iptables with geoip does not work
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
xtables-addons (Ubuntu) |
Confirmed
|
Undecided
|
Unassigned |
Bug Description
Ubuntu 10.10 64 bits
basically what i want to do is:
# iptables -A FORWARD -m geoip --src-cc A1,A2 -j DROP
but i run into 2 issues with this:
1) the tools are missing for downloading and converting (geoip_csv_iv0.pl) the databases, and
the link (http://
in the docu doesn't work, basically the tools are nasty to find.
2) when i managed 1) it still doesn't work, and i get a:
# iptables -A FORWARD -m geoip --src-cc A1,A2 -j DROP
iptables: No chain/target/match by that name.
what i expect:
1) tools are included with xtables-addons (geoip_download.sh and geoip_csv_iv0.pl) or
docu point to a link which contains those tools
2) this should just work perhaps after insmodding an ipt_geoip (and having
the database files)
about 2):
I think there is no kernel (match) support:
#cat /proc/net/
state
multiport
udplite
udp
tcp
icmp
where geoip is missing
in /lib/modules is no ipt_geoip, or something which looks like it.
At the xtables support page ubuntu is listed in red (like many other
distro's):
http://
Of course i can start the custom kernel/patching etc etc, but this is not
what i seek (for long term).
Please consider of fixing this.
Regards,
Arjan Filius
<email address hidden>
agreed, after copying US.iv4 to US.iv0 I also get:
iptables: No chain/target/match by that name.
Would love to see this fixed