Results 1 to 3 of 3

Thread: If i follow this for my iptbales install???

  1. #1

    If i follow this for my iptbales install???


    I was wandering if someone could go over this and tell me if im did soomething wrong in these steps i have tryed this many times but keep

    getting errors wandering where im going wrong

    Ok installed linux 7.2 it comes with iptables already installed iptablesv1.2.3 Now i want to install iptables 1.2.7 Soo here is what im


    Re-Compile my kernel to 2.4.19 with
    ALL built in the kernel:
    Next i am going to download IPTABLES-1.2.7 and install them
    bzip2 -cd iptables-1.2.3.tar.bz2 | tar -xvf
    make KERNEL_DIR=/usr/src/linux/
    make install KERNEL_DIR=/usr/src/linux/
    Next im going to create a script for my iptables named "rc.firewall" in the "/etc/rc.d/" dir. where i create my rules:
    then im going to
    chown root.root /etc/rc.d/rc.firewall
    chmod u=rwx /etc/rc.d/rc.firewall
    sh /etc/rc.d/rc.firewall
    And im going to add the following line "sh /etc/rc.d/rc.firewall" to the end of the "/etc/ec.d/rc.local" file: all this is soo it will

    startup everytime compouters starts..
    Since i have a dynamic ip address im going to install "PUMP" from Linux instal disc 2
    rpm -iv pump-1.1.11

    Then im going to create a "PUMP.CONF" file in the "/etc" directpory which will look like this
    retries 3
    script /etc/rc.d/rc.pump.done

    device eth0 {
    And then the following shell commands can be placed in the firewall script some point after any HARDCODED definitions of IPADDRESS
    if [ -f /etc/rc.d/ ]; then
    . /etc/rc.d/

    echo "rc.firewall: dhcp is not configured."
    sh /ect/init.d/iptables panic
    exit 1
    Sooo then in the "/etc/rc.d" i will create this script

    if [ "$1" = "down" ]; then
    exit 0

    if [ "$1" = "lease" ]; then
    echo address $3 assigned to network interface $2 > /dev/console

    /sbin/pump -i eth0 -s > /var/tmp/pump.out

    IPADDR=`fgrep IP: /var/tmp/pump.out | sed -e "s/.*IP: //"`
    NETMASK=`fgrep IP: /var/tmp/pump.out | sed -e "s/.*Netmask: //"`
    BROADCAST=`fgrep IP: /var/tmp/pump.out | sed -e "s/.*Broadcast: //"`
    NETWORK=`fgrep IP: /var/tmp/pump.out | sed -e "s/.*Network: //"`
    DHCP_SERVER=`fgrep IP: /var/tmp/pump.out | sed -e "s/.*DHCP_SERVER: //"`
    GATEWAY=`fgrep IP: /var/tmp/pump.out | sed -e "s/.*Gateway: //"`
    DOMAIN=`fgrep IP: /var/tmp/pump.out | sed -e "s/.*Domain: //"`

    rm /var/tmp/pump.out

    echo IPADDR=$IPADDR . /etc/rc.d/
    echo NETMASK=$NETMASK >> /etc/rc.d/
    echo SUBNET_BASE=$NETWORK >> /etc/rc.d/
    echo SUBNET_BROADCAST=$BROADCAST >> /etc/rc.d/
    echo GATEWAY=$GATEWAY >> /etc/rc.d/
    echo HOSTNAME=$HOSTNAME >> /etc/rc.d/
    echo DHCP_SERVER=$DHCP_SERVER>> /etc/rc.d/

    sh /etc/init.d/iptables restart

    exit 0

    What im asking is if i follow these steps should i have any problems cause this is my 3 rd try with this i wanna know what i am doing wrong...since "iptables" is already installed with 7.2 will this setup gimme errors or soemthing??

    thanks for the help guys!!!

  2. #2
    Senior Member problemchild's Avatar
    Join Date
    Jul 2002
    It's hard to help without knowing what the error message is, but I will try to offer some general suggestions. What is the exact error you're geting?
    ALL built in the kernel:
    A lot of firewall scripts expect iptables to load as a module and will choke if it's compiled directly into the kernel. Try recompiling as modules.
    Next i am going to download IPTABLES-1.2.7 and install them
    bzip2 -cd iptables-1.2.3.tar.bz2 | tar -xvf
    make KERNEL_DIR=/usr/src/linux/
    make install KERNEL_DIR=/usr/src/linux/
    Did you uninstall the old iptables first? You need to rpm -e iptables before you install to avoid any version conflicts between the old and the new.

    [EDIT] I would also compile iptables with ./configure --prefix=/usr to install it to /usr instead of /usr/local so everything goes back in the same place.

    If you're going to do a clean reinstall, do one thing at a time to find out where the problem lies.

    Try the firewall script on the default install and see if your script is OK. If the script works, then upgrade your iptables and see if it still works. If that works, then upgrade your kernel. Don't do everything at once, because then you have no way of knowing which part of the process is breaking it.

    BTW, why are you upgrading all of this stuff? The Red Hat security advisories will cover any security issues that may come about. I'm just curious.......

    Holy crap... you're adding and deleting posts faster than I can edit. LOL
    Do what you want with the girl, but leave me alone!

  3. #3


    Thank you soo much for your help

    Im going to run
    rpm -e iptables-1.2.3
    First and then installl the newer iptables... and for my kernel im load my
    as modules and then neear the end of recompiling the kernel do i still run the command
    "make modules make modules_install"

    while i am recompiling

    And the errors i use to get was
    iptables: libiptc/libip4tc.C:386 do_check Assertion 'h--->info.valid_hooks == (1 <<0 | 1 << 3)' Failed
    /etc/rc3.d/s08 iptables:line -246 280 ABORTED iptables -t $i -F
    There was somemore but this what i only worte down

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts