Greetings to All,
I just patched my kernel and patched my iptables for layred 7 , why do I need this because I want to block voice over Ip thats why . My current kernel is 2.6.28.1 and iptables 1.4.1.1 . Im bit confuse with modules load here is the output of lsmod below
Code:
Module Size Used by
ipt_MASQUERADE 6656 1
iptable_nat 8964 1
nf_nat 20244 2 ipt_MASQUERADE,iptable_nat
nf_conntrack_ipv4 15628 4 iptable_nat,nf_nat
nf_defrag_ipv4 6016 1 nf_conntrack_ipv4
xt_state 6144 1
nf_conntrack 57912 5 ipt_MASQUERADE,iptable_nat,nf_nat,nf_conntrack_i
pv4,xt_state
ipt_REJECT 6912 2
xt_tcpudp 6912 4
iptable_filter 6656 1
ip_tables 13584 2 iptable_nat,iptable_filter
x_tables 17412 6 ipt_MASQUERADE,iptable_nat,xt_state,ipt_REJECT,x
t_tcpudp,ip_tables
bridge 43540 0
stp 6404 1 bridge
ipv6 216436 22
autofs4 24708 2
hidp 16512 2
l2cap 22272 5 hidp
bluetooth 53092 2 hidp,l2cap
sunrpc 167104 1
cpufreq_ondemand 10124 1
acpi_cpufreq 12300 1
dm_mirror 16128 0
dm_region_hash 14208 1 dm_mirror
dm_log 12548 2 dm_mirror,dm_region_hash
dm_multipath 17164 0
dm_mod 51016 3 dm_mirror,dm_log,dm_multipath
rfkill 14028 0
input_polldev 7816 0
sbs 15240 0
sbshc 9344 1 sbs
battery 14340 0
ac 8324 0
lp 13060 0
snd_hda_intel 370480 0
snd_seq_dummy 6788 0
snd_seq_oss 29056 0
snd_seq_midi_event 10496 1 snd_seq_oss
snd_seq 45488 5 snd_seq_dummy,snd_seq_oss,snd_seq_midi_event
snd_seq_device 10508 3 snd_seq_dummy,snd_seq_oss,snd_seq
snd_pcm_oss 36992 0
snd_mixer_oss 16384 1 snd_pcm_oss
snd_pcm 65796 2 snd_hda_intel,snd_pcm_oss
8250_pnp 18176 0
rtc_cmos 12844 0
snd_timer 21512 2 snd_seq,snd_pcm
3c59x 40488 0
sis190 19716 0
snd 50468 8 snd_hda_intel,snd_seq_oss,snd_seq,snd_seq_device
,snd_pcm_oss,snd_mixer_oss,snd_pcm,snd_timer
rtc_core 17948 1 rtc_cmos
parport_pc 27428 1
8250 28708 1 8250_pnp
button 10256 0
mii 8960 2 3c59x,sis190
serial_core 20992 1 8250
serio_raw 8964 0
rtc_lib 6912 1 rtc_core
parport 34924 2 lp,parport_pc
soundcore 10592 1 snd
pcspkr 6528 0
snd_page_alloc 12296 2 snd_hda_intel,snd_pcm
sata_sis 9092 0
pata_sis 13700 1 sata_sis
libata 151136 2 sata_sis,pata_sis
sd_mod 27416 0
scsi_mod 138132 2 libata,sd_mod
ext3 109576 11
jbd 43924 1 ext3
uhci_hcd 22800 0
ohci_hcd 23824 0
ehci_hcd 33292 0
here is my script where I loaded some modules
Code:
if [ -z "` $LSMOD | $GREP ip_tables | $AWK {'print $1'} `" ]; then
$MODPROBE ip_tables
fi
if [ -z "` $LSMOD | $GREP ipt_TCPMSS | $AWK {'print $1'} `" ]; then
$MODPROBE ipt_TCPMSS
fi
if [ -z "` $LSMOD | $GREP ipt_MARK | $AWK {'print $1'} `" ]; then
$MODPROBE ipt_MARK
fi
if [ -z "` $LSMOD | $GREP ipt_length | $AWK {'print $1'} `" ]; then
$MODPROBE ipt_length
fi
if [ -z "` $LSMOD | $GREP ipt_TOS | $AWK {'print $1'} `" ]; then
$MODPROBE ipt_TOS
fi
if [ -z "` $LSMOD | $GREP ipt_MASQUERADE | $AWK {'print $1'} `" ]; then
$MODPROBE ipt_MASQUERADE
fi
if [ -z "` $LSMOD | $GREP iptable_mangle| $AWK {'print $1'} `" ]; then
$MODPROBE iptable_mangle
fi
if [ -z "` $LSMOD | $GREP ipt_limit | $AWK {'print $1'} `" ]; then
$MODPROBE ipt_limit
fi
if [ -z "` $LSMOD | $GREP ipt_LOG | $AWK {'print $1'} `" ]; then
$MODPROBE ipt_LOG
fi
if [ -z "` $LSMOD | $GREP ipt_REJECT | $AWK {'print $1'} `" ]; then
$MODPROBE ipt_REJECT
fi
if [ -z "` $LSMOD | $GREP ipt_REDIRECT | $AWK {'print $1'} `" ]; then
$MODPROBE ipt_REDIRECT
fi
if [ -z "` $LSMOD | $GREP ipt_state | $AWK {'print $1'} `" ]; then
$MODPROBE ipt_state
fi
if [ -z "` $LSMOD | $GREP ipt_unclean | $AWK {'print $1'} `" ]; then
$MODPROBE ipt_unclean
fi
if [ -z "` $LSMOD | $GREP iptable_filter | $AWK {'print $1'} `" ]; then
$MODPROBE iptable_filter
fi
if [ -z "` $LSMOD | $GREP ip_conntrack_ftp | $AWK {'print $1'} `" ]; then
$MODPROBE ip_conntrack_ftp
fi
if [ -z "` $LSMOD | $GREP ip_conntrack_irc | $AWK {'print $1'} `" ]; then
$MODPROBE ip_conntrack_irc
fi
if [ -z "` $LSMOD | $GREP ip_nat_ftp | $AWK {'print $1'} `" ]; then
$MODPROBE ip_nat_ftp
fi
if [ -z "` $LSMOD | $GREP ip_nat_irc | $AWK {'print $1'} `" ]; then
$MODPROBE ip_nat_irc
fi
if [ -z "` $LSMOD | $GREP iptable_nat | $AWK {'print $1'} `" ]; then
$MODPROBE iptable_nat
fi
if [ -z "` $LSMOD | $GREP ip_conntrack | $AWK {'print $1'} `" ]; then
$MODPROBE ip_conntrack
fi
guys let me know either I've loaded the correct modules or do I need to make any change cause when I run my script I got bad nat argument error . I think Im missing the layred 7 filter module aswell . Im sure guys will correct me . Looking forward for your kind response.
Regards
Net_Sp