IPtables, netfilter, confusion...

From: Matthijs (vanaalten_at_hotmail.com)
Date: 09/30/04

  • Next message: Travis Crump: "Re: Using mplayer save RealMedia audio in a sensible format?" 
    Date: Thu, 30 Sep 2004 22:50:15 +0200
To: debian-user@lists.debian.org

    After posting some info about portknocking security (see thread SSH
    cracking attempts) I looked a bit at iptables at my system.

    Result from 'iptables -L':
    FATAL: Module ip_tables not found.
    iptables v1.2.11: can't initialize iptables table `filter': iptables
    who? (do you need to insmod?)
    Perhaps iptables or your kernel needs to be upgraded.

    I've found a lot of links with google, but nothing really useful. It
    seems that my kernel (self compiled 2.6.8) doesn't support iptables.

    I looked through the kernel config and found something under
    networking options: "network packet filtering (replaces ipchains)".
    But the help states that you should specify 'Y' for routers, 'N' for
    regular hosts - and 'N' if you're unsure. Well, I'm unsure right
    now...

    The system to protect is a Debian web/mail/ssh server, not a router.
    I'm not sure if I need a firewall but it won't hurt - plus, if I can
    run iptables, I can try the portknocking system.

    Can anyone explain firewalls & kernel 2.6? Can I still run iptables
    (and if yes, what should I change in my config or which module to
    load?) or is this network packet filtering 'the new thing'? 

    -- 
Matthijs
vanaalten@hotmail.com
-- 
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
  • Next message: Travis Crump: "Re: Using mplayer save RealMedia audio in a sensible format?"

    Relevant Pages