own chains
Benjamin Albrecht
bennya@web.de
Thu, 9 Aug 2001 12:12:38 +0100
no way. when i try to create a new chain without a script with "iptables
-n <any string>" :
iptables -n tot
Bad argument `tot'
* Shin Neng Wong (snwong@nttmsc.com.my) wrote:
>=20
>=20
> can you create new chains by trying without the underscore character (_).=
for
> e.g: iptables -n superman
>=20
>=20
>=20
>=20
>=20
>=20
> Benjamin Albrecht <bennya@web.de> on 08/09/2001 07:52:40 PM
>=20
> To: Claudiu RAVEICA <rav@eurolink.ro>
> cc: netfilter@lists.samba.org (bcc: Shin Neng Wong/NTTMSC)
>=20
> Subject: Re: own chains
>=20
>=20
>=20
>=20
> writing uppercase letters doesnt resolve the problem. ;( thats my whole
> script. the rest of my rules are comments until the basic script works.
>=20
> benjamin
>=20
> ##########################################################
> #!/bin/sh
> it=3D/sbin/iptables
>=20
> # CREATE CHAINS
> ${it} -N TO_T
> ${it} -N FROM_T
>=20
> # POLICY SECURE
> ${it} -P INPUT DENY
> ${it} -P OUTPUT DENY
> ${it} -P FORWARD DENY
>=20
> # TELEKOM TRAFFIC
> ${it} -A forward -o ppp0 -j TO_T
> ${it} -A forward -o eth1 -j FROM_T
>=20
> # delete Firewall and NAT
> ${it} -X
> ${it} -F
> ${it} -t nat -F
> ${it} -t nat -X
>=20
> # ACTIVATE MASQ
> ${it} -t nat -A POSTROUTING -o ppp0 -j MASQUERADE
> echo 1 > /proc/sys/net/ipv4/ip_forward
>=20
> ##########################################################
>=20
>=20
> * Claudiu RAVEICA (rav@eurolink.ro) wrote:
> > Try to use uppercase letters:
> > iptables -N TO_T
> > iptables -N FROM_T
> >
> >
> > Claudiu RAVEICA
> > =3D=3D IT Manager =3D=3D
> >
> > EuroLink ROMANIA
> > http://www.eurolink.ro
> > E-mail: rav@eurolink.ro
> > ----- Original Message -----
> > From: "Benjamin Albrecht" <lists@robolinux.de>
> > To: <netfilter@lists.samba.org>
> > Sent: Thursday, August 09, 2001 1:22 PM
> > Subject: own chains
> >
> >
> > > hi lists,
> > >
> > > i am new to netfiler but i think my problem isn t a typical newbie
> > > problem. i want to use two new chains to filter the traffic between my
> > > isp and my LAN. so i jump from the forward chain into the two new
> > > chains depending throught which nic the traffic comes in.
> > >
> > > iptables -N to_t
> > > iptables -N from_t
> > >
> > > i think this should work but when i try to start my scipt iptables sa=
ys:
> > >
> > > ################
> > > iptables v1.2.2: Couldn't load target `to_t':/lib/iptables/libipt_to_=
t.so:
> > cannot open shared object file: No such file or directory
> > > ################
> > >
> > > perhaps you can imagine the problem.
> > >
> > > best regards
> > >
> > > benjamin
> > >
> > > ################################################################
> > > # go away or I will replace you with a very small shell-script #
> > > ################################################################
> > > # Benjamin Albrecht # UIN: 68187352 #
> > > # Mergel
>=20
> =E4cker 2 # E-mail: bennya@web.de #
> > > # 75417 M
> =FChlacker # Linuxuser: 212867 #
> > > # Germany # http://www.benjamin-albrecht.de #
> > > ################################################################
> > >
> >
>=20
>=20
>=20
> ################################################################
> # go away or I will replace you with a very small shell-script #
> ################################################################
> # Benjamin Albrecht # UIN: 68187352 #
> # Mergel
>=20
> =E4cker 2 # E-mail: bennya@web.de #
> # 75417 M
> =FChlacker # Linuxuser: 212867 #
> # Germany # http://www.benjamin-albrecht.de #
> ################################################################
>=20
>=20
>=20
################################################################
# go away or I will replace you with a very small shell-script #
################################################################
# Benjamin Albrecht # UIN: 68187352 #
# Mergel=E4cker 2 # E-mail: bennya@web.de #
# 75417 M=FChlacker # Linuxuser: 212867 #
# Germany # http://www.benjamin-albrecht.de #
################################################################