iptables

Moogle Stiltzkin · Post by **Moogle Stiltzkin** » Fri Jun 24, 2011 5:06 am

e..g i got a linksys e4200 router with victek's tomato raf firmware and it has an open vpn client. So i can setup vpn on there, so the qnap and other devices on my network, all benefit from having vpn setup on the router which is the main gateway.

Besides vpns they usually only provide you one license to use, so where else better to put it.

But someone mentioned that with ip tables, the qnap log can be much more powerful in managing ip access to the qnap, is that true ? Any examples ??

I can't think what else we could use the iptables for.

schumaku · Post by **schumaku** » Fri Jun 24, 2011 5:15 am

Moogle Stiltzkin wrote:But someone mentioned that with ip tables, the qnap log can be much more powerful in managing ip access to the qnap, is that true ? Any examples ??

Pretty good examples here just a few posts back - afraid, you have to learn iptables ... http://forum.qnap.com/viewtopic.php?f=24&t=7886#p205686

Moogle Stiltzkin · Post by **Moogle Stiltzkin** » Fri Jun 24, 2011 7:30 pm

schumaku wrote:
Moogle Stiltzkin wrote:But someone mentioned that with ip tables, the qnap log can be much more powerful in managing ip access to the qnap, is that true ? Any examples ??
Pretty good examples here just a few posts back - afraid, you have to learn iptables ... http://forum.qnap.com/viewtopic.php?f=24&t=7886#p205686

*looks

jadlak · Post by **jadlak** » Thu Jul 07, 2011 2:04 pm

+1.

iptables was the reason I came to these forums searching. kinda disappointed that I can't use this machine for that. it isn't just a NAS. this is a home server with NAS features. please fix up what seems to be a glaring hole in the implementation.

fantomas · Post by **fantomas** » Sat Jul 30, 2011 3:18 am

gbl wrote: Using a NAS means you're on an internal network. Which means you're behind a router. Which means your router is where your firewall configuration should reside on, not your NAS.

for uploading pictures to public gallery sites, or for viewing them from internet, also for accessing my data from internet, the NAS MUST be accessible somehow. So there's no way why people wouldn't want to use their NAS as home router. Note that WRT routers run on much slower hardware...

Dude-PWB- · Post by **Dude-PWB-** » Sat Nov 26, 2011 7:48 am

Just to renew the call for iptables, this is something that is needed for these devices. Almost any linux distribution (client/server) out there comes with iptables enabled by default.

michlv · Post by **michlv** » Mon Dec 05, 2011 7:26 am

Another call to add iptables.

Need it for traffic shapping, so when backup over internet runs it does not fill my upstream completely (sometimes for a few days). ADSL router does not support anything like that and to buy extra device just for traffic shapping seems as waste of electricity.

Eddy73 · Post by **Eddy73** » Sun Feb 26, 2012 10:50 pm

+1

Need also IPTABLES. Running now the latest firmware (3.6.0) but still got the error below:

[/etc/init.d] # iptables -A PREROUTING -t nat -i eth0 -p tcp --source testing.dyndns.org --dport 12345 -j DNAT -d 192.168.1.10
modprobe: could not parse modules.dep

iptables v1.4.12: can't initialize iptables table `nat': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.

JCadet974 · Post by **JCadet974** » Mon Feb 27, 2012 8:23 am

+1
Same as Eddy73. Last firmware 3.6.0. but still this uggly error. Nthis does not make sense.

schumaku · Post by **schumaku** » Tue Feb 28, 2012 8:51 pm

Nothing ugly - the message makes perfect sene: Check the examples on how to load the modules - see init_iptable_modules in /etc/init.d/vpn_openvpn.sh or /etc/init.d/vpn_pptp.sh

Eddy73 · Post by **Eddy73** » Sun Mar 04, 2012 8:44 pm

Thanks schumaku, this did help a bit.

Now i have only two problems with this iptables of QNAP:

When i give the following rule:
iptables -A PREROUTING -t nat -i eth0 -p tcp --source testme.dyndns.org --dport 12345 -j DNAT --destination 192.168.1.2:12345

This gives me the error: iptables v1.4.12: host/network `192.168.1.2:12345` not found

When i remove the port at 192.168.1.2:12345 then i get the error:

iptables v1.4.12: Couldn't load target `DNAT`: No such file or directory

Can anybody help me on this one?

Eddy73 · Post by **Eddy73** » Mon Mar 05, 2012 8:28 pm

Hi Philippe,

I would like to test that package. Can you give a downloadlink in a PM?

Cheers,
Eddy

Eddy73 · Post by **Eddy73** » Mon Mar 05, 2012 10:17 pm

Hi Philippe,

Thanks for the tar file. Tar is just good since I'll untar it on the nas itself.
As soon when I'm home tonight I will test this.

Cheers,
Eddy

lmu · Post by **lmu** » Tue Apr 17, 2012 2:51 am

Hi Philippe,

Could you please share the proc. to install your sources. If I understand well, we have to add the path of the provided lib folder in the file ld.so.conf and don't using other like bin, include, ... Correct ?

Can you also explain how to compile iptables on our NAS ?

Thanks in advance for your help,
Laurent

lmu · Post by **lmu** » Wed Apr 18, 2012 12:27 am

Sorry Philippe,

my question is not really how but what ... Because, for me the LD_LIBRARY_PATH or ld.so.conf are used to identify the lib path (not bin, include, etc.)

Perhaps you can be more clear on what you add in the ld.so.conf.

Something like (if build is the folder containing your sources) :
[anyPath]/build/lib
or perhaps
[anyPath]/build

Thanks in advance for your clarification,
Laurent

QNAP NAS Community Forum

iptables

Re: iptables

Re: iptables

Re: iptables

Re: iptables

Re: iptables

Re: iptables

Re: iptables

Re: iptables

Re: iptables

Re: iptables

Re: iptables

Re: iptables

Re: iptables

Re: iptables

Re: iptables