проблемы с iptables in Вопросы по сборке и настройке Opkg Posted October 24, 2019 · Edited October 24, 2019 by Yma Друзья, после обновления возникли проблемы с iptables. Ни как не могу разобраться, прошу подсказать. При использовании команд: iptables -t nat -A PREROUTING -p udp --dport 53 -m string --hex-string "|056f6e696f6e00|" --algo bm -j REDIRECT --to-ports 5300 iptables -t nat -A OUTPUT -p udp --dport 53 -m string --hex-string "|056f6e696f6e00|" --algo bm -j REDIRECT --to-ports 5300 iptables -t nat -A PREROUTING -p tcp -m multiport --dports 80,443 -m set --match-set blacklist dst -j REDIRECT --to-port 9040 iptables -t nat -A OUTPUT -p tcp -m multiport --dports 80,443 -m set --match-set blacklist dst -j REDIRECT --to-port 9040 Стал получать ошибку: iptables: No chain/target/match by that name. Целиком скрипт выглядит так: #!/bin/sh [ "$table" != filter ] && exit 0 ipset -exist create blacklist hash:ip iptables -t nat -A PREROUTING -p tcp -d 10.192.0.0/10 -j REDIRECT --to-port 9040 iptables -t nat -A OUTPUT -p tcp -d 10.192.0.0/10 -j REDIRECT --to-port 9040 iptables -t nat -A PREROUTING -p udp --dport 53 -m string --hex-string "|056f6e696f6e00|" --algo bm -j REDIRECT --to-ports 5300 iptables -t nat -A OUTPUT -p udp --dport 53 -m string --hex-string "|056f6e696f6e00|" --algo bm -j REDIRECT --to-ports 5300 iptables -t nat -A PREROUTING -p tcp -m multiport --dports 80,443 -m set --match-set blacklist dst -j REDIRECT --to-port 9040 iptables -t nat -A OUTPUT -p tcp -m multiport --dports 80,443 -m set --match-set blacklist dst -j REDIRECT --to-port 9040 Текущая версия KeeneticOS: 3.1.10 Установленные пакеты: Spoiler root@:/opt/etc# opkg list-installed busybox - 1.31.0-1 ca-bundle - 20190110-1 curl - 7.66.0-1 dropbear - 2019.78-2 entware-release - 1.0-2 findutils - 4.6.0-4 glib2 - 2.58.3-3 grep - 3.3-1 ipset - 7.3-1 iptables - 1.4.21-3 ldconfig - 2.27-8 libattr - 2.4.48-2 libblkid - 2.34-1 libc - 2.27-8 libcap - 2.27-1 libcurl - 7.66.0-1 libevent2 - 2.1.8-3 libffi - 3.2.1-3 libgcc - 7.4.0-8 libiconv-full - 1.11.1-4 libintl-full - 0.19.8.1-2 libipset - 7.3-1 libmbedtls - 2.16.2-1 libmnl - 1.0.4-2 libmount - 2.34-1 libndm - 1.1.10-1a libopenssl - 1.1.1d-1 libpcre - 8.43-1 libpthread - 2.27-8 librt - 2.27-8 libslang2 - 2.3.2-4 libssh2 - 1.9.0-2 libssp - 7.4.0-8 libstdcpp - 7.4.0-8 libuuid - 2.34-1 locales - 2.27-8 mc - 4.8.23-2 ndmq - 1.0.2-5a opkg - 2019-06-14-dcbc142e-1 opt-ndmsv2 - 1.0-12 poorbox - 1.31.0-1 shellinabox - 2.20-2 sudo - 1.8.27-1 terminfo - 6.1-5 tor - 0.4.1.6-1 zlib - 1.2.11-3 zoneinfo-asia - 2019c-1 zoneinfo-europe - 2019c-1
проблемы с iptables
in Вопросы по сборке и настройке Opkg
Posted · Edited by Yma
Друзья, после обновления возникли проблемы с iptables. Ни как не могу разобраться, прошу подсказать.
При использовании команд:
iptables -t nat -A PREROUTING -p udp --dport 53 -m string --hex-string "|056f6e696f6e00|" --algo bm -j REDIRECT --to-ports 5300 iptables -t nat -A OUTPUT -p udp --dport 53 -m string --hex-string "|056f6e696f6e00|" --algo bm -j REDIRECT --to-ports 5300 iptables -t nat -A PREROUTING -p tcp -m multiport --dports 80,443 -m set --match-set blacklist dst -j REDIRECT --to-port 9040 iptables -t nat -A OUTPUT -p tcp -m multiport --dports 80,443 -m set --match-set blacklist dst -j REDIRECT --to-port 9040Стал получать ошибку:
iptables: No chain/target/match by that name.
Целиком скрипт выглядит так:
#!/bin/sh [ "$table" != filter ] && exit 0 ipset -exist create blacklist hash:ip iptables -t nat -A PREROUTING -p tcp -d 10.192.0.0/10 -j REDIRECT --to-port 9040 iptables -t nat -A OUTPUT -p tcp -d 10.192.0.0/10 -j REDIRECT --to-port 9040 iptables -t nat -A PREROUTING -p udp --dport 53 -m string --hex-string "|056f6e696f6e00|" --algo bm -j REDIRECT --to-ports 5300 iptables -t nat -A OUTPUT -p udp --dport 53 -m string --hex-string "|056f6e696f6e00|" --algo bm -j REDIRECT --to-ports 5300 iptables -t nat -A PREROUTING -p tcp -m multiport --dports 80,443 -m set --match-set blacklist dst -j REDIRECT --to-port 9040 iptables -t nat -A OUTPUT -p tcp -m multiport --dports 80,443 -m set --match-set blacklist dst -j REDIRECT --to-port 9040Текущая версия KeeneticOS: 3.1.10
Установленные пакеты:
root@:/opt/etc# opkg list-installed busybox - 1.31.0-1 ca-bundle - 20190110-1 curl - 7.66.0-1 dropbear - 2019.78-2 entware-release - 1.0-2 findutils - 4.6.0-4 glib2 - 2.58.3-3 grep - 3.3-1 ipset - 7.3-1 iptables - 1.4.21-3 ldconfig - 2.27-8 libattr - 2.4.48-2 libblkid - 2.34-1 libc - 2.27-8 libcap - 2.27-1 libcurl - 7.66.0-1 libevent2 - 2.1.8-3 libffi - 3.2.1-3 libgcc - 7.4.0-8 libiconv-full - 1.11.1-4 libintl-full - 0.19.8.1-2 libipset - 7.3-1 libmbedtls - 2.16.2-1 libmnl - 1.0.4-2 libmount - 2.34-1 libndm - 1.1.10-1a libopenssl - 1.1.1d-1 libpcre - 8.43-1 libpthread - 2.27-8 librt - 2.27-8 libslang2 - 2.3.2-4 libssh2 - 1.9.0-2 libssp - 7.4.0-8 libstdcpp - 7.4.0-8 libuuid - 2.34-1 locales - 2.27-8 mc - 4.8.23-2 ndmq - 1.0.2-5a opkg - 2019-06-14-dcbc142e-1 opt-ndmsv2 - 1.0-12 poorbox - 1.31.0-1 shellinabox - 2.20-2 sudo - 1.8.27-1 terminfo - 6.1-5 tor - 0.4.1.6-1 zlib - 1.2.11-3 zoneinfo-asia - 2019c-1 zoneinfo-europe - 2019c-1