02-20-2006
Thanks everyone for viewing and trying to think over it. I got my solution for this strange problem. So that none of u face same problem i'll tell what happened.
I created my kernel module and created a patch (mymodule.patch file) for it. Next I went through the patch-o-matic and learnt how to add ones own new patches to the already existing ones. Now I created all files required to patch makefile, config.in file etc. But to my surprise when I applied this patch last two lines were not included in the C file that resulted from patch. These two lines contained module initialisation and exit code. And so upon calling from user space though the module was loaded but it was loaded as tainted module. Luckily on going through again and again I could find the mistake and then rectified it.
So this way i got rid of problem but still thanks to u all for atleast looking into my problem.
9 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
i.e configuration of C compiler :confused: (4 Replies)
Discussion started by: atiato
4 Replies
2. Programming
Hi everybody,
I have to write a module for matching in netfilter , extending the netfilter but I'm facing some problems can somebody guide me in that. I know that I need to write matching module working in kernel space and a program in userspace. I went through the HOWTO on netfilter-hacking but... (0 Replies)
Discussion started by: Trusted Penguin
0 Replies
3. Programming
Friends I'm facing a big problem trying to extend the netfilter. Somone please help me with your quick reply (any hint) as I've to meet a deadline.
My problem is that I've written a new netfilter target module and its corresponding userspace program for iptables to change the packet type of a... (0 Replies)
Discussion started by: Rakesh Ranjan
0 Replies
4. IP Networking
hi,
i'm using tcpreplay to send a traffic trace to my wireless interface (the trace is been captured by the same interface). It seems as netfilter can't trace connections. Is it possible? (0 Replies)
Discussion started by: littleboyblu
0 Replies
5. Cybersecurity
Hi everyone, I would like to allow multi users to access P2P networks, so I wonder if there's a way to tracking these kind of protocols with netfilter, and also compatibility with nat, like the module conntrack_ftp seems to do with the FTP protocol.
Thanks guys. (0 Replies)
Discussion started by: nekkro-kvlt
0 Replies
6. Linux
HI,
Is the Netfilter and IPtables same?
Thanks & Regards
Arun (1 Reply)
Discussion started by: Arun.Kakarla
1 Replies
7. Linux
Hello,
Everyone knows that with PF_PACKET sockets one can "sniff" a determinated frame from the network device, but just that, see the frame without altering its action on the receiving host. What i want is to "intercept" the incoming frame and pass it through some rules, and if it doesn't pass... (9 Replies)
Discussion started by: Zykl0n-B
9 Replies
8. Cybersecurity
Hi all,
I would like to get some ideas and opinions on matter of libvirt netfilter application in KVM environment. I am looking for some easy way to control it with an API and possible experience with that and its performance in real life application.
Thanks for all ideas (0 Replies)
Discussion started by: smoofy
0 Replies
9. Cybersecurity
Hello,
on a PC with Debian 8 I try to use a Bash script with Netfilter rules so that only traffic goes in and out that is wanted. For that I set all 3 default policies to "drop". The machine uses DHCP to get its IP, gateway and DNS. And I never checked so I was quite surprised that my... (1 Reply)
Discussion started by: SInt
1 Replies
LEARN ABOUT DEBIAN
lire::firewall::iptablesdlfconverter
IptablesDlfConverter(3pm) LogReport's Lire Documentation IptablesDlfConverter(3pm)
NAME
IptablesDlfConverter - convert netfilter/iptables syslog logs to firewall DLF
DESCRIPTION
IptablesDlfConverter converts Linux 2.4 iptables packet log into firewall DLF format.
LIMITATIONS
The netfilter logging modules don't log the status of the packet (drop, accept, reject) like the ipchains logging code. You can specify a
prefix that will be used in the log. This converter will mark the packet as 'denied' whenever that prefix matches (case insensitive) the
following regex: 'denied|deny|drop|reject|unallowed', it will mark the packet as 'permitted' whenever that prefix matches (case
insensitive) the following regex: 'accept|permit', and all other packets will have '-' as the value of the 'action' field.
So in order for this converter to detect 'denied' packets, you should use a prefix containing one of those substrings.
For example:
iptables -N lodrop
iptables -A logdrop -j LOG --log-prefix "Packet-DENY: "
iptables -A logdrop -j DROP
or other similar prefixes: 'denied: ', 'Packet-REJECT: ', ...
The prefix used will end up in the 'rule' field of the DLF record.
EXAMPLES
IptablesDlfConvertor will be rarely used on its own, but is more likely called by lr_log2report:
$ lr_log2report iptables < /var/log/iptables.log > report
SEE ALSO
The Netfilter webpage at http://netfilter.samba.org/ .
AUTHORS
Francis J. Lacoste <flacoste@logreport.org>
VERSION
$Id: IptablesDlfConverter.pm,v 1.12 2006/07/23 13:16:35 vanbaal Exp $
COPYRIGHT
Copyright (C) 2001, 2002, 2003, 2004 Stichting LogReport Foundation LogReport@LogReport.org
This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program (see COPYING); if not, check with
http://www.gnu.org/copyleft/gpl.html.
Lire 2.1.1 2006-07-23 IptablesDlfConverter(3pm)