Thursday, May 5, 2011

[nslu2-linux] Re: Problem with destination port of iptables on SlugOS 4.8

 



I was having the same problem. After spending several hours searching for a solution and not able to find anything, I went to my ubuntu box and started comparing both systems. I'm currently using SlugOS BE 5.3.

The solution is to install and load the xt_tcpudp kernel module. After doing that, using --dport was no longer a problem.

root@nslu2:~# lsmod | grep ip
iptable_filter 928 1
ip_tables 7760 1 iptable_filter
ipt_REJECT 1536 1
x_tables 6884 3 ip_tables,xt_tcpudp,ipt_REJECT

-- BEFORE --
root@nslu2:~# iptables -A INPUT -s 200.200.201.0/24 -p tcp --dport 22 -j ACCEPT
iptables: No chain/target/match by that name

-- AFTER --
root@nslu2:~# iptables -A INPUT -s 200.200.201.0/24 -p tcp --dport 23 -j REJECT
root@nslu2:~# iptables -L -v | head -n3
Chain INPUT (policy ACCEPT 591 packets, 51463 bytes)
pkts bytes target prot opt in out source destination
0 0 REJECT tcp -- any any 200.200.201.0/24 anywhere tcp dpt:telnet reject-with icmp-port-unreachable

--- In nslu2-linux@yahoogroups.com, "cbraun000" <selftoelicker@...> wrote:
>
> Hi all,
>
> I have a little problem with iptables on my slug. I installed the
> kernel-module-ip-tables, kernel-module-iptable-filtera and iptables
> packages using ipkg. Everything seems to work. I can write some simple
> rules.
>
> The problem arises when I want to specify a destination port in one
> rule. For exemple, I want to open port 22 (SSH) to only address
> 192.168.0.5. I set up the rule as follows:
>
> iptables -A INPUT -s 192.168.0.5 -p tcp --dport 22 -j ACCEPT
>
> and I get the following error:
>
> iptables: No chain/target/match by that name.
>
>
> By process of elimination, I found out it is the --dport argument that
> is not accepted. Any idea why? Am I missing some module that I should
> add. lsmod shows that I already have iptable_filter, ip_tables and
> x_tables modules loaded.
>
> Have a nice day.
>

__._,_.___
Recent Activity:
.

__,_._,___

No comments:

Post a Comment