| 1 |
On 5/4/13, the guard <the.guard@××××.ru> wrote: |
| 2 |
> |
| 3 |
> |
| 4 |
> |
| 5 |
> óÕÂÂÏÔÁ, 4 ÍÁÑ 2013, 12:41 -04:00 ÏÔ Nick Khamis <symack@×××××.com>: |
| 6 |
>> Hello Everyone, |
| 7 |
>> |
| 8 |
>> While trying to include a logging chain to our IPTables rules, I am |
| 9 |
>> receiving the following |
| 10 |
>> error: (iptables: No chain/target/match by that name. |
| 11 |
>> |
| 12 |
>> The chain looks like: |
| 13 |
>> |
| 14 |
>> # Set Log Limit |
| 15 |
>> LOGLIMIT="2/s" |
| 16 |
>> LOGLIMITBURST="10" |
| 17 |
>> |
| 18 |
>> $IPTABLES -N LOGDROP |
| 19 |
>> |
| 20 |
>> #echo -e " - Logging Dropped Traffic" |
| 21 |
>> # $IPTABLES -A LOGDROP -i $INTIF1 -p tcp -m limit --limit $LOGLIMIT |
| 22 |
>> --limit-burst $LOGLIMITBURST -j LOG --log-prefix "TCP LOGDROP: " |
| 23 |
>> |
| 24 |
>> # $IPTABLES -A LOGDROP -j DROP |
| 25 |
>> # $IPTABLES -A INPUT -p icmp -i $INTIF1 -j LOGDROP |
| 26 |
>> # $IPTABLES -A INPUT -p tcp -i $INTIF1 -j LOGDROP |
| 27 |
>> # $IPTABLES -A INPUT -p udp -i $INTIF1 -j LOGDROP |
| 28 |
>> |
| 29 |
>> Some searching caused me to make sure that I have the correct modules |
| 30 |
>> loaded: |
| 31 |
>> |
| 32 |
>> modprobe ipt_LOG |
| 33 |
>> |
| 34 |
>> Module Size Used by |
| 35 |
>> iptable_nat 3220 0 |
| 36 |
>> nf_nat 11228 1 iptable_nat |
| 37 |
>> ipt_LOG 6454 0 |
| 38 |
>> ipt_REJECT 1917 3 |
| 39 |
>> nf_conntrack_ipv4 9141 10 nf_nat,iptable_nat |
| 40 |
>> nf_defrag_ipv4 847 1 nf_conntrack_ipv4 |
| 41 |
>> iptable_filter 988 1 |
| 42 |
>> ip_tables 8370 2 iptable_filter,iptable_nat |
| 43 |
>> |
| 44 |
>> |
| 45 |
>> But still no go. |
| 46 |
>> |
| 47 |
> 6 or 4? |
| 48 |
> |
| 49 |
|
| 50 |
|
| 51 |
I was gazing at your question for a sec. 4!!!! :). I thought you were asking |
| 52 |
about kernel minor+ version, or iptables version... IPV4 Sir :) |
| 53 |
|
| 54 |
N. |
Archives