LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Reply
 
Search this Thread
Old 03-15-2007, 04:44 AM   #1
pk_kala
Member
 
Registered: Feb 2006
Posts: 34

Rep: Reputation: 15
iptables: Invalid argument


I try to install ipp2p on Ubuntu.
after compile kernel to 2.6.20.1, i follow this
#### IPTABLES Block ipt_ipp2p Network ####
1. Download & Compile
# tar xvfz ipp2p.08.tar.gz
# cd ipp2*
# make
# cp ipt_ipp2p.ko /lib/modules/2.6.20.1/kernel/net/ipv4/
# echo "/lib/modules/2.6.20.1/kernel/net/ipv4/ipt_ipp2p.ko" >> /lib/modules/2.6.20.1/modules.dep
# echo "ipt_ipp2p" >> /etc/modules
# modprobe ipt_ipp2p
# depmod -a
# cp libipt_ipp2p.so /lib/iptables/


2. Check IPTABLES + P2P
# iptables -m ipp2p --help

3. Make rules
default rules
# iptables -A FORWARD -p tcp -m ipp2p --ipp2p -j DROP
iptables: Invalid argument

How I resolve ?

Thank you
 
Old 03-15-2007, 11:11 AM   #2
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
a few questions: the documentation states that you need to have the iptables source code installed when you compile ipp2p... did you?? was it auto-detected or did you edit the makefile?? were there any warnings or errors when you did the "make"?? when you did the "iptables -m ipp2p --help" did you get the help screen??
 
Old 03-15-2007, 09:25 PM   #3
pk_kala
Member
 
Registered: Feb 2006
Posts: 34

Original Poster
Rep: Reputation: 15
I download iptables v 1.3.3
and tar and ln -s iptables-1.3.3 /usr/src/iptables

I edit Makefile

IPTABLES_SRC = /usr/src/iptables-1.2.9
to
IPTABLES_SRC = /usr/src/iptables

when make ipp2p doesn't have error and iptables -m ipp2p --help show

# iptables -m ipp2p --help

iptables v1.3.3

Usage: iptables -[AD] chain rule-specification [options]
iptables -[RI] chain rulenum rule-specification [options]
iptables -D chain rulenum [options]
iptables -[LFZ] [chain] [options]
iptables -[NX] chain
iptables -E old-chain-name new-chain-name
iptables -P chain target [options]
iptables -h (print this help information)

Commands:
Either long or short options are allowed.
--append -A chain Append to chain
--delete -D chain Delete matching rule from chain
--delete -D chain rulenum
Delete rule rulenum (1 = first) from chain
--insert -I chain [rulenum]
Insert in chain as rulenum (default 1=first)
--replace -R chain rulenum
Replace rule rulenum (1 = first) in chain
--list -L [chain] List the rules in a chain or all chains
--flush -F [chain] Delete all rules in chain or all chains
--zero -Z [chain] Zero counters in chain or all chains
--new -N chain Create a new user-defined chain
--delete-chain
-X [chain] Delete a user-defined chain
--policy -P chain target
Change policy on chain to target
--rename-chain
-E old-chain new-chain
Change chain name, (moving any references)
Options:
--proto -p [!] proto protocol: by number or name, eg. `tcp'
--source -s [!] address[/mask]
source specification
--destination -d [!] address[/mask]
destination specification
--in-interface -i [!] input name[+]
network interface name ([+] for wildcard)
--jump -j target
target for rule (may load target extension)
--goto -g chain
jump to chain with no return
--match -m match
extended match (may load extension)
--numeric -n numeric output of addresses and ports
--out-interface -o [!] output name[+]
network interface name ([+] for wildcard)
--table -t table table to manipulate (default: `filter')
--verbose -v verbose mode
--line-numbers print line numbers when listing
--exact -x expand numbers (display exact values)
[!] --fragment -f match second or further fragments only
--modprobe=<command> try to insert modules using this command
--set-counters PKTS BYTES set the counter during insert/append
[!] --version -V print package version.

IPP2P v0.8.0 options:
--ipp2p Grab all known p2p packets
--edk [TCP&UDP] All known eDonkey/eMule/Overnet packets
--dc [TCP] All known Direct Connect packets
--kazaa [TCP&UDP] All known KaZaA packets
--gnu [TCP&UDP] All known Gnutella packets
--bit [TCP&UDP] All known BitTorrent packets
--apple [TCP] All known AppleJuice packets
--winmx [TCP] All known WinMX
--soul [TCP] All known SoulSeek
--ares [TCP] All known Ares

DEBUG SUPPPORT, use only if you know why
--debug Generate kernel debug output, THIS WILL SLOW DOWN THE FILTER

Note that the follwing options will have the same meaning:
'--ipp2p' is equal to '--edk --dc --kazaa --gnu --bit --apple --winmx --soul --ares'

IPP2P was intended for TCP only. Due to increasing usage of UDP we needed to change this.
You can now use -p udp to search UDP packets only or without -p switch to search UDP and TCP packets.

See README included with this package for more details or visit http://www.ipp2p.org

Examples:
iptables -A FORWARD -m ipp2p --ipp2p -j MARK --set-mark 0x01
iptables -A FORWARD -p udp -m ipp2p --kazaa --bit -j DROP
iptables -A FORWARD -p tcp -m ipp2p --edk --soul -j DROP
 
Old 03-21-2007, 03:23 AM   #4
pk_kala
Member
 
Registered: Feb 2006
Posts: 34

Original Poster
Rep: Reputation: 15
ipp2p 0.8.2 work fine.
 
Old 06-23-2007, 02:21 AM   #5
sakimustafa
LQ Newbie
 
Registered: Jun 2007
Posts: 2

Rep: Reputation: 0
ipp2p problem same like you

same condition like you all I have done what you posted. Would
you tell me how you resolved it?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
iptables: Invalid argument pk_kala Ubuntu 0 03-15-2007 04:32 AM
accept() : invalid argument KKKKKKKK Programming 4 01-29-2007 04:06 AM
sendto: invalid argument Yury Programming 12 11-04-2006 06:06 AM
Iptables, invalid argument, problem with modprobe ivanatora Linux - Software 1 05-11-2005 05:55 AM
[ Invalid Argument on 'iptables' ] benleung Linux - Security 1 09-23-2003 12:25 AM


All times are GMT -5. The time now is 04:22 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration