IPtables, netfilter, confusion...
After posting some info about portknocking security (see thread SSH
cracking attempts) I looked a bit at iptables at my system.
Result from 'iptables -L':
FATAL: Module ip_tables not found.
iptables v1.2.11: can't initialize iptables table `filter': iptables
who? (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
I've found a lot of links with google, but nothing really useful. It
seems that my kernel (self compiled 2.6.8) doesn't support iptables.
I looked through the kernel config and found something under
networking options: "network packet filtering (replaces ipchains)".
But the help states that you should specify 'Y' for routers, 'N' for
regular hosts - and 'N' if you're unsure. Well, I'm unsure right
now...
The system to protect is a Debian web/mail/ssh server, not a router.
I'm not sure if I need a firewall but it won't hurt - plus, if I can
run iptables, I can try the portknocking system.
Can anyone explain firewalls & kernel 2.6? Can I still run iptables
(and if yes, what should I change in my config or which module to
load?) or is this network packet filtering 'the new thing'?
--
Matthijs
vanaalten@hotmail.com
Reply to: