LinuxQuestions.org
Visit the LQ Articles and Editorials section
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware
User Name
Password
Slackware This Forum is for the discussion of Slackware Linux.

Notices

Reply
 
Search this Thread
Old 03-30-2013, 02:58 PM   #1
mutt4xtreme
LQ Newbie
 
Registered: Jan 2013
Posts: 17

Rep: Reputation: Disabled
Exclamation Iptables Problem


I cannot get Iptables to work, i used the command #which iptables to see if it could find it and it says


"which: no itables in (/usr/local/sbin:/usr/sbin:/sbin:/usr/local/bin:/usr/bin:/bin:/usr/games:/usr/lib/kde4/libexec:/usr/lib/qt/bin:/usr/share/texmf/bin)"


In the package manager it says iptables is installed, is there any way to reinstall it to fix the problem I am having? I tried to reinstall it myself but it doesn't put the files in sbin or any of the normal locations the files should be in.
 
Old 03-30-2013, 03:14 PM   #2
rg3
Member
 
Registered: Jul 2007
Distribution: Slackware Linux
Posts: 505

Rep: Reputation: Disabled
It may be a cut&paste problem, but the text you posted says "no itables" instead of "no iptables" (missing p). Other than that, /usr/sbin is in the search path, so I'd either check the iptables package is really installed, or there's a missing symlink:

lrwxrwxrwx 1 root root 13 Feb 6 18:50 /usr/sbin/iptables -> xtables-multi
 
Old 03-30-2013, 03:45 PM   #3
mutt4xtreme
LQ Newbie
 
Registered: Jan 2013
Posts: 17

Original Poster
Rep: Reputation: Disabled
I accidently put it in wrong, it says it is installed but there are no files in the /usr/sbin/iptables/ the file is empty. The whole reason I want to get this to work is to use APF Firewall and it requires iptables to be installed. And APF Firewall cannot find the required files for it to work. So could you possibly guide me through how to reinstall iptables or somehow fix this. Thanks
 
Old 03-30-2013, 04:49 PM   #4
Woodsman
Senior Member
 
Registered: Oct 2005
Distribution: Slackware 14.0/14.1
Posts: 3,476

Rep: Reputation: 532Reputation: 532Reputation: 532Reputation: 532Reputation: 532Reputation: 532
This should get you going:

slackpkg update
slackpkg upgrade-all
 
Old 03-30-2013, 05:33 PM   #5
mutt4xtreme
LQ Newbie
 
Registered: Jan 2013
Posts: 17

Original Poster
Rep: Reputation: Disabled
I tried that and here is what i got:


root@MTI1997-Linux:~# slackpkg update

You do not have any mirror selected in /etc/slackpkg/mirrors
Please edit that file and uncomment ONE mirror. Slackpkg
only works with ONE mirror selected.


root@MTI1997-Linux:~# slackpkg upgrade-all

This appears to be the first time you have run slackpkg.
Before you install|upgrade|reinstall anything, you need to uncomment
ONE mirror in /etc/slackpkg/mirrors and run:

# slackpkg update

You can see more information about slackpkg functions in slackpkg manpage.
 
Old 03-30-2013, 05:50 PM   #6
Woodsman
Senior Member
 
Registered: Oct 2005
Distribution: Slackware 14.0/14.1
Posts: 3,476

Rep: Reputation: 532Reputation: 532Reputation: 532Reputation: 532Reputation: 532Reputation: 532
Edit /etc/slackpkg/mirrors to uncomment a mirror closest to you.
 
Old 03-30-2013, 06:18 PM   #7
mutt4xtreme
LQ Newbie
 
Registered: Jan 2013
Posts: 17

Original Poster
Rep: Reputation: Disabled
I did all that and when I try to run apf firewall still it says it still cant find iptables, it is looking in /sbin/iptables/ and that is not a directory at all. But there is iptable files in /usr/local/sbin/
 
Old 03-30-2013, 07:05 PM   #8
Richard Cranium
Senior Member
 
Registered: Apr 2009
Location: Carrollton, Texas
Distribution: Slackware64 14.1
Posts: 1,443

Rep: Reputation: 409Reputation: 409Reputation: 409Reputation: 409Reputation: 409
Try "slackpkg reinstall iptables" as root.

If that doesn't work, then please post the results of the command
Code:
df -h
 
Old 03-30-2013, 07:12 PM   #9
mutt4xtreme
LQ Newbie
 
Registered: Jan 2013
Posts: 17

Original Poster
Rep: Reputation: Disabled
Still doesn't work, iptables put the files under /usr/sbin/ and apf is looking under /sbin/
 
Old 03-30-2013, 07:20 PM   #10
Woodsman
Senior Member
 
Registered: Oct 2005
Distribution: Slackware 14.0/14.1
Posts: 3,476

Rep: Reputation: 532Reputation: 532Reputation: 532Reputation: 532Reputation: 532Reputation: 532
When the iptables package is installed correctly, the which command should show the following on Slackware:

which iptables
/usr/sbin/iptables

From where did you get this apf firewall? From what I see searching the web, this is some kind of firewall configuration script. That script is not part of the stock Slackware. More than likely the APF firewall script presumes a location of /sbin/iptables rather than /usr/sbin/iptables, which would explain the failure.

A traditional way of configuring iptables in Slackware is to use the following web page, which will generate an rc.firewall script for Slackware:

http://www.slackware.com/~alien/efg/
 
Old 03-30-2013, 07:34 PM   #11
mutt4xtreme
LQ Newbie
 
Registered: Jan 2013
Posts: 17

Original Poster
Rep: Reputation: Disabled
I got apf from this site http://www.rfxn.com I guess ill figure this out later, I made the rc.firewall script and put it in the right directory and im guessing iptables should start everytime I run slackware.
 
