Monday, July 27, 2015

Install multiport module on iptables

I'am trying to install "fail2ban" on Cubidebian, a Debian port for Cubieboard (A raspberry like board).


The following rule failed due to "-m multiport --dports ssh" options (It works, when i run manually the command without multiple options).


$ iptables -I INPUT -p tcp -m multiport --dports ssh -j fail2ban-ssh"
iptables: No chain/target/match by that name.

When i make a cat on "/proc/net/ip_tables_matches", i see that multiport module is not loaded: 


$ cat /proc/net/ip_tables_matches
u32
time
string
statistic
state
owner
pkttype
mac
limit
helper
connmark
mark
ah
icmp
socket
socket
quota2
policy
length
iprange
ttl
hashlimit
ecn
udplite
udp
tcp

The result of iptables -L -n -v command :


$ iptables -L -n -v
Chain INPUT (policy ACCEPT 6 packets, 456 bytes)
 pkts bytes target     prot opt in     out     source               destination
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination
Chain OUTPUT (policy ACCEPT 3 packets, 396 bytes)
 pkts bytes target     prot opt in     out     source               destination
Chain fail2ban-apache (0 references)
 pkts bytes target     prot opt in     out     source               destination
    0     0 RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0
Chain fail2ban-ssh (0 references)
 pkts bytes target     prot opt in     out     source               destination
    0     0 RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0

What can i do to compile or to enable the multiport module?


Thanks in advance for your help

-

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

linux - How to SSH to ec2 instance in VPC private subnet via NAT server

I have created a VPC in aws with a public subnet and a private subnet. The private subnet does not have direct access to external network. S...