While one of the functions of the Netfilter framework (for which iptables is "just" a humble front-end) is to provide security by modifying traffic and destinations your question is not about Linux Security but about
configuring or installing software, which means this thread should be in the Software forum.
I'll move it there.
Quote:
Originally Posted by jeffn
"Troubleshooting Linux Firewalls" recommends using the ip_strings
|
If your intention is to use convert Snort rulesets to make Netfilter behave like Snort(-inline), then you better use Snort. Both snorts matching methods and signatures are adjusted and more efficient compared to using ip_strings. What I'm trying to say is please don't use a module just because the HOWTO says so: investigate first.
If it does not want to build then you'll have to manually edit the source (kernel and iptables) and don't forget to include any rejects. If it still doesn't work, or you have trouble understanding what goes where, get the last supported vanilla kernel and iptables sources, patch those and read and compare (dirdiff?). If you still don't get it right post the steps you took and any output of make menu|g|x|config build logs etc, etc. Since that will be a load, you may want to tarball it up, upload to some free hosting provider and post a D/L URI instead.