* The "badguy" example in the man page not working (--> "iptables: No chain/target/match by that name")
@ 2008-11-14 15:22 Adem
2008-11-14 16:00 ` Matt Zagrabelny
0 siblings, 1 reply; 6+ messages in thread
From: Adem @ 2008-11-14 15:22 UTC (permalink / raw)
To: netfilter
The following example from the man page doesn't work on my box:
iptables -A FORWARD -m recent --name badguy --rcheck --seconds 60 -j DROP
iptables -A FORWARD -p tcp -i eth0 --dport 139 -m recent --name badguy --set -j DROP
It says: "iptables: No chain/target/match by that name"
What could be the reason?
My ifconfig:
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:382878 errors:0 dropped:0 overruns:0 frame:0
TX packets:382868 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:3307823766 (3.0 GiB) TX bytes:78410937 (74.7 MiB)
venet0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:127.0.0.1 P-t-P:127.0.0.1 Bcast:0.0.0.0 Mask:255.255.255.255
UP BROADCAST POINTOPOINT RUNNING NOARP MTU:1500 Metric:1
RX packets:109018 errors:0 dropped:0 overruns:0 frame:0
TX packets:101974 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:49437708 (47.1 MiB) TX bytes:49733010 (47.4 MiB)
venet0:0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:87.x.x.x P-t-P:87.x.x.x Bcast:0.0.0.0 Mask:255.255.255.255
UP BROADCAST POINTOPOINT RUNNING NOARP MTU:1500 Metric:1
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: The "badguy" example in the man page not working (--> "iptables: No chain/target/match by that name")
2008-11-14 15:22 The "badguy" example in the man page not working (--> "iptables: No chain/target/match by that name") Adem
@ 2008-11-14 16:00 ` Matt Zagrabelny
2008-11-14 17:48 ` The "badguy" example in the man page not working (-->"iptables: " Adem
0 siblings, 1 reply; 6+ messages in thread
From: Matt Zagrabelny @ 2008-11-14 16:00 UTC (permalink / raw)
To: Adem; +Cc: netfilter
[-- Attachment #1: Type: text/plain, Size: 2159 bytes --]
On Fri, 2008-11-14 at 16:22 +0100, Adem wrote:
> The following example from the man page doesn't work on my box:
>
> iptables -A FORWARD -m recent --name badguy --rcheck --seconds 60 -j DROP
> iptables -A FORWARD -p tcp -i eth0 --dport 139 -m recent --name badguy --set -j DROP
I see 'eth0' in your rule, but below there is no eth0.
>
> It says: "iptables: No chain/target/match by that name"
>
> What could be the reason?
>
> My ifconfig:
>
> lo Link encap:Local Loopback
> inet addr:127.0.0.1 Mask:255.0.0.0
> UP LOOPBACK RUNNING MTU:16436 Metric:1
> RX packets:382878 errors:0 dropped:0 overruns:0 frame:0
> TX packets:382868 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:0
> RX bytes:3307823766 (3.0 GiB) TX bytes:78410937 (74.7 MiB)
>
> venet0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
> inet addr:127.0.0.1 P-t-P:127.0.0.1 Bcast:0.0.0.0 Mask:255.255.255.255
> UP BROADCAST POINTOPOINT RUNNING NOARP MTU:1500 Metric:1
> RX packets:109018 errors:0 dropped:0 overruns:0 frame:0
> TX packets:101974 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:0
> RX bytes:49437708 (47.1 MiB) TX bytes:49733010 (47.4 MiB)
>
> venet0:0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
> inet addr:87.x.x.x P-t-P:87.x.x.x Bcast:0.0.0.0 Mask:255.255.255.255
> UP BROADCAST POINTOPOINT RUNNING NOARP MTU:1500 Metric:1
>
>
>
> --
> To unsubscribe from this list: send the line "unsubscribe netfilter" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
--
Matt Zagrabelny - mzagrabe@d.umn.edu - (218) 726 8844
University of Minnesota Duluth
Information Technology Systems & Services
PGP key 1024D/84E22DA2 2005-11-07
Fingerprint: 78F9 18B3 EF58 56F5 FC85 C5CA 53E7 887F 84E2 2DA2
He is not a fool who gives up what he cannot keep to gain what he cannot
lose.
