1 |
Суббота, 4 мая 2013, 14:06 -04:00 от Nick Khamis <symack@×××××.com>: |
2 |
> On 5/4/13, the guard <the.guard@××××.ru> wrote: |
3 |
> > |
4 |
> > |
5 |
> > |
6 |
> > Суббота, 4 мая 2013, 12:41 -04:00 от Nick Khamis <symack@×××××.com>: |
7 |
> >> Hello Everyone, |
8 |
> >> |
9 |
> >> While trying to include a logging chain to our IPTables rules, I am |
10 |
> >> receiving the following |
11 |
> >> error: (iptables: No chain/target/match by that name. |
12 |
> >> |
13 |
> >> The chain looks like: |
14 |
> >> |
15 |
> >> # Set Log Limit |
16 |
> >> LOGLIMIT="2/s" |
17 |
> >> LOGLIMITBURST="10" |
18 |
> >> |
19 |
> >> $IPTABLES -N LOGDROP |
20 |
> >> |
21 |
> >> #echo -e " - Logging Dropped Traffic" |
22 |
> >> # $IPTABLES -A LOGDROP -i $INTIF1 -p tcp -m limit --limit $LOGLIMIT |
23 |
> >> --limit-burst $LOGLIMITBURST -j LOG --log-prefix "TCP LOGDROP: " |
24 |
> >> |
25 |
> >> # $IPTABLES -A LOGDROP -j DROP |
26 |
> >> # $IPTABLES -A INPUT -p icmp -i $INTIF1 -j LOGDROP |
27 |
> >> # $IPTABLES -A INPUT -p tcp -i $INTIF1 -j LOGDROP |
28 |
> >> # $IPTABLES -A INPUT -p udp -i $INTIF1 -j LOGDROP |
29 |
> >> |
30 |
> >> Some searching caused me to make sure that I have the correct modules |
31 |
> >> loaded: |
32 |
> >> |
33 |
> >> modprobe ipt_LOG |
34 |
> >> |
35 |
> >> Module Size Used by |
36 |
> >> iptable_nat 3220 0 |
37 |
> >> nf_nat 11228 1 iptable_nat |
38 |
> >> ipt_LOG 6454 0 |
39 |
> >> ipt_REJECT 1917 3 |
40 |
> >> nf_conntrack_ipv4 9141 10 nf_nat,iptable_nat |
41 |
> >> nf_defrag_ipv4 847 1 nf_conntrack_ipv4 |
42 |
> >> iptable_filter 988 1 |
43 |
> >> ip_tables 8370 2 iptable_filter,iptable_nat |
44 |
> >> |
45 |
> >> |
46 |
> >> But still no go. |
47 |
> >> |
48 |
> > 6 or 4? |
49 |
> > |
50 |
> |
51 |
> |
52 |
> I was gazing at your question for a sec. 4!!!! :). I thought you were asking |
53 |
> about kernel minor+ version, or iptables version... IPV4 Sir :) |
54 |
> |
55 |
> N. |
56 |
> |
57 |
> |
58 |
Sorry, my bad. -L? |