grsec and iptables LOG

Discuss usability issues, general maintenance, and general support issues for a grsecurity-enabled system.

grsec and iptables LOG

Postby xxx » Sat Feb 16, 2013 2:05 pm

Hello, with default kernel on Debian 3.2.0-4-686-pae iptables LOG work, but with grsec kernel 3.7.7-grsec (with made old config) don't work ("iptables: No chain/target/match by that name.")

Code: Select all
+ iptables -A INPUT -p icmp --icmp-type echo-request -m limit --limit 1/s -j LOG --log-prefix 'Ping: '
iptables: No chain/target/match by that name.

Code: Select all
# diff <(egrep -i "netfilter|iptables" /boot/config-3.2.0-4-686-pae | grep -v ^#) <(egrep -i "netfilter|iptables" /boot/config-3.7.7-grsec | grep -v ^#)
43a44
> CONFIG_NETFILTER_XT_MATCH_ECN=m

any idea how fix it?
xxx
 
Posts: 7
Joined: Sun Jan 15, 2012 10:37 am

Re: grsec and iptables LOG

Postby xxx » Tue Feb 19, 2013 10:03 am

noone know?:(
xxx
 
Posts: 7
Joined: Sun Jan 15, 2012 10:37 am

Re: grsec and iptables LOG

Postby alwoka » Thu Feb 21, 2013 9:20 am

Check CONFIG_NETFILTER_XT_TARGET_LOG
alwoka
 
Posts: 2
Joined: Wed Feb 20, 2013 9:06 am

Re: grsec and iptables LOG

Postby xxx » Mon Feb 25, 2013 6:43 pm

Code: Select all
# grep CONFIG_NETFILTER_XT_TARGET_LOG .config
# CONFIG_NETFILTER_XT_TARGET_LOG is not set

where can I set this in menu (due to dependencies)?
xxx
 
Posts: 7
Joined: Sun Jan 15, 2012 10:37 am

Re: grsec and iptables LOG

Postby xxx » Tue Feb 26, 2013 5:31 am

Ok, I changed it just in .config, now iptables with LOG work! thanks! :)
xxx
 
Posts: 7
Joined: Sun Jan 15, 2012 10:37 am


Return to grsecurity support