OESF Portables Forum

Everything Else => Sharp Zaurus => Model Specific Forums => Distros, Development, and Model Specific Forums => Archived Forums => 6000 - Tosa => Topic started by: pldrouin on January 06, 2005, 01:33:01 am

Title: Iptables On 6000
Post by: pldrouin on January 06, 2005, 01:33:01 am

I would like to install iptables on my 6000L. Where can I find a working ipk for it?

Thanks!

Title: Iptables On 6000
Post by: bluedevils on January 22, 2005, 05:13:28 pm

https://www.oesf.org/forums/index.php?showt...318&hl=iptables (https://www.oesf.org/forums/index.php?showtopic=8318&hl=iptables)

Title: Iptables On 6000
Post by: bluedevils on January 22, 2005, 06:19:03 pm

Quote

# /home/root/usr/local/sbin/iptables -A INPUT -s 69.0.0.0/24 -j DROP
iptables v1.2.9: can't initialize iptables table `filter': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
# lsmod
Module                  Size  Used by
iptable_nat            15520   0  (unused)
ip_conntrack           15744   1  [iptable_nat]
ip_tables              13584   3  [iptable_nat]
pxa_bi                 21728   0  (unused)
net_fd                 25024   0  (unused)
usbdcore               34544   0  [pxa_bi net_fd]
usbdmonitor             5248   0
sharp_mmcsd_m          31520   2
vtty                    7920   0  (unused)
usb_ohci_tc6393        24544   0  (unused)
usbcore                52048   1  [usb_ohci_tc6393]
# uname -a
Linux zaurus 2.4.18-rmk7-pxa3-embedix #1 Sat, 14 Feb 2004 17:11:16 +0000 armv5tel unknown

I see your point now....

Title: Iptables On 6000
Post by: bladerunner on January 26, 2005, 03:53:51 pm

It looks like the iptable_filter.o module is not being loaded.

If you do insmod iptable_filter then it should now work. This is only temporary.

You should have both ip_tables and iptable_filter modules loaded. It appears that iptables -L loads ip_tables OK but fails to load the other module.

You can make iptable_filter load up when ip_tables is loaded by doing the following:

I tried on the SL-5500. Make a new file in /etc/modutils/ called iptables.conf
In iptables.conf insert the text above ip_tables iptable_filter press carriage return at the end of line.

Run update_modules and the new text should appear in /etc/modules.conf.

I ran depmod -a but I don't think it is needed.

now iptables should work, at least the error should go away. You may need to do rmmod ip_tables to remove the module before running iptables -L. Otherwise loading iptable_filter may not be triggered.

Title: Iptables On 6000
Post by: bluedevils on January 29, 2005, 09:23:57 pm

thanks bladerunner,

that did it (insmod iptable_filter).  Now I have an authenticating apache php (mysql later) webserver that I can help protect with iptables.  I have rules to drop packets from others in my cable modem pool (probing the webserver's port).  there was no modutils directory or update_modules or /etc/modules.conf

The irony is that I may have to do this again as I'm formulating a plan to move the server onto my handicapped (sound chip) 760.  I'm thinking of finally trying pdaxrom.