LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Linux From Scratch
User Name
Password
Linux From Scratch This Forum is for the discussion of LFS.
LFS is a project that provides you with the steps necessary to build your own custom Linux system.

Notices


Reply
  Search this Thread
Old 09-30-2005, 11:36 AM   #1
satimis
Senior Member
 
Registered: Apr 2003
Posts: 3,695

Rep: Reputation: 56
Iptables problem


Hi folks,

BLFS 6.1

On running;

# /etc/rc.d/init.d/iptables start
Code:
Simple mixer control 'Master',0
  Capabilities: pvolume pswitch pswitch-joined
  Playback channels: Front Left - Front Right
  Limits: Playback 0 - 31
  Front Left: Playback 25 [81%] [on]
  Front Right: Playback 25 [81%] [on]
Simple mixer control 'CD',0
  Capabilities: pvolume pswitch pswitch-joined cswitch cswitch-joined cswitch-exclusive
  Capture exclusive group: 0
  Playback channels: Front Left - Front Right
  Capture channels: Front Left - Front Right
  Limits: Playback 0 - 31
  Front Left: Playback 25 [81%] [on] Capture [off]
  Front Right: Playback 25 [81%] [on] Capture [off]
Simple mixer control 'PCM',0
  Capabilities: pvolume pswitch pswitch-joined
  Playback channels: Front Left - Front Right
  Limits: Playback 0 - 31
  Front Left: Playback 25 [81%] [on]
  Front Right: Playback 25 [81%] [on]
Simple mixer control 'Line',0
  Capabilities: pvolume pswitch pswitch-joined cswitch cswitch-joined cswitch-exclusive
  Capture exclusive group: 0
  Playback channels: Front Left - Front Right
  Capture channels: Front Left - Front Right
  Limits: Playback 0 - 31
  Front Left: Playback 25 [81%] [on] Capture [off]
  Front Right: Playback 25 [81%] [on] Capture [off]
---------------------------------------------------------------
Starting iptables...
FATAL: Module ip_tables not found.
FATAL: Module iptable_filter not found.
FATAL: Module ip_conntrack not found.
FATAL: Module ip_conntrack_ftp not found.
FATAL: Module ipt_state not found.
FATAL: Module ipt_LOG not found.
/etc/rc.d/rc.iptables: line 21: /proc/sys/net/ipv4/tcp_syncookies: No such file or directory
/etc/rc.d/rc.iptables: line 44: iptables: command not found
/etc/rc.d/rc.iptables: line 45: iptables: command not found
/etc/rc.d/rc.iptables: line 46: iptables: command not found
/etc/rc.d/rc.iptables: line 51: iptables: command not found
/etc/rc.d/rc.iptables: line 52: iptables: command not found
/etc/rc.d/rc.iptables: line 53: iptables: command not found
/etc/rc.d/rc.iptables: line 55: iptables: command not found
/etc/rc.d/rc.iptables: line 58: iptables: command not found
/etc/rc.d/rc.iptables: line 62: iptables: command not found
/etc/rc.d/rc.iptables: line 67: iptables: command not found
The printout above the line "-----------------------" is on account of following commands on /etc/sysconfig/rc
Code:
.......
modprobe snd-pcm-oss
modprobe snd-pcm-oss
amixer set Master 80% unmute
amixer set CD 80% unmute
amixer set PCM 80% unmute
amixer set Line 80% unmute

The printout below the line "-----------------------"
/etc/rc.d/rc.iptables
Code:
Lines 44-46
iptables -P INPUT   DROP
iptables -P FORWARD DROP
iptables -P OUTPUT  DROP

Lines 51-53
iptables -F
iptables -X
iptables -Z

55
iptables -t nat -F

58
iptables -A INPUT  -i lo -j ACCEPT

62
iptables -A OUTPUT -j ACCEPT

67
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEP

70
iptables -A INPUT -j LOG --log-prefix "FIREWALL:INPUT "
Whether I need to recompile the kernet? Which modules I have to select?

TIA

BR
satimis
 
Old 09-30-2005, 12:05 PM   #2
anomie
Senior Member
 
Registered: Nov 2004
Location: Texas
Distribution: RHEL, Scientific Linux, Debian, Fedora
Posts: 3,935
Blog Entries: 5

Rep: Reputation: Disabled
I may be thinking too simply here, but doesn't it look like you've compiled iptables support out of the kernel? I would try again and select anything related to iptables (check either security or network section; I don't remember).
 
Old 09-30-2005, 12:06 PM   #3
kjordan
Member
 
Registered: Jul 2004
Distribution: LFS, I felt the itch and scratched it
Posts: 227

Rep: Reputation: 31
You need to install the iptables package. http://www.linuxfromscratch.org/blfs.../iptables.html

Since you may have the modules built-in to the kernel, you can comment out the modprobe lines in the /etc/rc.d/rc.iptables script with a # at the beginning of the line.
 
Old 09-30-2005, 08:03 PM   #4
satimis
Senior Member
 
Registered: Apr 2003
Posts: 3,695

Original Poster
Rep: Reputation: 56
Hi kjordan,

I already have iptables installed. After checking my notes I found on "make install" leaving out "PREFIX=/usr LIBDIR=/lib BINDIR=/sbin". I repeated http://www.linuxfromscratch.org/blfs.../iptables.html

Quote:
Since you may have the modules built-in to the kernel, you can comment out the modprobe lines in the /etc/rc.d/rc.iptables script with a # at the beginning of the line.
Noted with thanks. I got them commented out.

# /etc/rc.d/init.d/iptables start
Code:
....
....
Starting iptables...
/etc/rc.d/rc.iptables: line 21: /proc/sys/net/ipv4/tcp_syncookies: No such file o
r directory                
                                             [  OK  ]
iptables is working now

/etc/rc.d/rc.iptables
Line 21
echo 1 > /proc/sys/net/ipv4/tcp_syncookies

What is this error? TIA

BR
satimis
 
Old 10-01-2005, 06:57 AM   #5
freegianghu
Member
 
Registered: Oct 2004
Location: somewhere in the street
Distribution: Window$
Posts: 192

Rep: Reputation: 30
Quote:
Originally posted by satimis
Hi kjordan,

I already have iptables installed. After checking my notes I found on "make install" leaving out "PREFIX=/usr LIBDIR=/lib BINDIR=/sbin". I repeated http://www.linuxfromscratch.org/blfs.../iptables.html

Noted with thanks. I got them commented out.

# /etc/rc.d/init.d/iptables start
Code:
....
....
Starting iptables...
/etc/rc.d/rc.iptables: line 21: /proc/sys/net/ipv4/tcp_syncookies: No such file o
r directory                
                                             [  OK  ]
iptables is working now

/etc/rc.d/rc.iptables
Line 21
echo 1 > /proc/sys/net/ipv4/tcp_syncookies

What is this error? TIA

BR
satimis

Recompile kernel with enable tcp_syncookies support (and others if you want), that's all
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
iptables problem , please help John Micheal Linux - Security 4 05-22-2004 03:01 AM
Iptables problem,help me please. ryanux Linux - Security 1 05-21-2004 09:59 PM
iptables problem fleshwound Linux - Networking 6 12-27-2003 05:30 PM
iptables - where is my problem cristi1979 Linux - Networking 9 07-14-2003 02:46 PM
iptables problem? poulaum Linux - Networking 12 02-27-2003 03:57 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Linux From Scratch

All times are GMT -5. The time now is 07:52 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration