[clug] iptables 'TARPIT' and Centos kernels
sjenkin at canb.auug.org.au
Sun Nov 23 04:35:53 GMT 2008
In my on-line research I came across the 'TARPIT' rule for iptables and
thought it was exactly right for a couple of systems I control...
The Centos iptables man page talks about 'TARPIT', and even has a
library (/lib/iptables/libipt_TARPIT.so) for it.
But the command:
"iptables -A RH-Firewall-1-INPUT -p tcp -m tcp --dport 80 -j TARPIT"
iptables: Unknown error 4294967295
Which comes down to the kernel module is missing...
There are recipes for including patches and rebuilding the kernel, but I
*really* want to use unmodified distros.
Before I waste a bunch more time, has anyone been down this path before me??
If it's a dead-end or I've setup conflicting requirements - I understand.
I went looking for userland 'tarpit' programs. There is one in CPAN
(dbtarpit), but I need to spend more time to get that working...
PS: I'm still exploring 'unionfs', will report when I get somewhere with it.
Steve Jenkin, Info Tech, Systems and Design Specialist.
0412 786 915 (+61 412 786 915)
PO Box 48, Kippax ACT 2615, AUSTRALIA
sjenkin at canb.auug.org.au http://members.tip.net.au/~sjenkin
More information about the linux