Requesting Help

James A Griffin agriffin at cpcug.org
Fri Oct 26 18:03:46 UTC 2001 

Oscar Castro Nazar wrote:
> 
> Dear Srs:
> 
> We are having problems implementing IPTABLES, we have 1 PC as a Linux Server
> using Red hat 7.1, and we have the following configuration:
> * Webadmin 0.88
> * Apache 1.3.19
> * IpChains 0.80.6
> We need to use IPTABLES, this was installed on server since the begining,
> but when we try to run any command of  IPTABLES, the server lunch this
> errors:

ipchains and iptables are incompatable.  You cannot use both at the same
time on the same machine.  The error message below suggest that ipchains
is already running when you try to insmod the iptablems modules.

This is not a BIND issues and I suggest we take to private email.  I
have a script that I use to start iptables that I'll send you if you
would like.  It setup an internal net firewall for specific allowed
services and an NATed firewall for connection to the internet.  The
firewall is service specific and stateful.  Let me know what
distribution you are running.

Jim

> 
> /lib/modules/2.4.2-2smp/kernel/net/ipv4/netfilter/ip_tables.o: init_module:
> Device or resource busy
> Hint: insmod errors can be caused by incorrect module parameters, including
> invalid IO or IRQ parameters
> /lib/modules/2.4.2-2smp/kernel/net/ipv4/netfilter/ip_tables.o: insmod
> /lib/modules/2.4.2-2smp/kernel/net/ipv4/netfilter/ip_tables.o failed
> /lib/modules/2.4.2-2smp/kernel/net/ipv4/netfilter/ip_tables.o: insmod
> ip_tables failed
> iptables v1.2.1a: can't initialize iptables table  'nat': iptables who? (do
> you need to insmod?)
> Perhaps iptables or your kernel needs to be upgraded.
> 
> Our objective is:
> 
> We have 2 network cards with the following adresses:
> 
> * 172.16.100.2  : Is conected to a Cisco 2501 router, this at the same time
> is conected to our ISP who have a NAT to give  a real IP Adress to our Linux
> Server.
> * 172.16.1.1    : it is conected to our intranet.
> 
> We also have a Windows NT Server v.4.0 with an IIS and we want that some web
> pages can be published to the internet trough the linux server.  This web
> pages are ASP who show information of MS SQL 7.0, or dinamics pages from
> Office.  Having this situation we want that the NT 80 and 1433 ports, can be
> show on internet trough the linux server, USING JUST ONE IP ADDRESS.
> We understand that the only way to do this, is using NAT trough the IP
> TABLES, but it doesn't work right now.
> What do we have to do to resolve this problem and use IP TABLES and
> IPCHAINS.
> 
> Waiting for your prompt reply.
> 
> Thanks.
> 
> Oscar Castro
> Network Administrator
> Textiles Rio Lindo
> Honduras, C.A.

More information about the bind-users mailing list