iptables - IP packet filter administration
ChangeLog
HOWTO
# iptables 1.4.13
# ===============
# Slackware 12.0: iptables 1.3.8
# Slackware 12.1: iptables 1.4.0
# Slackware 12.2: iptables 1.4.2
# Slackware 13.0: iptables 1.4.3.2
# Slackware 13.1: iptables 1.4.7
# Slackware 13.37: iptables 1.4.10
# Prerequisites:
# Linux kernel version: >= 2.4.4
# pkg-config
# libnfnetlink
# The 1.4.9 release (2010/08/03) of iptables supports all of the new
# features of the 2.6.35 kernel
# You do not need kernel source to build iptables. You do need what some
# might call "glibc-devel" (the full glibc with headers and such), and
# linux-kernel-headers, and of course a compiler like gcc.
# If you have trouble with the http link below, try FTP:
# ftp://ftp.netfilter.org/pub/iptables/iptables-1.4.13.tar.bz2
# If you ever want to uninstall iptables or clean up files from an old
# version before installing this one, skip down to the bottom for
# instructions
# If you are remotely connected to the machine you're upgrading iptables on,
# and it's iptables rules are allowing you in there, you should be VERY,
# VERY careful when doing this.
# Get it
cd
test -f installed/iptables-1.4.13.tar.bz2 &&
mv installed/iptables-1.4.13.tar.bz2 .
test ! -f iptables-1.4.13.tar.bz2 &&
wget http://www.netfilter.org/projects/iptables/files/\
iptables-1.4.13.tar.bz2
# Verify tarball w/ md5sum:
echo "40a15608ec57b50e9377cace546dd115 iptables-1.4.13.tar.bz2" | md5sum -c
# Verify tarball w/ sha1sum:
# (this came from my gpg-verified tarball)
echo "bf1f1896e052d1813a7c96fa70f88be8dab3ff86 iptables-1.4.13.tar.bz2" | \
sha1sum -c
# Verify tarball w/ gpg:
( gpg --list-keys BB5F58CC > /dev/null 2>&1 || gpg --recv-keys BB5F58CC ) &&
wget -nc http://ftp.netfilter.org/pub/iptables/iptables-1.4.13.tar.bz2.sig &&
gpg --verify iptables-1.4.13.tar.bz2.sig && rm iptables-1.4.13.tar.bz2.sig
# Extract the source, clean up old versions
mkdir -p -m 0700 src
cd src
find -maxdepth 1 -type d -name "iptables-*" -exec rm -r {} \;
tar xjvf ~/iptables-1.4.13.tar.bz2
cd iptables-1.4.13
test $UID = 0 && chown -R root:root .
# Configure and build it
./configure --prefix=/usr --mandir=/usr/man --docdir=/usr/doc \
--enable-devel --enable-libipq
make
# Become root to install it
su
# Remove the Slackware package, if there is one
test -x /sbin/removepkg && /sbin/removepkg iptables
# Remove old shared library files, install it
( cd /usr/lib ; rm -f libxtables.so.* libxtables.so libxtables.la )
make install
ldconfig
# If this was an upgrade for you, check /usr/libexec/xtables for files with
# a different date. Those are from old versions and can be deleted. If
# your last version goes a ways back, if you have a /usr/lib/iptables, you
# can zap that too.
# Make sure your non-root user can remove the source later
chown -R $(logname) .
chmod -R u+w .
# Become yourself again
exit
# Keep the tarball for later
cd
mkdir -p -m 0700 installed
rm -f installed/iptables-*.tar.*
mv iptables-1.4.13.tar.bz2 installed/
# If you want to check out patch-o-matic, read the
# Netfilter Extensions HOWTO
# If you ever want to uninstall iptables, this should do it:
# ('make uninstall' as root should do it, the rest is just in case or if
# you don't even have the source)
cd
su
test -d src/iptables-* && ( cd src/iptables-* ; make uninstall )
rm -f /usr/bin/iptables-xml /usr/libexec/xtables
( cd /usr/include
rm -f libipq/libipq.h libiptc/ipt_kernel_headers.h libiptc/libip6tc.h \
libiptc/libiptc.h libiptc/libxtc.h xtables.h )
( cd /usr/lib
rm -f libipq.* libiptc/libip4tc.* libiptc/libip6tc.* libiptc/libiptc.* \
libxtables.* )
( cd /usr/lib/pkgconfig ; rm -f libiptc.pc xtables.pc )
( cd /usr/man/man3
rm -f ipq_create_handle.3 ipq_destroy_handle.3 ipq_errstr.3 \
ipq_get_msgerr.3 ipq_get_packet.3 ipq_message_type.3 ipq_perror.3 \
ipq_read.3 ipq_set_mode.3 ipq_set_verdict.3 libipq.3 )
( cd /usr/man/man8
rm -f ip6tables.8 ip6tables-restore.8 ip6tables-save.8 iptables.8 \
iptables-restore.8 iptables-save.8 iptables-xml.8 )
( cd /usr/sbin
rm -f ip6tables ip6tables-multi ip6tables-restore ip6tables-save \
iptables iptables-multi iptables-restore iptables-save )
ldconfig
exit
find ~/src -maxdepth 1 -type d -name "iptables-*" -exec rm -r {} \;
rm -f ~/installed/iptables-*.tar.*
List of HOWTOs
Web page itself last updated: 2023-12-20 8:06pm (EST -0500)
HOWTO last updated: 2012-03-29 11:17pm
Copyright © 2001-2024 Jason Englander. All Rights reserved.
HOWTO last updated: 2012-03-29 11:17pm
Copyright © 2001-2024 Jason Englander. All Rights reserved.
![[HTML5]](HTML5_Logo_64-black.png){kind=logo}