Old 03-30-2013, 07:53 PM   #12
Woodsman
Senior Member
 
Registered: Oct 2005
Distribution: Slackware 14.0/14.1
Posts: 3,476

Rep: Reputation: 532Reputation: 532Reputation: 532Reputation: 532Reputation: 532Reputation: 532
Make sure you chmod +x /etc/rc.d/rc.firewall.
 
Old 03-30-2013, 08:11 PM   #13
mutt4xtreme
LQ Newbie
 
Registered: Jan 2013
Posts: 17

Original Poster
Rep: Reputation: Disabled
I did chmod 755 etc/rc.d/rc.firewall/ and then restarted. To make sure it was working I put in iptables -L -n and it outputted a bunch of things, whihc im guessing it is working now.


root@MTI1997-Linux:~# iptables -L -n
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
bad_packets all -- 0.0.0.0/0 0.0.0.0/0
DROP all -- 0.0.0.0/0 224.0.0.1
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
tcp_inbound tcp -- 0.0.0.0/0 0.0.0.0/0
udp_inbound udp -- 0.0.0.0/0 0.0.0.0/0
icmp_packets icmp -- 0.0.0.0/0 0.0.0.0/0
DROP all -- 0.0.0.0/0 0.0.0.0/0 PKTTYPE = broadcast
LOG all -- 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 3 LOG flags 0 level 4 prefix "INPUT packet died: "

Chain FORWARD (policy DROP)
target prot opt source destination

Chain OUTPUT (policy DROP)
target prot opt source destination
DROP icmp -- 0.0.0.0/0 0.0.0.0/0 ctstate INVALID
ACCEPT all -- 127.0.0.1 0.0.0.0/0
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
LOG all -- 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 3 LOG flags 0 level 4 prefix "OUTPUT packet died: "

Chain bad_packets (1 references)
target prot opt source destination
LOG all -- 0.0.0.0/0 0.0.0.0/0 ctstate INVALID LOG flags 0 level 4 prefix "Invalid packet: "
DROP all -- 0.0.0.0/0 0.0.0.0/0 ctstate INVALID
bad_tcp_packets tcp -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0

Chain bad_tcp_packets (1 references)
target prot opt source destination
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:!0x17/0x02 ctstate NEW LOG flags 0 level 4 prefix "New not syn: "
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:!0x17/0x02 ctstate NEW
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x00 LOG flags 0 level 4 prefix "Stealth scan: "
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x00
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x3F LOG flags 0 level 4 prefix "Stealth scan: "
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x3F
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x29 LOG flags 0 level 4 prefix "Stealth scan: "
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x29
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x37 LOG flags 0 level 4 prefix "Stealth scan: "
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x37
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x06/0x06 LOG flags 0 level 4 prefix "Stealth scan: "
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x06/0x06
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x03/0x03 LOG flags 0 level 4 prefix "Stealth scan: "
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x03/0x03
RETURN tcp -- 0.0.0.0/0 0.0.0.0/0

Chain icmp_packets (1 references)
target prot opt source destination
LOG icmp -f 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 4 prefix "ICMP Fragment: "
DROP icmp -f 0.0.0.0/0 0.0.0.0/0
DROP icmp -- 0.0.0.0/0 0.0.0.0/0 icmptype 8
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmptype 11
RETURN icmp -- 0.0.0.0/0 0.0.0.0/0

Chain tcp_inbound (1 references)
target prot opt source destination
RETURN tcp -- 0.0.0.0/0 0.0.0.0/0

Chain tcp_outbound (0 references)
target prot opt source destination
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0

Chain udp_inbound (1 references)
target prot opt source destination
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:137
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:138
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp spt:67 dpt:68
RETURN udp -- 0.0.0.0/0 0.0.0.0/0

Chain udp_outbound (0 references)
target prot opt source destination
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0
 
Old 03-31-2013, 09:58 PM   #14
Richard Cranium
Senior Member
 
Registered: Apr 2009
Location: Carrollton, Texas
Distribution: Slackware64 14.1
Posts: 1,443

Rep: Reputation: 409Reputation: 409Reputation: 409Reputation: 409Reputation: 409
You might find the output of
Code:
iptables-save
to be easier to read.
 
Old 04-01-2013, 02:27 AM   #15
kikinovak
Senior Member
 
Registered: Jun 2011
Location: Montpezat (South France)
Distribution: ElementaryOS, Ubuntu LTS, Slackware
Posts: 1,505

Rep: Reputation: 697Reputation: 697Reputation: 697Reputation: 697Reputation: 697Reputation: 697
Slackware puts iptables in /usr/sbin, whereas distributions like Debian put it in /sbin. Your script isn't portable, meaning it doesn't contain a line like:

Code:
IPT=$(which iptables)
So that's why it doesn't work.

Advice: don't bother with your script, and simply write an iptables firewall yourself. It's easier than you might think.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
iptables error in android: iptables-save and iptables-restore not working preetb123 Linux - Mobile 5 04-11-2011 01:56 PM
[SOLVED] Rather huge IPtables chain, iptables: Memory allocation problem. Gangrif Linux - Networking 10 09-11-2009 03:30 PM
iptables problem qwefgh Linux - Networking 3 03-04-2009 12:40 PM
Strange IPTables or Perhaps its not IPtables problem? helptonewbie Linux - Security 4 01-28-2009 07:54 AM
iptables v1.2.9: Unknown arg `/sbin/iptables' Try `iptables -h' or 'iptables --help' Niceman2005 Linux - Security 4 12-29-2005 08:20 PM


All times are GMT -5. The time now is 08:28 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration