Linode Forum
Linode Community Forums 		 FAQFAQ    SearchSearch    MembersMembers      Register Register 
 LoginLogin [ Anonymous ] 
Post new topic  Reply to topic

Board index » Beta Forum » Beta Archive
  Previous topic | Next topic 
Author Message
sednet
 Post subject: iptables
PostPosted: Tue Mar 28, 2006 2:56 am 
Offline
Senior Member
User avatar

Joined: Wed Mar 17, 2004 4:11 pm
Posts: 554
Website: http://www.unixtastic.com
Location: Europe
I also have brakeage of iptables. Kernel support seems to be missing.

linode:/etc/mail# iptables -L -n -v
iptables v1.2.11: can't initialize iptables table `filter': iptables who? (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
Top
   
Reply with quote  
sednet
 Post subject:
PostPosted: Tue Mar 28, 2006 2:57 am 
Offline
Senior Member
User avatar

Joined: Wed Mar 17, 2004 4:11 pm
Posts: 554
Website: http://www.unixtastic.com
Location: Europe
Whoops. That was meant to be a reply. Not a new thread.
Top
   
Reply with quote  
caker
 Post subject:
PostPosted: Tue Mar 28, 2006 3:04 am 
Offline
Linode Staff
User avatar

Joined: Tue Apr 15, 2003 6:24 pm
Posts: 3090
Website: http://www.linode.com/
Location: Galloway, NJ
New threads are actually what I prefer.

Go ahead and reboot your Linode. 2.6.16-domU-linode1 build #2 has all the filtering rules enabled. Let me know if that fixes it.

-Chris
Top
   
Reply with quote  
sednet
 Post subject:
PostPosted: Tue Mar 28, 2006 3:16 am 
Offline
Senior Member
User avatar

Joined: Wed Mar 17, 2004 4:11 pm
Posts: 554
Website: http://www.unixtastic.com
Location: Europe
caker wrote:
New threads are actually what I prefer.

Go ahead and reboot your Linode. 2.6.16-domU-linode1 build #2 has all the filtering rules enabled. Let me know if that fixes it.

-Chris


Iptables works, but now I'm missing some block devices:

linode:~# mount /var
mount: /dev/hda4 is not a valid block device

This is odd because some of them work. Does the new kernel have ext2 and ext3 support?
Top
   
Reply with quote  
caker
 Post subject:
PostPosted: Tue Mar 28, 2006 3:17 am 
Offline
Linode Staff
User avatar

Joined: Tue Apr 15, 2003 6:24 pm
Posts: 3090
Website: http://www.linode.com/
Location: Galloway, NJ
See

http://www.linode.com/forums/viewtopic.php?t=2180

Keep rebooting until everything shows up in /proc/partitions.

-Chris
Top
   
Reply with quote  
sednet
 Post subject:
PostPosted: Tue Mar 28, 2006 3:18 am 
Offline
Senior Member
User avatar

Joined: Wed Mar 17, 2004 4:11 pm
Posts: 554
Website: http://www.unixtastic.com
Location: Europe
sednet wrote:
caker wrote:
New threads are actually what I prefer.

Go ahead and reboot your Linode. 2.6.16-domU-linode1 build #2 has all the filtering rules enabled. Let me know if that fixes it.

-Chris


Iptables works, but now I'm missing some block devices:

linode:~# mount /var
mount: /dev/hda4 is not a valid block device

This is odd because some of them work. Does the new kernel have ext2 and ext3 support?


From a systrace:
open("/dev/hda4", O_RDONLY|O_LARGEFILE) = -1 ENXIO (No such device or address)
Top
   
Reply with quote  
caker
 Post subject:
PostPosted: Tue Mar 28, 2006 3:19 am 
Offline
Linode Staff
User avatar

Joined: Tue Apr 15, 2003 6:24 pm
Posts: 3090
Website: http://www.linode.com/
Location: Galloway, NJ
Read the gotchas post :)

-Chris
Top
   
Reply with quote  
sednet
 Post subject: Iptables
PostPosted: Tue Mar 28, 2006 3:28 am 
Offline
Senior Member
User avatar

Joined: Wed Mar 17, 2004 4:11 pm
Posts: 554
Website: http://www.unixtastic.com
Location: Europe
Iptables seems to be working perfectly now.

The debian iptables job isn't applying my iptables setup but that doesn't look like xens fault.

I've bound everything that should not go over the internet to 127.0.0.1 anyway.


This has been much more fun than going to work. Grr.. SOx audits.
Top
   
Reply with quote  
sednet
 Post subject: Re: Iptables
PostPosted: Tue Mar 28, 2006 3:40 am 
Offline
Senior Member
User avatar

Joined: Wed Mar 17, 2004 4:11 pm
Posts: 554
Website: http://www.unixtastic.com
Location: Europe
sednet wrote:
Iptables seems to be working perfectly now.
.


I think I was wrong there, I don't think all of iptables is in the kernel.

I know the following line worked, I pulled it off the linode and off my backup:

iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables: No chain/target/match by that name


The simple stuff certainly works:

linode:/var/lib/iptables# iptables -L -n -v
Chain INPUT (policy ACCEPT 1790 packets, 147K bytes)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0


Anyway I really need to go to work now. Thanks for xen Chris! It does seem to be quite a lot faster.
Top
   
Reply with quote  
caker
 Post subject: Re: Iptables
PostPosted: Tue Mar 28, 2006 4:12 am 
Offline
Linode Staff
User avatar

Joined: Tue Apr 15, 2003 6:24 pm
Posts: 3090
Website: http://www.linode.com/
Location: Galloway, NJ
sednet wrote:
iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables: No chain/target/match by that name

Yup. Missed a few options...

Code:
# uname -a
Linux li3-242 2.6.16-domU-linode1 #3 SMP Tue Mar 28 03:10:40 EST 2006 i686 GNU/Linux
li3-242:~# iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
li3-242:~#


-Chris
Top
   
Reply with quote  
Display posts from previous:  Sort by  
Post new topic  Reply to topic

Board index » Beta Forum » Beta Archive


Who is online

Users browsing this forum: No registered users and 0 guests

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum

Search for:
Jump to:  
RSS

Powered by phpBB® Forum Software © phpBB Group