Install multiport module on iptables

Posted by tarteauxfraises on Server Fault See other posts from Server Fault or by tarteauxfraises
Published on 2013-10-20T07:38:08Z Indexed on 2013/10/20 9:57 UTC
Read the original article Hit count: 219

Filed under:

iptables

|

fail2ban

I'am trying to install "fail2ban" on Cubidebian, a Debian port for Cubieboard (A raspberry like board).

The following rule failed due to "-m multiport --dports ssh" options (It works, when i run manually the command without multiple options).

$ iptables -I INPUT -p tcp -m multiport --dports ssh -j fail2ban-ssh"
iptables: No chain/target/match by that name.

When i make a cat on "/proc/net/ip_tables_matches", i see that multiport module is not loaded:

$ cat /proc/net/ip_tables_matches
u32
time
string
statistic
state
owner
pkttype
mac
limit
helper
connmark
mark
ah
icmp
socket
socket
quota2
policy
length
iprange
ttl
hashlimit
ecn
udplite
udp
tcp

What can i do to compile or to enable the multiport module?

Thanks in advance for your help

© Server Fault or respective owner

Install multiport module on iptables

Posted by tarteauxfraises on Super User See other posts from Super User or by tarteauxfraises
Published on 2013-10-20T07:38:08Z Indexed on 2013/10/20 15:58 UTC
Read the original article Hit count: 219

Filed under:

iptables

I'am trying to install "fail2ban" on Cubidebian, a Debian port for Cubieboard (A raspberry like board).

The following rule failed due to "-m multiport --dports ssh" options (It works, when i run manually the command without multiple options).

$ iptables -I INPUT -p tcp -m multiport --dports ssh -j fail2ban-ssh"
iptables: No chain/target/match by that name.

When i make a cat on "/proc/net/ip_tables_matches", i see that multiport module is not loaded:

$ cat /proc/net/ip_tables_matches
u32
time
string
statistic
state
owner
pkttype
mac
limit
helper
connmark
mark
ah
icmp
socket
socket
quota2
policy
length
iprange
ttl
hashlimit
ecn
udplite
udp
tcp

The result of iptables -L -n -v command :

$ iptables -L -n -v
Chain INPUT (policy ACCEPT 6 packets, 456 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain OUTPUT (policy ACCEPT 3 packets, 396 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain fail2ban-apache (0 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain fail2ban-ssh (0 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0

What can i do to compile or to enable the multiport module?

Thanks in advance for your help

© Super User or respective owner

Related posts about iptables

Sometimes this script fails to update the iptables

as seen on Server Fault - Search for 'Server Fault'
It does not happen often, but sometimes after running the below script, checking the iptables with service iptables status shows that they weren't updated and the script doesn't output any error. The iptables is structured as look-up tree (long repeated sections snipped): #!/bin/sh iptables -t… >>> More
My current iptable configuration doesn't work [on hold]

as seen on Server Fault - Search for 'Server Fault'
sudo chkconfig iptables off /etc/init.d/iptables on ### Clear/flush iptables sudo iptables -F sudo iptables -P INPUT ACCEPT sudo iptables -P OUTPUT ACCEPT sudo iptables -P FORWARD ACCEPT ### Allow SSH iptables -A INPUT -i eth0 -p tcp --dport 22 -m state --state NEW,ESTABLISHED -j ACCEPT iptables… >>> More
L2TP iptables port forward

as seen on Server Fault - Search for 'Server Fault'
Hi all, I'm setting up port forwarding for an L2TP VPN connection to the local Windows 2003 VPN server. The router is a simpel Debian machine with iptables. The VPN server works perfect. But I cannot log in from the WAN. I'm missing something. The VPN server is using a pre-shared key (L2TP) and… >>> More
iptables -P FORWARD DROP makes port forwarding slow

as seen on Server Fault - Search for 'Server Fault'
I have three computers, linked like this: box1 (ubuntu) box2 router & gateway (debian) box3 (opensuse) [10.0.1.1] ---- [10.0.1.18,10.0.2.18,10.0.3.18] ---- [10.0.3.15] | box4, www [10.0.2.1] Among other… >>> More
IPtables AWS EC2 NAT/Reverse NAT - For Reverse Proxy style setup but with IPtables

as seen on Server Fault - Search for 'Server Fault'
I was thinking initially needing to do a reverse proxy or something so I could get some SSL/TLS traffic look like it is being terminated at a server and IP address in the AWS cloud, and then that traffic is forwarded onto our actual web servers that aren't in the cloud... I've not done much iptables… >>> More

Related posts about fail2ban

fail2ban Error Gentoo

as seen on Server Fault - Search for 'Server Fault'
Hi All I've recently setup a new VPS running Gentoo (My first time using the distro so please forgive me is this is a really easy one) and as I've done with other servers installed fail2ban. Setting it up to block the host via iptables, on too many unsuccessful logins with ssh. However I'm getting… >>> More
Custom fail2ban Filter

as seen on Server Fault - Search for 'Server Fault'
In my quest to block excessive failed phpMyAdmin login attempts with fail2ban, I've created a script that logs said failed attempts to a file: /var/log/phpmyadmin_auth.log Custom log The format of the /var/log/phpmyadmin_auth.log file is: phpMyadmin login failed with username: root; ip: 192.168… >>> More
Custom fail2ban Filter for phpMyadmin bruteforce attempts

as seen on Server Fault - Search for 'Server Fault'
In my quest to block excessive failed phpMyAdmin login attempts with fail2ban, I've created a script that logs said failed attempts to a file: /var/log/phpmyadmin_auth.log Custom log The format of the /var/log/phpmyadmin_auth.log file is: phpMyadmin login failed with username: root; ip: 192.168… >>> More
What are fail2ban's log iptables "returned 400" entries?

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
In my fail2ban.log there are some entries the meaning of which I don't understand (and haven't found searching around)... For instance, a couple of examples from my log: iptables -I INPUT -p tcp -m multiport --dports ssh -j fail2ban-ssh-ddos returned 400 ... iptables -I INPUT -p tcp -m multiport… >>> More
fail2ban block ports rules iptable

as seen on Server Fault - Search for 'Server Fault'
I just installed Ubuntu Server 14.04 and don't have much experience with IPtables. I am trying to get a basic setup going where I only accept SSH connections on port 22 and 2222. I actually have that working with no problem using fail2ban ssh. Then I wanted to block all other ports except 423 and… >>> More