From: Andre Ramoni <ramoni@databras.com.br>
To: netfilter@lists.netfilter.org
Subject: Re: can't -j TARPIT
Date: Mon, 20 Feb 2006 16:38:40 -0300 [thread overview]
Message-ID: <200602201638.40582.ramoni@databras.com.br> (raw)
In-Reply-To: <20060220192525.20720.qmail@web36809.mail.mud.yahoo.com>
I use gentoo too.
Seems that you use the "extensions" use flag, right ?
Seems like iptables have build the lib ok, and is loading it ok (since it
recognizes the -j TARPIT help)
I made a test here, that was to disable the TARPIT in the kernel, and so, I
got the same error of you.
Your TARPIT is in your kernel as a module ? Try to modprobe it to see if any
problem occurs.
Once I compiled the kernel with TARPIT build in again, things get back to
normal.
On Monday 20 February 2006 16:25, angico wrote:
> actually i use gentoo. all the flags necessary for compilation are
> given automaticaly by a program called "emerge". and in fact it
> compiles tarpit target by default. the question is: once the
> installation is ok and includes the lib for tarpit, why doesn't a rule
> can jump for it?
> regards,
> angico.
>
> --- Andre Ramoni <ramoni@databras.com.br> wrote:
> > This rule in my firewall works.
> > You have compiled iptables with what flags ? LIBDIR,BINDIR ?
> > Here, the iptables libs are in /usr/lib/iptables.
> > And, important, have you compiled iptables AFTER you patched the
> > kernel ?
> >
> > On Friday 17 February 2006 19:18, angico wrote:
> > > ok, andre. i tried it, but the answer is still the same. also, i
> >
> > tried
> >
> > > the example given in the man page:
> > > # iptables -A INPUT -p tcp -m tcp --dport 80 -j TARPIT
> > > and the answer is the same.
> > > surprisingly, if i issue the command
> > > # iptables -p tcp -j TARPIT --help
> > > besides the help for the "-p tcp" option it says "TARPIT takes no
> > > options".
> > > any other hints?
> > > btw, iptables --version ==> 1.3.4
> > > tia,
> > > angico.
>
> __________________________________________________
> Do You Yahoo!?
> Tired of spam? Yahoo! Mail has the best spam protection around
> http://mail.yahoo.com
--
Andre Guimaraes
Databras Informatica
Redes / Servidores Linux
next prev parent reply other threads:[~2006-02-20 19:38 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-02-16 0:10 2.6.16-rc3 panic related to IP Forwarding and/or Netfilter Jens Taprogge
2006-02-16 0:20 ` Patrick McHardy
2006-02-16 0:20 ` Patrick McHardy
2006-02-16 14:44 ` Jens Taprogge
2006-02-16 20:33 ` Patrick McHardy
2006-02-16 23:29 ` Jens Taprogge
2006-02-17 9:01 ` can't -j TARPIT angico
2006-02-17 12:50 ` Andre Ramoni
2006-02-17 21:18 ` angico
2006-02-20 13:46 ` Andre Ramoni
2006-02-20 19:25 ` angico
2006-02-20 19:38 ` Andre Ramoni [this message]
2006-02-21 20:08 ` angico
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=200602201638.40582.ramoni@databras.com.br \
--to=ramoni@databras.com.br \
--cc=netfilter@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.