"Cat 22" <(E-Mail Removed)> wrote in message
news:i4snn9$im3$(E-Mail Removed)...
> system: mandriva 2010.0, x86_64,
> iptables 1,4,5
> kernel 2.6.31.12
> xtables-addons-1.28
>
> I just installed xtables-addons by compiling the latest version
> but i cant figure out how to actually use it. Does anyone have a
> simple rule to jump to the TARPIT target provided by xtables (so
> i can see how this is done)?
> When i ran ./configure i did this:
> ./configure --with-xtlibdir=/lib64/iptables.d/linux-2.6-main/
> Not sure if that is right or not, or why configure doesnt "figure"
> it out by itself?
>
> What do i put in this rule to load the correct module?
>
> iptables -N NEW_SSH
> iptables -A INPUT -p tcp --dport 22 -m state --state NEW -j NEW_SSH
> iptables -A NEW_SSH -m recent --set
> iptables -A NEW_SSH -m TARPIT -m recent --update --seconds 60 --hitcount
2 -j TARPIT
> iptables -A NEW_SSH -j ACCEPT
>
> The above fails, because the module isnt loaded
>
> Here is where things really are:
>
> /lib/modules/2.6.31.12-3mnbX/extra/xt_TARPIT.ko
> /lib64/iptables.d/linux-2.6-main/libxt_TARPIT.so
>
> but the above rule is trying to find it here:
> iptables v1.4.5: Couldn't load match `TARPIT':
> /lib64/iptables/libipt_TARPIT.so: cannot open
> shared object file: No such file or directory
>
> Why isnt it looking for libxt_TARPIT.so?
>
> If i leave out the "-m TARPIT" then i see dmesg reporting:
> ip_tables: TARPIT target: only valid for protocol 6
TARPIT is a target, not a matcher, as you found out.
It must be used with "-p tcp" as it is a TCP-only target.
iptables -A NEW_SSH -j TARPIT -m recent --name _____ --update --seconds
60 --hitcount 2
Also as noted, you're missing the "name" parameter of recent. I'll let you
fill that in.
> Please set me on the right path here with this xtables, I'm
> totally confused about how this is supposed to work
> (I understand iptables ok, just not how to "addon" xtables rules)
> Thanks
> Cat22
>
>
|
Linear Mode
