[nSLUG] iptables/firehol on Sun sparc64 debian - a solution

Donald Teed donald.teed at gmail.com
Wed Nov 2 12:35:25 AST 2005


Howdy...

I had a simple iptables rules set up on my Sun box but I
wanted to get it running some of the more complex filters
normally set up by a script package. I'm using
a 2.4.31 kernel and 1.2.11 iptables. I've used firehol
before and liked it.

However on the sparc, firehol balks with a bunch of errors.

For example, on firehol start, I see this:

 ERROR : # 1.
WHAT : A runtime command failed to execute (returned error 1).
SOURCE : line INIT of /etc/firehol/firehol.conf
COMMAND : /sbin/iptables -t filter -A in_localnet -m limit --limit 1/second
--limit-burst 5 -j LOG --log-level warning --log-prefix=IN-localnet:
OUTPUT :

iptables: Invalid argument

Running the command manually, I see the error:

# /sbin/iptables -t filter -A in_localnet -m limit --limit 1/second
--limit-burst 5 -j LOG --log-level warning --log-prefix=IN-localnet:
iptables: No chain/target/match by that name

I checked and found a bug in Debian's tracking system, mentioning an
upstream fix.
There was also a follow up that unless the iptables package was built on
sparc64,
the patch would not work properly.

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=218837

So I didn't have to venture outside of stable for this, but just build it:

apt-src install --location=/usr/src -i iptables

Now firehol starts fine.


!DSPAM:4368eace310281675883036!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://nslug.ns.ca/mailman/private/nslug/attachments/20051102/bfa1d2b3/attachment-0001.html>


More information about the nSLUG mailing list