Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Hello there!
I am a new user of Linux, I currently use Slack 9.0 and I wish to install iptables to my machine. I have some questions and would be thankful if i get answers:
1.How can I understand if my kernel (v.2.4.20) contains everyhting needed for iptables to work, before having to compile it from the scratch?
2.I saw that in the directory lib/modules/2.4.20/kernel/net/ipv6/netfilter there are some modules for iptables, does it mean that I can use them instead of compliling my kernel, and if so how is it possible?
You'll need to go to Network Options in your menuconfig/xconfig and add support for Netfilter, then scroll down to Netfilder options (or configuration) and enable everything (unless you know what you need and don't need)
vexer is refering to recompiling your kernel. I would imagine you already have iptables support, although the path you supplied is the modules for IPv6 which unless you've got a LAN running IPv6 then you won't be using. 'Normal' IP (192.168.10.1 for example) is IPv4. The netfilter module for that would be in /lib/modules/2.4.20/kernel/net/ipv4/netfilter. You can always try running an iptables command and see what happens. The output from lsmod will tell you if the modules are already loaded.
Thank you jharris for your help!
Well the lsmod gives me nothing concerning iptables. In the directory you indicated me there are a lot of modules which one should I modprobe?
BTW IMHO the biggest problem with Linux nowadays is documentation, I mean to say that there is a great number of available documents but someone must try hard to distinguish the garbage from the jewel. I have downloaded a number of HOW-TOs about installing and running iptables and nothing is mentioned about this option, i.e. module-installing iptables, I was about to recompile my kernel...
Switch to su and try typing iptables -L in the console. If you get a list of the current rules, iptables is running. Since Slackware 9 has iptables, if you did a full install it is probably there.
Originally posted by stelmed the directory you indicated me there are a lot of modules which one should I modprobe?
I would expect the kernel to autoload the basic iptables module so you shouldn't need to worry about it really. If Hangdog42's suggestion doesn't throw an error then its there and working.
Quote:
Originally posted by stelmed IMHO the biggest problem with Linux nowadays is documentation, I mean to say that there is a great number of available documents but someone must try hard to distinguish the garbage from the jewel.
You might find some of the longer documents on TLDP useful as they tend work at a higher level and cover the basics without getting too scary. http://www.tldp.org/guides.html
I find that most of the HOWTOs are pretty good so long as you think along the same lines as the author. Most of the time I think I do, however there have been a few where I've not been able to get anywhere with them (an early DNS howto was one) yet friends have given them a quick read an been up and running in 10 minutes.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.