iptables TARPIT

To: debian-user@lists.debian.org
Subject: iptables TARPIT
From: Simon Morgan <sjmorgan@gmail.com>
Date: Mon, 27 Dec 2004 14:50:08 +0000
Message-id: <[🔎] de63970c04122706506f004212@mail.gmail.com>
Reply-to: Simon Morgan <sjmorgan@gmail.com>

Hi,

Has anyone managed to get the iptables TARPIT module working with
debian? I notice there's a module for it included with the iptables
package:

bollo:~# dlocate TARPIT
iptables: /lib/iptables/libipt_TARPIT.so

but getting it to work isn't that simple:

bollo:~# iptables -A INPUT -p tcp --dport 135 -j TARPIT
iptables: No chain/target/match by that name

It's my understanding that support needs to be compiled into the kernel
and I'm assuming this isn't the case with the stock debian kernels (at
least the latest 2.6 in testing). Support seems to be provided by the
patch-o-matic on the netfilter site, so I downloaded patch-o-matic,
apt-get install'd the kernel source, apt-get source'd the iptables source
and did:

bollo:/usr/src/patch-o-matic-ng-20040621# KERNEL_DIR=/usr/src/linux
IPTABLES_DIR=/usr/src/iptables-1.2.11 ./runme extra
Your iptables version  is unknown for patch-o-matic at ./runme line 214

Has anyone had better luck than me? Or even have any ideas?

Thanks.

Reply to:

Prev by Date: Re: Debian sid and "risk management"
Next by Date: Re: Debian sid and "risk management"
Previous by thread: iptables TARPIT
Next by thread: RSVP.com.au
Index(es):
- Date
- Thread