search for: ipt_log

On a VPS I wanted to add to IP tables:- iptables -A XXXX -p tcp -m string --algo bm --string 'login' -j DROP I got: iptables: Unknown error 18446744073709551615 uname -a = 2.6.35.4 #2 (don't know how this got installed) lsmod | grep ipt = ipt_LOG 5419 2 yum upgrade iptables* = nothing to install. --------------------------------------- On a standalone server (C 5.6) iptables -A XXXX -p tcp -m string --algo bm --string 'login' -j DROP is accepted. uname -a = 2.6.18-274.el5 #1 lsmod | grep ipt = ipt_LOG 396...

...sed : # lsmod Module Size Used by Not tainted ip_conntrack_ftp 4272 0 (unused) iptable_nat 17468 0 (autoclean) (unused) ipt_state 568 3 (autoclean) ip_conntrack 20616 3 (autoclean) [ip_conntrack_ftp iptable_nat ipt_state] ipt_LOG 3352 1 (autoclean) ipt_limit 1016 1 (autoclean) iptable_filter 1708 1 (autoclean) ip_tables 12408 7 [iptable_nat ipt_state ipt_LOG ipt_limit iptable_filter] ...... any idea why it doesn work... passive-ftp is ok. ____________________...

...4548 0 (autoclean) sch_sfq 3456 0 (autoclean) sch_htb 19040 0 (autoclean) ipt_ttl 640 0 (autoclean) ipt_state 608 0 (autoclean) ipt_REJECT 3072 0 (autoclean) ipt_connlimit 1504 0 (autoclean) ipt_LOG 3648 0 (autoclean) ipt_limit 960 0 (autoclean) iptable_filter 1728 0 (autoclean) ipt_mac 672 15 (autoclean) ipt_helper 992 22 (autoclean) ipt_multiport 640 132 (autoclean) ipt_MARK 800 25...

https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=318 ------- Additional Comments From kaber@trash.net 2006-01-28 17:29 MET ------- Please execute"echo 255 >/proc/sys/net/ipv4/netfilter/ip_conntrack_log_invalid" after loading ipt_LOG and post the results. -- Configure bugmail: https://bugzilla.netfilter.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.

...1 (autoclean) serial 43968 0 (autoclean) (unused) af_packet 11144 2 (autoclean) ipt_TCPMSS 2368 1 (autoclean) ipt_TOS 1024 22 (autoclean) ipt_MASQUERADE 1216 2 (autoclean) ipt_MARK 736 13 (autoclean) ipt_LOG 3168 92 (autoclean) ipt_state 608 169 (autoclean) ip_nat_ftp 2944 0 (unused) ip_conntrack_ftp 3200 0 (unused) smc-ultra 5024 1 (autoclean) ne 6432 1 (autoclean) 8390 5856 0 (au...

...of them in the last two weeks.. The most recent kernel output is kernel: Unable to handle kernel NULL pointer dereference at virtual address 0000009c kernel: printing eip: kernel: c88132b4 kernel: *pde = 00000000 kernel: Oops: 0000 kernel: ppp_async ppp_generic slhc 3c509 8139too mii ipt_state ipt_LOG ipt_REJECT ipt_ kernel: CPU: 0 kernel: EIP: 0010:[<c88132b4>] Not tainted kernel: EFLAGS: 00210286 kernel: kernel: EIP is at journal_blocks_per_page_Rab88fbd5 [jbd] 0x4 (2.4.18-3) kernel: eax: 00000000 ebx: 00000000 ecx: c77b8468 edx: c162412c kernel: esi: c162412c edi: 000...

...77 0 nf_nat 18393 1 iptable_nat iptable_mangle 6849 0 nf_conntrack_ipv4 11849 5 iptable_nat,nf_nat xt_state 6209 2 nf_conntrack 51221 5 nf_conntrack_netbios_ns,iptable_nat,nf_nat,nf_conntrack_ipv4,xt_state ipt_REJECT 6977 2 ipt_LOG 9285 4 iptable_filter 6849 1 ip_tables 14033 3 iptable_nat,iptable_mangle,iptable_filter xt_tcpudp 6977 33 ip6t_REJECT 7617 2 ip6table_filter 6593 1 ip6_tables 15057 1 ip6table_filter x_tables 1...

https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=443 ------- Additional Comments From nothingel@hotmail.com 2006-02-08 05:35 MET ------- I also, the situation described in bug ID 322 seemed related and I tried the patch from Phil Oester but it did not make a difference. -- Configure bugmail: https://bugzilla.netfilter.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving

Does anyone keep a known telemarketer caller id database? If not has anyone proposed an Asterisk community project to share this information? Sort of a nation wide blacklist so Asterisk'ers can cut down on the garbage calls... -------------- next part -------------- An HTML attachment was scrubbed... URL:

....6.3-15mdk with shorewall-2.0.3a-1mdk. And lsmod | grep ip shows this: ip_nat_h323 4128 0 ip_conntrack_h323 4132 0 ipv6 232416 16 ipt_TOS 2240 12 ipt_MASQUERADE 3424 1 ipt_REJECT 6464 4 ipt_pkttype 1536 4 ipt_LOG 5312 10 ipt_state 1728 25 ipt_multiport 1856 0 ipt_conntrack 2304 0 iptable_mangle 2624 1 ip_nat_irc 4112 0 ip_nat_tftp 3376 0 ip_nat_ftp 4720 0 iptable_nat 23596 6 ip_nat_h323,ipt_M...

