DA-Kiss - DirectAdmin specific firewall based on Kiss v2.0

[root@server root]# rpm -qa | grep iptables
iptables-1.2.8-13
iptables-1.2.9-1.0
[root@server root]#
 
Perhaps, but since it's not DA specific, but Fedora specific, I'd think you'd stand a better chance there.

You can join here.

Jeff
 
Code: 
ls /lib/modules/$(uname -r)/kernel/net/ipv4/netfilter/ip_tables.o /lib/modules/$(uname -r)/kernel/net/ipv4/netfilter/ipt_state.o /lib/modules/$(uname -r)/kernel/net/ipv4/netfilter/ipt_multiport.o

Output?

Chris
 
[root@server root]# ls /lib/modules/$(uname -r)/kernel/net/ipv4/netfilter/ip_tables.o /lib/modules/$(uname -r)/kernel/net/ipv4/netfilter/ipt_state.o /lib/modules/$(uname -r)/kernel/net/ipv4/netfilter/ipt_multiport.o
ls: /lib/modules/2.4.26-HN-1.6-i686/kernel/net/ipv4/netfilter/ip_tables.o: No such file or directory
ls: /lib/modules/2.4.26-HN-1.6-i686/kernel/net/ipv4/netfilter/ipt_state.o: No such file or directory
ls: /lib/modules/2.4.26-HN-1.6-i686/kernel/net/ipv4/netfilter/ipt_multiport.o: No such file or directory
[root@server root]#
 
i'll get you the information you need in the morning, but it will involve compiling a kernel, and adding specific modules... try using up2date to check if theres a new kernel there also, as the redhat kernels should already have the support... that may just be quick fix :)

Chris
 
I sent the problem to the Fedora list. I'm just waiting for their reply now.
 
They suggested a kernel upgrade. It's quite a process (basically what ProWebUK said).
 
I try and update the new kernel, but no reaction of kiss.
I use the firewall of fedore core 2 and after "playing" with the options I get all working and secured now (I hope)
 
latest kiss install script?

is the first post the latest available script or are there updates for de DA version? do i have to check things before i install ? (redhat9)
 
Hey,

These are the changes I made for RH9 to the kiss file:
The install puts it here: /usr/bin/kiss
Be sure to back it up before changing anything.

Under this section:

# ALL DONE WITH CONFIGURATIONS!

I added this line:

IFCONFIG="/sbin/ifconfig"

And under this section:

# Determine MAIN_IP & SERVER_IPS if needed

I changed this:

MAIN_IP=`ifconfig eth0 | grep inet | cut -d: -f2 | awk '{print $1}'`

to this:

MAIN_IP=`$IFCONFIG eth0 | grep inet | cut -d: -f2 | awk '{print $1}'`

Basically, just change ifconfig to be a variable so I could set it's path.

David
 
Last edited:
redhat 9

and you used the customized DA-kiss scipt? do i need to change anything else in the config file?
 
Hey,

Yes, I used the customized DA-kiss script...

Yes, that's the only changes I made.

David
 
since the problem is with the path (ifconfig rather than /sbin/ifconfig) my guess is you are logging in as root using:

su

rather than:

su -

Chris
 
skruf said:
The install puts it here: /usr/bin/kiss
Click to expand...
That's not really a good place for it.

It's a local addition, designed to be run only by a systems administrator.

My guess is it should be in /usr/local/sbin.

But what do I know :) .

I admin a lot of systems and I don't want to install it each time.

So I have one copy on my desktop system, and I just copy it in, and install it on, each new server.

If you'd like a copy, let me know by email (NOT by private message). My email address is in my sig.

If you get it, be sure to read my notes; it may require changes depending on your environment, but they're all well documented.

I agree with Chris that if you're properly logged in as root (either by direct login, or by "su -" then you won't need the path to ifconfig.

Jeff
 
Hey,

since the problem is with the path (ifconfig rather than /sbin/ifconfig) my guess is you are logging in as root using:

su

rather than:

su -
Click to expand...

Damn, hate when that happens... That was it.

That's not really a good place for it.
Click to expand...

I just left it where it was placed...

This is the first time I used it and future use probably won't include tarring it on the server. (Like you mentioned.)

Obviously, there are no changes needed like I mentioned above...

Unless of course, like me, you're trying to learn a little script writing...

David
 
You must log in or register to reply here.
Back
Top