Re: Help: kernel-2.4.4 and iptables: Error?

public inbox for linux-kernel@vger.kernel.org
 help / color / mirror / Atom feed

From: watermodem <aquamodem@ameritech.net>
To: Zack Brown <zbrown@tumblerings.org>
Cc: Phillipus Gunawan <mr_phillipus@yahoo.com>,
	Linux Kernel Mailing List <linux-kernel@vger.kernel.org>
Subject: Re: Help: kernel-2.4.4 and iptables: Error?
Date: Mon, 07 May 2001 20:54:00 -0500	[thread overview]
Message-ID: <3AF751B8.8AE5C6DC@ameritech.net> (raw)
In-Reply-To: <Pine.LNX.3.96.1010507063343.8114I-100000@renegade>

Zack Brown wrote:
> 
> Can someone help this guy?
> 
> --
> Zack Brown
> 
> On Mon, 7 May 2001, Phillipus Gunawan wrote:
> 
> > I'm having problem with iptables...
> > I just upgrade my kernel from 2.2.16 to 2.4.3
> > I also upgrade the iptables with: iptables-1.2.1a-1.i386.rpm
> > After the installation finished, I try to test it with: iptables -L
> > Here's what I've seen on my screen:
> >
> > modprobe: Can't locate module ip_tables
> > iptables v1.2.1a: can't initialise iptables table 'filter': Module is wrong version
> > Perhaps iptables or your kernel needs to be upgraded.
> >
> > I install the iptables-1.2.1a-1.i386.rpm first and then upgrade my kernel.
> > The way I upgrade my kernel:
> >
> > make mrproper
> > make dep bzImage
> > make modules
> > make modules_install
> > cp .........
> > cp....
> >
> > I've choose all option regarding iptables 'netfilter'
> > My friend said I might built netfilter with the ipfwadm
> > compatibility compiled in, which is mutually exclusive with iptables
> > and ipchains support. I didn't build ipfwadm and all other modules I compiled as modules ('M' instead of 'Y')
> >
> > But I still can't understand, it still doesn't work...
> >
> > Could you please help me. I've tried everywhere asking this question, still, nobody can answer it
> >
> > Thank You.
> > Best Regards,
> >
> >
> > Phillipus.
> >

I have it running fine in 2.4.3 driven off of an entry in one of the
rc.d scripts. Try to complile it after your kernel and modules are
built. (That is the way I did it).
  Note: "{a}.{b}.{c}.{d}" represent specific devices behind your NAT
gateway. 


Example entry:
  start)
        echo -n "Starting ADSL service: "

        # Load up the PPP/ATM/ADSL Module, then "dial" in
    [ -z "`/sbin/lsmod | /bin/grep idt77105`"] && \
       /sbin/insmod idt77105

        [ -z "`/sbin/lsmod | /bin/grep nicstar`" ] && \
           /sbin/insmod nicstar

        /usr/sbin/pppd call adsl_service_script

        # Load up some of the IP Masquerade modules
        /sbin/modprobe ip_nat_ftp
        /sbin/modprobe ip_conntrack_ftp
        # /sbin/modprobe ip_masq_irc
        # /sbin/modprobe ip_masq_quake
        # /sbin/modprobe ip_masq_raudio
        # /sbin/modprobe ip_masq_user
        # /sbin/modprobe ip_masq_vdolive

        # Set up IP Masquerade forwarding policies,
        # port forwarding policies & stealth policies
        /sbin/modprobe ip_tables
        /usr/local/sbin/iptables -t nat -A POSTROUTING -o ppp0 -j
MASQUERADE
         #an FTP tunnel
        /usr/local/sbin/iptables -t nat -A PREROUTING \
           -i ppp0 --protocol tcp --dport 4223 -j DNAT --to
{a}.{b}.{c}.{d}:23
        /usr/local/sbin/iptables -t nat -A PREROUTING \
           -i ppp0 --protocol tcp --dport 4224 -j DNAT --to
{a}.{b}.{c}.{d}:24
        #needed for NORTEL VPN
    /usr/local/sbin/iptables -t nat -A PREROUTING \
       -i ppp0 --protocol tcp --dport 500 -j DNAT --to
{a}.{b}.{c}.{e}:500
   /usr/local/sbin/iptables -t nat -A PREROUTING \
       -i ppp0 --protocol udp --dport 500 -j DNAT --to
{a}.{b}.{c}.{e}:500
        #kill any M$ networking
        /usr/local/sbin/iptables -t filter -A INPUT \
           -i ppp0 --protocol tcp --dport 137:139 -j DROP
        /usr/local/sbin/iptables -t filter -A INPUT \
           -i ppp0 --protocol udp --dport 137:139 -j DROP
 
        touch /var/lock/subsys/adsl
 
        echo_success ""
        echo
        ;;

     prev parent reply	other threads:[~2001-05-08  1:54 UTC|newest]

Thread overview: 2+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <02f101c0d6c9$4b0197a0$d830a4cb@co3042727a>
2001-05-07 13:36 ` Help: kernel-2.4.4 and iptables: Error? Zack Brown
2001-05-08  1:54   ` watermodem [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=3AF751B8.8AE5C6DC@ameritech.net \
    --to=aquamodem@ameritech.net \
    --cc=linux-kernel@vger.kernel.org \
    --cc=mr_phillipus@yahoo.com \
    --cc=zbrown@tumblerings.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox