Hi,

I'm trying to build a reasonable firewall.
"Trouble shooting linux firewalls" recommends using the ip_strings
module, which is not part of the kernel.

I found the string module in the patch-o-matic, but it does not want to build because my kernel version is greater than 2.6.0.

From the .../patch-o-matic.../stings.info
Author: Emmanuel Roger <winfield@freegates.be>
Status: Working, not with kernel 2.4.9
Repository: extra
Requires: linux < 2.6.0

What is the magic that will allow me to build the string (and other modules) for my kernel?

Thanks

Jeffrey

While one of the functions of the Netfilter framework (for which iptables is "just" a humble front-end) is to provide security by modifying traffic and destinations your question is not about Linux Security but about configuring or installing software, which means this thread should be in the Software forum.
I'll move it there.


If your intention is to use convert Snort rulesets to make Netfilter behave like Snort(-inline), then you better use Snort. Both snorts matching methods and signatures are adjusted and more efficient compared to using ip_strings. What I'm trying to say is please don't use a module just because the HOWTO says so: investigate first.


If it does not want to build then you'll have to manually edit the source (kernel and iptables) and don't forget to include any rejects. If it still doesn't work, or you have trouble understanding what goes where, get the last supported vanilla kernel and iptables sources, patch those and read and compare (dirdiff?). If you still don't get it right post the steps you took and any output of make menu|g|x|config build logs etc, etc. Since that will be a load, you may want to tarball it up, upload to some free hosting provider and post a D/L URI instead.