Prev: Zeroconf/avahi
Next: any Linux aware system builders?
From: Simon Barr on 6 Feb 2007 10:45
Has anyone here ever used pam_iptables with Fedora core 4, kernel 2.6.17.8?

I'm trying to use it here with limited success, it's mostly working but it
won't remove the iptables rules it added when logging in.

I get a permission denied entry in messages when logging out...


Feb 6 15:20:19 fedora sshd(pam_unix)[5409]: session opened for user simon by (ui
d=0)
Feb 6 15:20:27 fedora PAM-iptables[5409]: Permission denied
Feb 6 15:20:27 fedora sshd(pam_unix)[5409]: session closed for user simon

Doesn't even work when logging in as root, so I'm not sure what is being
denied permission.


I see it hasn't been worked on for some time so I was wondering if there is
might be some known incompatibility.


Maybe I can acheive the same using something other than pam_iptables, does
anything else exist that can dynamically create/destroy iptables rules when
logging in using ssh?

TIA.

Simon.

--
simon at sbarr dot demon dot co dot uk
Simon Barr.
'97 110 300Tdi.
From: Simon Barr on 9 Feb 2007 06:20
In article <52rm45F1p18q4U1(a)mid.individual.net>, Simon Barr wrote:
> Has anyone here ever used pam_iptables with Fedora core 4, kernel 2.6.17.8?
>

I guess I'm the only one then!

:-)


>
> Maybe I can acheive the same using something other than pam_iptables, does
> anything else exist that can dynamically create/destroy iptables rules when
> logging in using ssh?
>

I've found an alternative in AuthIPGate at:

http://www.sc.isc.tohoku.ac.jp/~hgot/sources/authipgate.html

I was able to hack it about a little bit and achieve what I wanted, hopefully
it will help someone else too.

Simon.

--
simon at sbarr dot demon dot co dot uk
Simon Barr.
'97 110 300Tdi.
 | 
Pages: 1
Prev: Zeroconf/avahi
Next: any Linux aware system builders?