Antony Stone wrote:
On Monday 09 August 2004 5:40 pm, 'Me' wrote:
Hi, I’m having problems logging packets (IPTables: 1.2.8 Kernel: 2.4.8) with the following rule (from the FAQ):
iptables -N logdrop iptables -A logdrop -j LOG iptables -A logdrop -j DROP
On the log line I get: iptables: No chain/target/match by that name
I’m a little lost – any pointers?
It seems unlikely, but has your kernel been compiled without support for the LOG target (and by the way, why are you using a three year old kernel anyway?)?
Test one thing at a time:
1. Can you use the LOG target? iptables -A INPUT -j LOG
2. Can you put a rule into a user-defined chain? iptables -N logdrop iptables -A logdrop -j DROP
If both the above tests work, then there is no reason you shouldn't be able to put a LOG target into your user-defined chain (so check very carefully the syntac of what you are typing when you get the error, etc).
If one of the above tests fails, you know where the problem is.
Just one last thing to check - you haven't compiled the userspace iptables tool without also recompiling the kernelspace netfilter part, have you?
If you do one of these, you should also do the other to match.
Regards,
Antony.
IIRC, Debian ships with 2.4.8 on Current-Stable. Could be wrong, tho.
-- Eric Ellis Gilchrist County Sheriff's Department IT Coordinator eellis@xxxxxxxxxxxxxxxxxxxxxxx 352-463-3181
