Home Forums Articles Downloads Hosting Freebies Jobs
Welcome to Linux Forums! With a comprehensive Linux Forum, information on various types of Linux software and many Linux Reviews articles, we have all the knowledge you need a click away, or accessible via our knowledgeable members.
Find the answer to your Linux question:
New to Linux Forums? Register here for free!
    Linux Forums > GNU Linux Zone > Linux Security > iptables: No chain/target/match by that name

Forgot Password?
 Linux Security   Discussion about keeping your machines secure, and the crackers out.

Site Navigation
Linux Articles
Linux Forums
Linux Downloads
Linux Hosting
Free Magazines
Job Board
IRC Chat
RSS Feeds


Linux Forum Topics
Linux Forums
Your Distro
Linux Resources
GNU Linux Zone
The Community
Reply
 
Thread Tools Display Modes
Old 05-26-2009   #1 (permalink)
Just Joined!
 
Join Date: Sep 2007
Location: Edinburgh UK
Posts: 8
Send a message via MSN to billy_bass26
iptables: No chain/target/match by that name
Hi,

I have a perl script which runs the iptables chain below everytime a UDP flood is detected originating from within the network. I want to limit the amount of packets but am having trouble with the chain

Code:
iptables -A OUPUT -o tap2 -s 192.168.2.240 -p udp -m limit --limit 5/m -j ACCEPT
and get this error.

Code:
iptables: No chain/target/match by that name
i've also tried this from command line

Code:
iptables -A OUTPUT  -o tap2 -s 192.168.2.240 -p udp -m limit --limit 5/m --limit-burst 10 --syn -j
ACCEPT
but the same error.

Please help!!

Billy
billy_bass26 is offline  


Reply With Quote
Old 05-26-2009   #2 (permalink)
Linux Engineer
 
Lazydog's Avatar
 
Join Date: Jun 2004
Location: The Key Stone State
Posts: 1,187
Instead of using the OUTPUT chain why are you not using the INPUT/FORWARD chain? OUTPUT chain is just for traffic that originates on that system not what is passing through it. Also if it is originating from with in the network you shouldn't use a source address so that you catch everything.

Some more information you should be aware of the '-A' Appends this to the end of the chain. In other words if there is a rule that accepts the traffic before this one this rule will never take effect.

Another question is why is this not part of your set rules to begin with? Why wait until it is detected?

To answer your question I believe it is because of your spelling;

"OUPUT" -> Incorrect
"OUTPUT" -> Correct

This did not work for me either
Code:
iptables -A OUPUT -o tap2 -s 192.168.2.240 -p udp -m limit --limit 5/m -j ACCEPT
This did work for me
Code:
iptables -A OUTPUT -o tap2 -s 192.168.2.240 -p udp -m limit --limit 5/m -j ACCEPT
__________________

Regards
Robert

Linux
The adventure of a life time.

Linux User #296285
Get Counted
Lazydog is offline   Reply With Quote
Reply

« Previous Thread | Next Thread »

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off

Free Magazines
Run Your Own Web Server Using Linux & Apache - Free 191 Page Preview
Learn about everything you'll need to build and maintain your Linux servers, and to deploy Web applications to them.
subscribe
Open Source Security Myths Dispelled
Dispel the five major myths surrounding Open Source Security and gain the tools necessary to make a truly informed decision for your IT organization
subscribe
InformationWeek
InformationWeek is the only newsweekly you'll need to stay on top of the latest developments in information technology.
subscribe



All times are GMT. The time now is 08:11 AM.





Advertise About Us Contact Us Write For Us Archive Top
© 2000 - 2009 - All Rights Reserved - Property of  MAS Media

Content Relevant URLs by vBSEO 3.3.0 RC2