-Jim Elliot
[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 197 bytes --]
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: The "badguy" example in the man page not working (-->"iptables: No chain/target/match by that name")
2008-11-14 16:00 ` Matt Zagrabelny
@ 2008-11-14 17:48 ` Adem
2008-11-14 20:15 ` Matt Zagrabelny
0 siblings, 1 reply; 6+ messages in thread
From: Adem @ 2008-11-14 17:48 UTC (permalink / raw)
To: netfilter
"Matt Zagrabelny" wrote:
> On Fri, 2008-11-14 at 16:22 +0100, Adem wrote:
> > The following example from the man page doesn't work on my box:
> >
> > iptables -A FORWARD -m recent --name badguy --rcheck --seconds 60 -j DROP
> > iptables -A FORWARD -p tcp -i eth0 --dport 139 -m recent --name badguy --set -j DROP
>
> I see 'eth0' in your rule, but below there is no eth0.
Oops. that was just a cut&paste error, I actually had changed it,
tried everything, but w/o success.
Any other ideas what it might be?
BTW, it is a virtual private server (VPS) box, there is nothing under /boot.
Here the version info:
# uname -r
2.6.9-023stab048.4-smp
# iptables --version
iptables v1.3.6
And here the other rules iptables has accepted:
# iptables -L
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT 0 -- anywhere anywhere state RELATED,ESTABLISHED
REJECT tcp -- anywhere anywhere tcp flags:!FIN,SYN,RST,ACK/SYN reject-with tcp-reset
DROP 0 -- anywhere anywhere state INVALID
ACCEPT 0 -- anywhere anywhere
ACCEPT tcp -- anywhere anywhere tcp dpt:8443
ACCEPT tcp -- anywhere anywhere tcp dpt:8880
ACCEPT tcp -- anywhere anywhere tcp dpt:www
ACCEPT tcp -- anywhere anywhere tcp dpt:https
ACCEPT tcp -- anywhere anywhere tcp dpt:ftp
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh
ACCEPT tcp -- anywhere anywhere tcp dpt:submission
ACCEPT tcp -- anywhere anywhere tcp dpt:smtp
ACCEPT tcp -- anywhere anywhere tcp dpt:ssmtp
ACCEPT tcp -- anywhere anywhere tcp dpt:pop3
ACCEPT tcp -- anywhere anywhere tcp dpt:pop3s
ACCEPT tcp -- anywhere anywhere tcp dpt:imap2
ACCEPT tcp -- anywhere anywhere tcp dpt:imaps
DROP tcp -- anywhere anywhere tcp dpt:poppassd
DROP tcp -- anywhere anywhere tcp dpt:mysql
DROP tcp -- anywhere anywhere tcp dpt:postgresql
DROP tcp -- anywhere anywhere tcp dpt:9008
DROP tcp -- anywhere anywhere tcp dpt:9080
DROP udp -- anywhere anywhere udp dpt:netbios-ns
DROP udp -- anywhere anywhere udp dpt:netbios-dgm
DROP tcp -- anywhere anywhere tcp dpt:netbios-ssn
DROP tcp -- anywhere anywhere tcp dpt:microsoft-ds
DROP udp -- anywhere anywhere udp dpt:openvpn
ACCEPT udp -- anywhere anywhere udp dpt:domain
ACCEPT tcp -- anywhere anywhere tcp dpt:domain
ACCEPT icmp -- anywhere anywhere icmp type 8 code 0
DROP 0 -- anywhere anywhere
Chain FORWARD (policy DROP)
target prot opt source destination
ACCEPT 0 -- anywhere anywhere state RELATED,ESTABLISHED
REJECT tcp -- anywhere anywhere tcp flags:!FIN,SYN,RST,ACK/SYN reject-with tcp-reset
DROP 0 -- anywhere anywhere state INVALID
ACCEPT 0 -- anywhere anywhere
DROP 0 -- anywhere anywhere
Chain OUTPUT (policy DROP)
target prot opt source destination
ACCEPT 0 -- anywhere anywhere state RELATED,ESTABLISHED
REJECT tcp -- anywhere anywhere tcp flags:!FIN,SYN,RST,ACK/SYN reject-with tcp-reset
DROP 0 -- anywhere anywhere state INVALID
ACCEPT 0 -- anywhere anywhere
ACCEPT 0 -- anywhere anywhere
> > It says: "iptables: No chain/target/match by that name"
> >
> > What could be the reason?
