Hello. I've an issue with iptables and Xtables-addons xtables-addons-1.47.1.
My system is:
CentOS release 6.9 (Final)
2.6.32-696.1.1.el6.i686
iptables v1.4.7
When trying to start iptables with an geoip rule, such as "$IPTABLES -A INPUT -p tcp -m tcp --match geoip ! --src-cc US", this happens:
"Couldn't load match `geoip':/lib/xtables/libipt_geoip.so: cannot open shared object file: No such file or directory"
From what I could find, it looks like libipt_geoip.so is supposed to be part of iptables, (in spite of the fact it's in the xtables directory), but I can't find it anywhere on the system. I don't really want to recompile the kernel, which is the "help" provided elsewhere on the Internet, seemed to suggest I should do.
The funny thing is, it seems to me this worked a couple of kernel releases back, but I don't have access to my other systems which were configured to use the geoip target to confirm it.
IPTABLES + Xtables-Addons: Missing file?
Re: IPTABLES + Xtables-Addons: Missing file?
We don't ship that portion of iptables on CentOS 6 or 7 and never have.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Re: IPTABLES + Xtables-Addons: Missing file?
Yeah. I knew that. I was just hoping someone, who uses Xtables-addons with iptables, would have encountered this problem and discovered a fix for it.
If you don't mind, I'll leave the question up for a few days. If I don't get any helpful responses in the next few days, I'll delete it and toss it into the bit-bucket along with my Google-earth and Firefox issues.
As a note: The only way to make this work, and I'm not sure it's really working working until something violates the rules, is to completely disable selinux.
Abandonment is a terrible thing.
If you don't mind, I'll leave the question up for a few days. If I don't get any helpful responses in the next few days, I'll delete it and toss it into the bit-bucket along with my Google-earth and Firefox issues.
As a note: The only way to make this work, and I'm not sure it's really working working until something violates the rules, is to completely disable selinux.
Abandonment is a terrible thing.