iptables with geoip does not work
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| xtables-addons (Ubuntu) |
Expired
|
Undecided
|
Unassigned | ||
Bug Description
Ubuntu 10.10 64 bits
basically what i want to do is:
# iptables -A FORWARD -m geoip --src-cc A1,A2 -j DROP
but i run into 2 issues with this:
1) the tools are missing for downloading and converting (geoip_csv_iv0.pl) the databases, and
the link (http://
in the docu doesn't work, basically the tools are nasty to find.
2) when i managed 1) it still doesn't work, and i get a:
# iptables -A FORWARD -m geoip --src-cc A1,A2 -j DROP
iptables: No chain/target/match by that name.
what i expect:
1) tools are included with xtables-addons (geoip_download.sh and geoip_csv_iv0.pl) or
docu point to a link which contains those tools
2) this should just work perhaps after insmodding an ipt_geoip (and having
the database files)
about 2):
I think there is no kernel (match) support:
#cat /proc/net/
state
multiport
udplite
udp
tcp
icmp
where geoip is missing
in /lib/modules is no ipt_geoip, or something which looks like it.
At the xtables support page ubuntu is listed in red (like many other
distro's):
http://
Of course i can start the custom kernel/patching etc etc, but this is not
what i seek (for long term).
Please consider of fixing this.
Regards,
Arjan Filius
<email address hidden>
| affects: | ubuntu → xtables-addons (Ubuntu) |
| smithson (trevor-o) wrote | #1 |
| description: | updated |
| Launchpad Janitor (janitor) wrote | #2 |
| Changed in xtables-addons (Ubuntu): | |
| status: | New → Confirmed |
| Oibaf (oibaf) wrote | #3 |
| Changed in xtables-addons (Ubuntu): | |
| status: | Confirmed → Incomplete |
| Launchpad Janitor (janitor) wrote | #4 |
| Changed in xtables-addons (Ubuntu): | |
| status: | Incomplete → Expired |
agreed, after copying US.iv4 to US.iv0 I also get:
iptables: No chain/target/match by that name.
Would love to see this fixed