> >
> > My ifconfig:
> >
> > lo Link encap:Local Loopback
> > inet addr:127.0.0.1 Mask:255.0.0.0
> > UP LOOPBACK RUNNING MTU:16436 Metric:1
> > RX packets:382878 errors:0 dropped:0 overruns:0 frame:0
> > TX packets:382868 errors:0 dropped:0 overruns:0 carrier:0
> > collisions:0 txqueuelen:0
> > RX bytes:3307823766 (3.0 GiB) TX bytes:78410937 (74.7 MiB)
> >
> > venet0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
> > inet addr:127.0.0.1 P-t-P:127.0.0.1 Bcast:0.0.0.0 Mask:255.255.255.255
> > UP BROADCAST POINTOPOINT RUNNING NOARP MTU:1500 Metric:1
> > RX packets:109018 errors:0 dropped:0 overruns:0 frame:0
> > TX packets:101974 errors:0 dropped:0 overruns:0 carrier:0
> > collisions:0 txqueuelen:0
> > RX bytes:49437708 (47.1 MiB) TX bytes:49733010 (47.4 MiB)
> >
> > venet0:0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
> > inet addr:87.x.x.x P-t-P:87.x.x.x Bcast:0.0.0.0 Mask:255.255.255.255
> > UP BROADCAST POINTOPOINT RUNNING NOARP MTU:1500 Metric:1
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: The "badguy" example in the man page not working (-->"iptables: No chain/target/match by that name")
2008-11-14 17:48 ` The "badguy" example in the man page not working (-->"iptables: " Adem
@ 2008-11-14 20:15 ` Matt Zagrabelny
2008-11-14 20:21 ` Matt Zagrabelny
0 siblings, 1 reply; 6+ messages in thread
From: Matt Zagrabelny @ 2008-11-14 20:15 UTC (permalink / raw)
To: Adem; +Cc: netfilter
[-- Attachment #1: Type: text/plain, Size: 2001 bytes --]
On Fri, 2008-11-14 at 18:48 +0100, Adem wrote:
> "Matt Zagrabelny" wrote:
> > On Fri, 2008-11-14 at 16:22 +0100, Adem wrote:
> > > The following example from the man page doesn't work on my box:
> > >
> > > iptables -A FORWARD -m recent --name badguy --rcheck --seconds 60 -j DROP
> > > iptables -A FORWARD -p tcp -i eth0 --dport 139 -m recent --name badguy --set -j DROP
> >
> > I see 'eth0' in your rule, but below there is no eth0.
>
> Oops. that was just a cut&paste error, I actually had changed it,
> tried everything, but w/o success.
> Any other ideas what it might be?
>
> BTW, it is a virtual private server (VPS) box, there is nothing under /boot.
>
> Here the version info:
>
> # uname -r
> 2.6.9-023stab048.4-smp
>
> # iptables --version
> iptables v1.3.6
What GNU/Linux distro are you running?
I am running Debian Sid and here are my versions:
2.6.26-1-686
iptables v1.4.1.1
Here are the iptables rules that I have:
# if anybody from the list BADGUYS (and in the last 10 minutes) tries to
do anything, drop them
iptables -A INPUT --match recent --name BADGUYS --rcheck --seconds 600
-j DROP
# if anybody tries to connect to tcp:139 (windows filesharing), then add
them to the BADGUYS list and drop them
iptables -A INPUT -p tcp -i eth0 --dport 21 --match recent --name
BADGUYS --set -j DROP
iptables -A INPUT -p udp -i eth0 --dport 21 --match recent --name
BADGUYS --set -j DROP
iptables -A INPUT -p tcp -i eth0 --dport 139 --match recent --name
BADGUYS --set -j DROP
iptables -A INPUT -p tcp -i eth0 --dport 445 --match recent --name
BADGUYS --set -j DROP
Looks pretty similar to yours.
