster
Rep: Reputation: 15
did apt-get upgrade but neither kernel nor anything with 'net' or 'ip' were in resulting list...

oops that's bust webmin, lah-di-lah

wooshy
 
Old 02-22-2005, 11:29 AM   #13
peter_robb
Senior Member
 
Registered: Feb 2002
Location: Szczecin, Poland
Distribution: Gentoo, Debian
Posts: 2,458

Rep: Reputation: 48
Ok, so it can be done manually..

Do dpkg -l kernel* to see what's listed..
then do apt-get --reinstall install kernel-image-2.6.10 iptables
 
Old 02-22-2005, 11:41 AM   #14
YetAnotherDave
Member
 
Registered: Feb 2005
Posts: 95

Rep: Reputation: 17
How about this then ?

#!/bin/bash
xterm '/path/to/server1 <arg>' &
xterm '/path/to/server2' &
.
.
xterm '/path/to/serverN <arg> <arg>' &
wait


Each xterm will run its command in a new window.
The "wait" command will wait for all of the xterm commands to finish.
 
Old 02-22-2005, 11:45 AM   #15
wooshyFox
Member
 
Registered: Feb 2005
Distribution: debian sarge
Posts: 102

Original Poster
Rep: Reputation: 15
can't see anyhting like ip_tables or netfilter in the dpkg -l kernel*, but then it is in columns and the first is too narrow to read all the names...
Also there is no kernel-image-2.6.10 in there... there are loads of kernel-images up to 2.6.9-2-686 and a plain 'kernel-image' - do you think this is kernel-image-2.6.10 by another name?
should i go ahead? (or will ibe downgrading something??)

...getting more and more lost....

wooshy
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
iptables module config swmok Linux - Networking 3 04-17-2005 09:42 AM
trouble with iptables module wazilian Linux - Networking 0 09-24-2004 03:55 PM
trouble with iptables module wazilian Linux - Networking 0 09-24-2004 03:55 PM
iptables module error? hotrodowner Linux - Networking 1 04-02-2003 09:07 AM
IPTABLES module won't load TruckStuff Linux - General 1 05-11-2002 12:53 AM


All times are GMT -5. The time now is 09:54 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration