Linux Firewall - (rpm package lacks the NAT/MANGLE table.)
CentOSThis forum is for the discussion of CentOS Linux. Note: This forum does not have any official participation.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Linux Firewall - (rpm package lacks the NAT/MANGLE table.)
Centos 6.5 32bit.
Hi guys, the issue here is that it only has the FILTER table.
I type the command as followed:
#rpm -qa | grep iptables
and it downloads nicely..
iptables-1.4.7-16.el6.i686
iptables-ipv6-1.4.7.16.el6.i686
but..
It only appears the iptable_fitler in the iptables package.
That's it, it lacks the NAT and MANGLE tables(I just need these two), How I GET THEM ?(On preference, it can be the full package too, the one that has all 5 tables.)
Thanks.
Last edited by andalogokct; 08-10-2015 at 03:02 PM.
I dont know what's happening, yum is already installed and upgraded and my Iptables packages still has only iptables_filter... I still hold the question "how do I get them"..
---------- Post added 08-10-15 at 05:48 PM ----------
Quote:
Originally Posted by John VV
the command "rpm -qa ????? "
dose NOT download ANYTHING
please READ the manual for rpm
all that command dose is give a alphabetical list of things that have "iptables" in the name
OF THINGS ALREADY INSTALLED
also DO NOT instal/ uninstall packages with RPM
yum was implemented 8 YEARS AGO to do that
and be advised centos6.5 has been UNSUPPORTED for a year
Cent only supports the current minor version
that is CentOS 6.7
please check your version
Code:
cat /etc/redhat-release
if it dose not state it is 6.7
upgrade ASAP
Yes, it is in fact 6.7 (Final Release).
I dont know what's happening, yum is already installed and upgraded and my Iptables packages still has only iptables_filter... I still hold the question "how do I get them"..
Exactly what command are you running when you see a FILTER table and nothing else? The iptables package does not contain any rule sets. Those are something you either create manually or with one of the available firewall builders, such as the basic system-config-firewall, or shorewall, or any of a number of 3rd party tools.
Exactly what command are you running when you see a FILTER table and nothing else? The iptables package does not contain any rule sets. Those are something you either create manually or with one of the available firewall builders, such as the basic system-config-firewall, or shorewall, or any of a number of 3rd party tools.
#:iptables -vnL; #:service iptables status, the command says itself shows only the status of the filter table,
Also #:lsmod | grep less, lsmod | grep tables; show that I have only 1 table in the iptables package which is the filter table.
the fact is that either dont have the nat/mangle table or they must be somewhere else I dont know.
Last edited by andalogokct; 08-11-2015 at 11:53 PM.
"iptables -vnL" defaults to "-t filter", reporting only the filter table. If you want to see one of the other tables, you have to ask: "iptables -t nat -vnL", or "iptables -t mangle -vnL". The output from "service iptables status", does not show any tables that contain no rules. Does your /etc/sysconfig/iptables have any rules for those tables?
Use iptables-save to get a full list of all set iptables. Can also be used to save to a file and load later with iptables-apply. This is also faster than doing a lot of iptables -A lines
To rest asured you definitely have all four tables. Even a fifth with SELinux. Also they only get loaded once you ask the kernel about it. So a simple iptables -t mangle -L will show them. Go figure.
After a clean boot with no iptables setup do
Quote:
iptables-save #shows nothing
iptables -t mangle -L # lists only the five emtpy chains
iptables-save #show mangle and filter table
And just to clarify, the filter tables and the code to apply them are part of the kernel. You have those regardless of whether the "iptables" package is installed. That package is just the userspace tools to manage the tables that are in the kernel.
To rest asured you definitely have all four tables. Even a fifth with SELinux. Also they only get loaded once you ask the kernel about it. So a simple iptables -t mangle -L will show them. Go figure.
PERFECT! That's why whenever I ran the command "#:service iptables status" I didn't get anything.. same for "#:lsmod | less". Now I can view them, it's working fine.
the difference with "#:iptables -vnL" is that it only shows the default which is the filter table SINCE no rules is applied to NAT/MANGLE.
thanks a lot for helping me
Last edited by andalogokct; 08-12-2015 at 03:07 PM.
the difference with "#:iptables -vnL" is that it only shows the default which is the filter table SINCE no rules is applied to NAT/MANGLE.
Even if there are rules in the "nat" or "mangle" tables, "iptables -L" still defaults to showing only the filter table. If you want to see the others, you have to ask.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