--
Matt Zagrabelny - mzagrabe@d.umn.edu - (218) 726 8844
University of Minnesota Duluth
Information Technology Systems & Services
PGP key 1024D/84E22DA2 2005-11-07
Fingerprint: 78F9 18B3 EF58 56F5 FC85 C5CA 53E7 887F 84E2 2DA2
He is not a fool who gives up what he cannot keep to gain what he cannot
lose.
-Jim Elliot
[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 197 bytes --]
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: The "badguy" example in the man page not working (-->"iptables: No chain/target/match by that name")
2008-11-14 20:15 ` Matt Zagrabelny
@ 2008-11-14 20:21 ` Matt Zagrabelny
2008-11-16 23:28 ` The "badguy" example in the man page not working(-->"iptables: " Adem
0 siblings, 1 reply; 6+ messages in thread
From: Matt Zagrabelny @ 2008-11-14 20:21 UTC (permalink / raw)
To: Adem; +Cc: netfilter
[-- Attachment #1: Type: text/plain, Size: 1496 bytes --]
On Fri, 2008-11-14 at 14:15 -0600, Matt Zagrabelny wrote:
> On Fri, 2008-11-14 at 18:48 +0100, Adem wrote:
> > "Matt Zagrabelny" wrote:
> > > On Fri, 2008-11-14 at 16:22 +0100, Adem wrote:
> > > > The following example from the man page doesn't work on my box:
> > > >
> > > > iptables -A FORWARD -m recent --name badguy --rcheck --seconds 60 -j DROP
> > > > iptables -A FORWARD -p tcp -i eth0 --dport 139 -m recent --name badguy --set -j DROP
> > >
> > > I see 'eth0' in your rule, but below there is no eth0.
> >
> > Oops. that was just a cut&paste error, I actually had changed it,
> > tried everything, but w/o success.
> > Any other ideas what it might be?
> >
> > BTW, it is a virtual private server (VPS) box, there is nothing under /boot.
> >
> > Here the version info:
> >
> > # uname -r
> > 2.6.9-023stab048.4-smp
> >
> > # iptables --version
> > iptables v1.3.6
>
> What GNU/Linux distro are you running?
>
> I am running Debian Sid and here are my versions:
>
> 2.6.26-1-686
> iptables v1.4.1.1
Also you could check to see if you have the module:
% lsmod | grep recent
and
% modinfo ipt_recent
--
Matt Zagrabelny - mzagrabe@d.umn.edu - (218) 726 8844
University of Minnesota Duluth
Information Technology Systems & Services
PGP key 1024D/84E22DA2 2005-11-07
Fingerprint: 78F9 18B3 EF58 56F5 FC85 C5CA 53E7 887F 84E2 2DA2
He is not a fool who gives up what he cannot keep to gain what he cannot
lose.
-Jim Elliot
[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 197 bytes --]
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: The "badguy" example in the man page not working(-->"iptables: No chain/target/match by that name")
2008-11-14 20:21 ` Matt Zagrabelny
@ 2008-11-16 23:28 ` Adem
0 siblings, 0 replies; 6+ messages in thread
From: Adem @ 2008-11-16 23:28 UTC (permalink / raw)
To: netfilter
> > > iptables v1.3.6
> >
> What GNU/Linux distro are you running?
Debian 5 (Lenny) i386
> I am running Debian Sid and here are my versions:
>
> 2.6.26-1-686
> iptables v1.4.1.1
>
> Also you could check to see if you have the module:
>
> % lsmod | grep recent
>
> and
>
> % modinfo ipt_recent
The following command shows that the "ipt_recent" module is missing
in my VPS. Unfortunately it seems it can only be enabled by the hosting provider:
# cat /proc/net/ip_tables_matches
length
ttl
tcpmss
tos
multiport
limit
state
tcp
udp
icmp
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2008-11-16 23:28 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2008-11-14 15:22 The "badguy" example in the man page not working (--> "iptables: No chain/target/match by that name") Adem
2008-11-14 16:00 ` Matt Zagrabelny
2008-11-14 17:48 ` The "badguy" example in the man page not working (-->"iptables: " Adem
2008-11-14 20:15 ` Matt Zagrabelny
2008-11-14 20:21 ` Matt Zagrabelny
2008-11-16 23:28 ` The "badguy" example in the man page not working(-->"iptables: " Adem
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox