Popsuty firewall-init?
Piotr Szymanski
djurban w it-zone.org
Pon, 22 Mar 2004, 15:53:33 CET
Hi,
[root w djurban]$ grep TABLES /etc/sysconfig/firewall
ipv4_TABLES="filter drop"
ipv6_TABLES=
[root w djurban]$
Jak nie ma drop to mi nie ładuje tego co jest
w /etc/sysconfig/firewall.d/ipv4/drop.
[root w djurban]$ cat /etc/sysconfig/firewall.d/ipv4/drop
CHAINS="DROPPING"
ipv4_drop_DROPPING_rules()
{
$iptables -A INPUT -s adv.gazeta.pl -p tcp -m tcp -j REJECT
$iptables -A INPUT -s adv.wp.pl -p tcp -m tcp -j REJECT
$iptables -A INPUT -s adnet.hit.gemius.pl -p tcp -m tcp -j REJECT
$iptables -A INPUT -s ad.doubleclick.net -p tcp -m tcp -j REJECT
$iptables -A INPUT -s ad.pl.doubleclick.net -p tcp -m tcp -j REJECT
$iptables -A INPUT -s reklama.onet.pl -p tcp -m tcp -j REJECT
return
}
# This must be last line !
# vi:syntax=sh:tw=78:ts=8:sw=4
[root w djurban]$
No i lecimy:
[root w djurban]$ /etc/rc.d/init.d/firewall start
Enabling IPv4 packet forwarding....................................[ DONE ]
Setting up IP spoofing protection..................................[ DONE ]
Load netfilter modules (IPv4)......................................[ DONE ]
Create some usefull chains (IPv4): LDROP WATCH SCAN DOS SAFEDROP SAFEACCEPT
ICMP
Authorize packet input and output (IPv4)...........................
[ BUSY ]FATAL: Module ip_tables already in kernel.
iptables v1.2.9: can't initialize iptables table `drop': Table does not exist
(do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
[ DONE ]
Enabling IPv6 packet forwarding....................................[ DONE ]
Load netfilter modules (IPv6)......................................[ DONE ]
Create some usefull chains (IPv6): LDROP WATCH SCAN DOS SAFEDROP SAFEACCEPT
ICMP6 ip6tables v1.2.9: Unknown arg `--icmp-type'
Try `ip6tables -h' or 'ip6tables --help' for more information.
ip6tables v1.2.9: Unknown arg `--icmp-type'
Try `ip6tables -h' or 'ip6tables --help' for more information.
ip6tables v1.2.9: Unknown arg `--icmp-type'
Try `ip6tables -h' or 'ip6tables --help' for more information.
ip6tables v1.2.9: Unknown arg `--icmp-type'
Try `ip6tables -h' or 'ip6tables --help' for more information.
ip6tables v1.2.9: Unknown arg `--icmp-type'
Try `ip6tables -h' or 'ip6tables --help' for more information.
ip6tables v1.2.9: Unknown arg `--icmp-type'
Try `ip6tables -h' or 'ip6tables --help' for more information.
ip6tables v1.2.9: Unknown arg `--icmp-type'
Try `ip6tables -h' or 'ip6tables --help' for more information.
ip6tables v1.2.9: Unknown arg `--icmp-type'
Try `ip6tables -h' or 'ip6tables --help' for more information.
ip6tables v1.2.9: Unknown arg `--icmp-type'
Try `ip6tables -h' or 'ip6tables --help' for more information.
ip6tables v1.2.9: Unknown arg `--icmp-type'
Try `ip6tables -h' or 'ip6tables --help' for more information.
ip6tables v1.2.9: Unknown arg `--icmp-type'
Try `ip6tables -h' or 'ip6tables --help' for more information.
ip6tables v1.2.9: Unknown arg `--icmp-type'
Try `ip6tables -h' or 'ip6tables --help' for more information.
ip6tables v1.2.9: Unknown arg `--icmp-type'
Try `ip6tables -h' or 'ip6tables --help' for more information.
ip6tables v1.2.9: Unknown arg `--icmp-type'
Try `ip6tables -h' or 'ip6tables --help' for more information.
ip6tables v1.2.9: Unknown arg `--icmp-type'
Try `ip6tables -h' or 'ip6tables --help' for more information.
ip6tables v1.2.9: Unknown arg `--icmp-type'
Try `ip6tables -h' or 'ip6tables --help' for more information.
ip6tables v1.2.9: Unknown arg `--icmp-type'
Try `ip6tables -h' or 'ip6tables --help' for more information.
ip6tables v1.2.9: Unknown arg `--icmp-type'
Try `ip6tables -h' or 'ip6tables --help' for more information.
ip6tables v1.2.9: Unknown arg `--icmp-type'
Try `ip6tables -h' or 'ip6tables --help' for more information.
ip6tables v1.2.9: Unknown arg `--icmp-type'
Try `ip6tables -h' or 'ip6tables --help' for more information.
Authorize packet input and output (IPv6)...........................[ DONE ]
[root w djurban]$
--
Piotr Szymanski
djurban w pld-linux.org
adamh - new and improved hiperbolic adam
Więcej informacji o liście dyskusyjnej pld-devel-pl