Here are the steps that I followed to install those netfilter extensions using xtables-addons.
[1] Download the xtables-addons package
root@lin-bin-box:~# wget -c http://nchc.dl.sourceforge.net/project/xtables-addons/Xtables-addons/1.19/xtables-addons-1.19.tar.bz2
[2] Install related Packages
root@lin-bin-box:~# aptitude -y install iptables-dev linux-source linux-headers
root@lin-bin-box:~# tar jxvf xtables-addons-1.19.tar.bz2
root@lin-bin-box:~# cd xtables-addons-1.19
[3] Upgrade itpables
If you read the INSTALL file that comes with xtables-addons it states that the iptables version required is iptables >= 1.4.3
root@lin-bin-box:~/xtables-addons-1.19# iptables -V
iptables v1.4.1.1
Since our iptables version is old ; we need to upgrade it :
root@lin-bin-box:~# cd ..
root@lin-bin-box:~# wget -c http://ftp.netfilter.org/pub/iptables/iptables-1.4.5.tar.bz2
root@lin-bin-box:~# tar jxvf iptables-1.4.5.tar.bz2
root@lin-bin-box:~# cd iptables-1.4.5
root@lin-bin-box:~# ./configure
root@lin-bin-box:~# make && make install
The latest iptables binaries will be installed in /usr/local/sbin. You can check the iptables version like this :
root@lin-bin-box:/usr/local/sbin# /usr/local/sbin/iptables -V
iptables v1.4.5
[4] Install xtables-addons and select the required modules
root@lin-bin-box:~# cd xtables-addons-1.19
Choose the modules you want by modifying the mconfig file. I only choose ipp2p and tarpit.
Now its time to compile those extensions.
root@lin-bin-box:~# ./configure
root@lin-bin-box:~# make
root@lin-bin-box:~# make install
[5] Check to see if the extensions work or not :
Check ipp2p extension :
root@lin-bin-box:~# /usr/local/sbin/iptables -t filter -m ipp2p --help
Check the TARPIT extension :
root@lin-bin-box:~# /usr/local/sbin/iptables -t filter -A INPUT -s 0/0 -p tcp --dport 25 -j TARPIT
(Source)
No comments:
Post a Comment