Le ven 26/09/2003 à 22:45, bmcdowell@xxxxxxxxxxxxxxxxxx a écrit : > How do I use the TARPIT target? > I have iptables 1.2.8 installed and working otherwise. I'm running RedHat 9. > When I try and use > 'iptables -A FORWARD -j TARPIT' > I get > 'iptables: No chain/target/match by that name' Your kernel does not support TARPIT. > I have rebuilt the kernel, but I do not see an option for 'TARPIT' > anywhere in the netfilter stuff. Yes, I do have 'experimental' turned > on. I have also deleted iptables completely and used only the source > to install it. TARPIT target is in patch-o-matic (extra section). So you have to download and install it. 1. install patch-o-matic (see README) 2. rebuild your kernel from sources that got patched 3. build iptables And it should work. Not that TARPIT only applies to TCP connections. So your previously given command won't work : cbr@elendil:~$ sudo iptables -A FORWARD -j TARPIT iptables: Invalid argument You have to specify TCP matching : cbr@elendil:~$ sudo iptables -A FORWARD -p tcp -j TARPIT cbr@elendil:~$ sudo iptables -L FORWARD Chain FORWARD (policy ACCEPT) target prot opt source destination TARPIT tcp -- anywhere anywhere -- http://www.netexit.com/~sid/ PGP KeyID: 157E98EE FingerPrint: FA62226DA9E72FA8AECAA240008B480E157E98EE
