/sbin/ipchains: No such file or directory.
Parker Johnson
I am working on getting ip masqerading working and am following working
from the IP Masquerading HOW-TO. I get the above error when executing
my rc.firewall script (below). I know what my problem is, I just want
to know if the fix is a simple as i suspect it is.
I am running mandrake 7.0 with kernel 2.2.14 on a 486 dx2 with a 450 MB
hd. When i set it up I went with the recommended option, so I didn't
have much control over what was installed and what wasn't. That was
probably my first mistake. Anyway, I suspect due to space limitations
that ipchains didn't get installed. find didn't come back with
anything.
If I install ipchains will I be ready to go? According to the HOW-TO
they are located at: http://www.rustcorp.com/linux/ipchains/ but
i haven't had much luck with that site.
Any input would be appreciated.
Thanks, Parker
Here is my rc.firewall script:
#!/bin/sh
#
# rc.firewall - Initial SIMPLE IP Masquerade test for 2.1.x and 2.2.x
kernels using IPCHAINS
#
# Load all required IP MASQ modules
#
# NOTE: Only load the IP MASQ modules you need. All current IP MASQ
modules
# are shown below but are commented out from loading.
# Needed to initially load modules
#
/sbin/depmod -a
# Supports the proper masquerading of FTP file transfers using the PORT
method
#
/sbin/modprobe ip_masq_ftp
# Supports the masquerading of RealAudio over UDP. Without this module,
# RealAudio WILL function but in TCP mode. This can cause a
reduction
# in sound quality
#
/sbin/modprobe ip_masq_raudio
# Supports the masquerading of IRC DCC file transfers
#
/sbin/modprobe ip_masq_irc
# Supports the masquerading of Quake and QuakeWorld by default. This
modules is
# for for multiple users behind the Linux MASQ server. If you are
going to play
# Quake I, II, and III, use the second example.
#
# NOTE: If you get ERRORs loading the QUAKE module, you are running
an old
# ----- kernel that has bugs in it. Please upgrade to the newest
kernel.
#
#Quake I / QuakeWorld (ports 26000 and 27000)
#/sbin/modprobe ip_masq_quake
#
#Quake I/II/III / QuakeWorld (ports 26000, 27000, 27910, 27960)
#/sbin/modprobe ip_masq_quake 26000,27000,27910,27960
# Supports the masquerading of the CuSeeme video conferencing software
#
/sbin/modprobe ip_masq_cuseeme
#Supports the masquerading of the VDO-live video conferencing software
#
/sbin/modprobe ip_masq_vdolive
#CRITICAL: Enable IP forwarding since it is disabled by default since
#
# Redhat Users: you may try changing the options in
/etc/sysconfig/network from:
#
# FORWARD_IPV4=false
# to
# FORWARD_IPV4=true
#
echo "1" > /proc/sys/net/ipv4/ip_forward
# Dynamic IP users:
#
# If you get your IP address dynamically from SLIP, PPP, or DHCP,
enable this following
# option. This enables dynamic-ip address hacking in IP MASQ,
making the life
# with Diald and similar programs much easier.
#
#echo "1" > /proc/sys/net/ipv4/ip_dynaddr
# MASQ timeouts
#
# 2 hrs timeout for TCP session timeouts
# 10 sec timeout for traffic after the TCP/IP "FIN" packet is received
# 160 sec timeout for UDP traffic (Important for MASQ'ed ICQ users)
#
/sbin/ipchains -M -S 7200 10 160
# DHCP: For people who receive their external IP address from either
DHCP or BOOTP
# such as ADSL or Cablemodem users, it is necessary to use the
following
# before the deny command. The "bootp_client_net_if_name" should
be replaced
# the name of the link that the DHCP/BOOTP server will put an
address on to?
# This will be something like "eth0", "eth1", etc.
#
# This example is currently commented out.
#
#
#/sbin/ipchains -A input -j ACCEPT -i bootp_clients_net_if_name -s 0/0
67 -d 0/0 68 -p udp
# Enable simple IP forwarding and Masquerading
#
# NOTE: The following is an example for an internal LAN address in the
192.168.0.x
# network with a 255.255.255.0 or a "24" bit subnet mask.
#
# Please change this network number and subnet mask to match
your internal LAN setup
#
/sbin/ipchains -P forward DENY
/sbin/ipchains -A forward -s 192.168.0.0/24 -j MASQ
John McKown
>/sbin/ipchains: No such file or directory.
to install ipchains, mount your orinigal Mandrake CD. Find a file that
starts with "ipchains" and ends with ".rpm". On my RedHat system, this
is ipchains-1.3.8-3.rpm . Install it using:
rpm -i ipchains-1.3.8-3.rpm
Remember to change the filename to be correct!
John
Parker Johnson
Alright, Here is the command I used on the rpm's that came with the cd. Whats'
up with Mandrake? How did I install this 486 box using this cd if it can't use
i586 rpm's?
#rpm -i ipchains-1.3.9-5mdk.i586.rpm
package ipchains-1.3.9-5mdk is for a different architecture
John McKown
>
>Alright, Here is the command I used on the rpm's that came with the cd. Whats
>up with Mandrake? How did I install this 486 box using this cd if it can't
> use
>i586 rpm's?
>
>#rpm -i ipchains-1.3.9-5mdk.i586.rpm
>package ipchains-1.3.9-5mdk is for a different architecture
URK! As I said, I use RedHat, so my stuff is all i386. I didn't realize that
Mandrake required a Pentium. In this case, what I'd do is try to install
an i386 version. You can get that from
http://rufus.w3.org/linux/RPM/IByName.html
download the ipchains-1.3.9-5 for Linux/i386. The URL is really long and
I'll need to split it into two lines. But here goes:
http://rufus.w3.org/linux/RPM/rawhide/1.0/i386/RedHat/RPMS/
ipchains-1.3.9-5.i386.html
You'll need to make that one long line. This will pull up a page from which
you can download the package. There is a -47 level as well, but I don't know
if that will work. It might have dependancies. I would think the -5 from
RedHat would work since Mandrake is RedHat based (enhanced).
Hope this helps more,
John
Parker Johnson
I figured it out John, thanks. Mandrake actually has a i486 version too. I got it
and installed the rpms. Let's see how far I get now.
Thanks,
Parker