...mod Module Size Used by ipt_ipp2p 6656 2 ipt_MASQUERADE 2688 1 sch_sfq 4864 31 cls_u32 6660 8 sch_htb 14208 2 ipt_IMQ 1792 0 imq 3592 0 xt_mac 1792 19 ipt_LOG 5504 2 xt_limit 2304 2 xt_multiport 3200 4 xt_state 2176 3 iptable_mangle 2304 1 iptable_nat 6020 1 nf_nat 13996 2 ipt_MASQUERADE,iptable_nat nf_conntrack_ipv4 12940 5 iptable_nat nf_conntrack...

..._NETMAP,ipt_MASQUERADE,ipt_ECN,ipt_ecn,ipt_CLUSTERIP,ipt_ah,xt_set,xt_TPROXY,ip6_tables,xt_tcpmss,xt_pkttype,xt_physdev,xt_owner,xt_NFQUEUE,xt_NFLOG,xt_multiport,xt_mark,xt_mac,xt_limit,xt_length,xt_iprange,xt_helper,xt_hashlimit,xt_DSCP,xt_dscp,xt_dccp,xt_conntrack,xt_connmark,xt_CLASSIFY,xt_AUDIT,ipt_LOG,xt_tcpudp,xt_state,iptable_nat,iptable_mangle,iptable_filter,ip_tables Guest network using bridge: <interface type='bridge'> <mac address='00:11:22:33:44:55'/> <source bridge='brdg'/> <model type='virtio'/> <filterref filter='o...

https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=554 ------- Additional Comments From kaber@trash.net 2007-03-15 02:53 MET ------- Most likely these packets are considered invalid by connection tracking and therefore not handled by NAT. Try this: iptables -t mangle -A POSTROUTING -m state --state INVALID -j DROP -- Configure bugmail:

...108400 0 wlan 232736 1 ath_pci ath_hal 225904 1 ath_pci nls_iso8859_1 13440 1 nls_cp437 15104 1 vfat 21120 1 fat 65592 1 vfat usb_storage 94912 0 ipt_REJECT 11776 1 ipt_LOG 14468 1 xt_limit 11140 2 xt_tcpudp 11776 25 xt_state 10624 5 ipt_addrtype 11136 4 ip6table_filter 11264 1 ip6_tables 29712 1 ip6table_filter nf_nat_irc 10752 0 nf_conntrack_irc 1464...

https://bugzilla.netfilter.org/cgi-bin/bugzilla/show_bug.cgi?id=22 laforge@netfilter.org changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |bowles@ambisys.com Component|unknown |ip_tables (kernel) OS/Version|other

...(autoclean) sch_sfq 4096 0 (autoclean) sch_htb 22176 0 ipt_MARK 1368 2 (autoclean) ip_nat_ftp 4112 0 (unused) ip_conntrack_ftp 5296 1 ipt_state 1080 0 (unused) ipt_limit 1560 0 (unused) ipt_LOG 4184 0 (unused) iptable_nat 21752 2 [ip_nat_ftp] iptable_mangle 2776 1 iptable_filter 2412 1 ip_conntrack 27304 3 [ip_nat_ftp ip_conntrack_ftp ipt_state iptable_nat] ip_tables 15096 9 [ipt_MARK ipt_state ipt_limit i...

...k_ftp 4576 0 (unused) > ip_nat_ftp 3872 0 (unused) > 8021q 15176 3 > ne2k-pci 6240 1 > 8390 7812 0 [ne2k-pci] > 3c59x 28008 4 > ipt_multiport 1184 52 (autoclean) > ipt_LOG 4160 18 (autoclean) > ipt_limit 1568 13 (autoclean) > ipt_state 1088 20 (autoclean) > iptable_mangle 2688 0 (autoclean) (unused) > iptable_nat 18484 2 (autoclean) [ip_nat_ftp] > ip_conntrack 19596...

Hi, I have a working test install of Shorewall 2.0.7 on a 32 bit install of Gentoo, it''s working like a champ, so i am making an install on a nice new Opteron server, using 64bit Gentoo. I have run into a problem which going by your FAQ might be due to a missing module, but after a couple of hours of fiddling I''m stumpted - I can''t see any options in the 2.6.8 kernel

...ready applied: submitted/2.4.4 submitted/conntrack-errormsg submitted/ip6tables-export-symbols submitted/ip6t_mac-fix-ipv6 submitted/ipchains-redirect-fix submitted/ip_nat_irc-srcaddr-fix submitted/ipt_LOG submitted/ipt_mac-fix submitted/ipt_MIRROR-ttl submitted/ipt_REJECT-checkentry submitted/ipt_unclean-ecn submitted/module-license submitted/netlink-tcpdiag submitted/sackperm...

Hi, ok Im all new to this :-) for pasv ftp in your example you say for example to use ports 65500-65535, but i dont see that u open those ports in your example fw scripts..? any hints ? -- Christophe Zwecker mail: doc@zwecker.de Hamburg, Germany fon: +49 179 3994867 http://www.zwecker.de "Who is General Failure ? And why is he reading my disk