Arch Linux

Saren

Member

Registered: 2014-04-02

Posts: 13

[SOLVED] xtables_addon + geoip: No chain/target/match by that name.

[SOLVED] iptables + xtables_addon + geoip: No chain/target/match by that name.

I am bored today and I wanted to test geoip filters in iptables.
I have installed this package from AUR https://aur.archlinux.org/packages/xtables-addons/
Following the instructions, I have ran these commands

# cd /usr/lib/iptables/xtables-addons/
# ./xt_geoip_dl
# ./xt_geoip_build -D /usr/share/xt_geoip *.csv

and as you see I have /usr/share/xt_geoip/ correctly installed.

$ ls /usr/share/xt_geoip/
total 32K
drwxr-xr-x 2 root root 16K 03.04.2015 02:11 BE/
drwxr-xr-x 2 root root 16K 03.04.2015 02:11 LE/

and mods are on.

$ modprobe -c | grep x_tab
alias symbol:xt_alloc_table_info x_tables
alias symbol:xt_check_match x_tables
alias symbol:xt_check_target x_tables
alias symbol:xt_compat_add_offset x_tables
alias symbol:xt_compat_calc_jump x_tables
alias symbol:xt_compat_flush_offsets x_tables
alias symbol:xt_compat_init_offsets x_tables
alias symbol:xt_compat_lock x_tables
alias symbol:xt_compat_match_from_user x_tables
alias symbol:xt_compat_match_offset x_tables
alias symbol:xt_compat_match_to_user x_tables
alias symbol:xt_compat_target_from_user x_tables
alias symbol:xt_compat_target_offset x_tables
alias symbol:xt_compat_target_to_user x_tables
alias symbol:xt_compat_unlock x_tables
alias symbol:xt_find_match x_tables
alias symbol:xt_find_revision x_tables
alias symbol:xt_find_table_lock x_tables
alias symbol:xt_find_target x_tables
alias symbol:xt_free_table_info x_tables
alias symbol:xt_hook_link x_tables
alias symbol:xt_hook_unlink x_tables
alias symbol:xt_proto_fini x_tables
alias symbol:xt_proto_init x_tables
alias symbol:xt_recseq x_tables
alias symbol:xt_register_match x_tables
alias symbol:xt_register_matches x_tables
alias symbol:xt_register_table x_tables
alias symbol:xt_register_target x_tables
alias symbol:xt_register_targets x_tables
alias symbol:xt_replace_table x_tables
alias symbol:xt_request_find_match x_tables
alias symbol:xt_request_find_target x_tables
alias symbol:xt_table_unlock x_tables
alias symbol:xt_unregister_match x_tables
alias symbol:xt_unregister_matches x_tables
alias symbol:xt_unregister_table x_tables
alias symbol:xt_unregister_target x_tables

But iptables just hates me when '-m geoip --src-cc' is present

# iptables -A FORWARD -m geoip --src-cc A1 -j MARK --set-mark 1
iptables: No chain/target/match by that name.
# iptables -A FORWARD -m geoip --src-cc A1 -j MARK --set-mark 1
iptables: No chain/target/match by that name.
# iptables -N SHIT
# iptables -A SHIT -m geoip --src-cc A1 -j MARK --set-mark 1
iptables: No chain/target/match by that name.

while normally

# iptables -A FORWARD -j MARK --set-mark 1
#

I am confused here even I have used ArchLinux as home server for 2 years.

Last edited by Saren (2015-04-06 07:09:12)

Amplificator

Member

Registered: 2015-04-03

Posts: 8

Re: [SOLVED] xtables_addon + geoip: No chain/target/match by that name.

I also wrote this in the AUR entry, but try doing "modprobe xt_geoip" and see what it says..

Saren

Member

Registered: 2014-04-02

Posts: 13

Re: [SOLVED] xtables_addon + geoip: No chain/target/match by that name.

I also wrote this in the AUR entry, but try doing "modprobe xt_geoip" and see what it says..

It simply says

modprobe: FATAL: Module xt_geoip not found.

Amplificator

Member

Registered: 2015-04-03

Posts: 8

Re: [SOLVED] xtables_addon + geoip: No chain/target/match by that name.

Then wait for the package maintainer to update the AUR.

Saren

Member

Registered: 2014-04-02

Posts: 13

Re: [SOLVED] xtables_addon + geoip: No chain/target/match by that name.

Then wait for the package maintainer to update the AUR.

I upgraded to xtables-addons-2.6-3 and did # depmod -a
now everything works like a charm!

Amplificator

Member

Registered: 2015-04-03

Posts: 8

Re: [SOLVED] xtables_addon + geoip: No chain/target/match by that name.

Then wait for the package maintainer to update the AUR.

I upgraded to xtables-addons-2.6-3 and did # depmod -a
now everything works like a charm!

depmod -a fixed it for me as well, thanks