Jump to content

Help with my xt_state problem


Monkuar

Recommended Posts

Hey, I am trying to run the following code: (Debian 6, 32 bit) OPENVZ.

 

iptables -A INPUT -p tcp --dport 80 -m state --state NEW -m recent --set --name DDOS

 

But I receive

 

 

iptables: No chain/target/match by that name.

 

 

Which I found out that xt_state needs to be enabled on the node.

 

So I asked my host to do this. I Still receieve the same damn iptable error...

 

I am trying to run this basic firewall:

 

iptables -A INPUT -p tcp --dport 80 -m state --state NEW -m recent --set --name DDOS
iptables -A INPUT -p tcp --dport 80 -m state --state NEW -m recent --update --seconds 10 --hitcount 20 --rttl --name DDOS -j DROP

 

Anyone got any ideas why it wont let me do this? Yes I am on openVZ

 

 

Also when I run : cat /proc/net/ip_tables_matches

 

 

I get:

mark
mark
owner
limit
owner
length
ttl
tcpmss
multiport
multiport
tos
tos
dscp
icmp
state
udplite
udp
tcp

 

Shouldn't state, be xt_state?

 

my host said he enabled the xt_state module, wat is the problem ?

 

Link to comment
Share on other sites

  • 3 weeks later...
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.