Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
C
C
CeBePHblY2016-03-30 06:32:32
linux
CeBePHblY, 2016-03-30 06:32:32

Block access with country iptables, xtables not working, what to do?

Hello. The second day I suffer) with iptables+xtables+geoip. Previously, there was ubuntu server 14.04 x64, everything worked fine there, now it's ubuntu server 14.04 x32 - problems started. In order:
I do everything according to this manual
vds-admin.ru/security/iptables-geoip
at the first step
sudo apt-get install xtables-addons-common
an error occurs

Building initial module for 4.2.0-34-generic
ERROR: Cannot create report: [Errno 17] File exists: '/var/crash/xtables-addons-dkms.0.crash'
Error! Build of xt_ACCOUNT.ko failed for: 4.2.0-34-generic (i686)
Consult the make.log in the build directory
/var/lib/dkms/xtables-addons/2.3/build/ for more information.
Processing triggers for libc-bin (2.19-0ubuntu6.7) ...

lsmod output right after this
nf_conntrack_ipv4 16384 2
nf_defrag_ipv4 16384 1 nf_conntrack_ipv4
xt_conntrack 16384 2
nf_conntrack 94208 2 xt_conntrack, nf_conntrack_ipv4
xt_tcpudp 16384 5
xt_hashlimit 20480 2
ip6table_filter 16384 0
ip6_tables 20480 1 ip6table_filter
xt_set 16384 0
ip_set 36864 1 xt_set
nfnetlink 16384 1 ip_set
xt_multiport 16384 3
iptable_filter 16384 1
ip_tables 20480 1 iptable_filter
x_tables 24576 9 ip6table_filter, ip_tables, xt_tcpudp, xt_conntrack, xt_set, xt_hashlimit, xt_multiport, iptable_filter, ip6_tables
ppdev 20480 0
cirrus 24576 1
ttm 86016 1 cirrus
drm_kms_helper 114,688 1 cirrus
drm 303 104 4 ttm, drm_kms_helper, cirrus
input_leds 16384 0
joydev 20480 0
pvpanic 16384 0
8250_fintek 16384 0
parport_pc 32768 0
syscopyarea 16384 1 cirrus
sysfillrect 16384 1 cirrus
i2c_piix4 20480 0
sysimgblt 16384 1 cirrus
serio_raw 16384 0
mac_hid 16384 0
lp 16384 0
parport 45056 3 lp,ppdev,parport_pc
hid_generic 16384 0
usbhid 49152 0
hid 98304 2 hid_generic,usbhid
psmouse 114688 0
floppy 61440 0
pata_acpi 0

I'm trying to add a rule
sudo iptables -A INPUT -m geoip ! --src-cc RU,KZ,MN,BY,UA -j DROP

exhaust:
iptables: No chain/target/match by that name.

dosudo modprobe xt_geoip
modprobe: FATAL: Module xt_geoip not found.

I reboot, same thing. tell me how to fix it?
maybe there is another way?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

3 answer(s)
Report
Y
Yuri Chudnovsky, 2016-03-30
@Frankenstine

Consult the make.log in the build directory
/var/lib/dkms/xtables-addons/2.3/build/ for more information.

You were told where to read which dev packages you don't have enough to build the kernel module, but you decided not to look there :)

Report
M
mikes, 2016-03-30
@mikes

Drive the list of networks of the desired country into ipset and block, and update the ipset itself by krone

Report
E
Ergil Osin, 2016-03-30
@Ernillew

manipset

Similar questions
H
hloya_ram2019-11-17 12:04:54
How does Reading Mode work in Safari and Firefox browsers? 2Reply
K
Karpov822020-11-21 11:35:38
VestaCP + Centos 7? 3Reply
A
Axwellweb2019-02-21 15:18:13
Prevent frequent SSH connections? 4Reply
P
PriFak SecLight2022-04-11 13:24:45
What is the best way to do a remote reinstallation of Linux? 1Reply
W
Warfare Noise2014-09-17 20:13:45
What is the best way to configure mdadm RAID under Proxmox? 3Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question