1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

How Do I Upgrade iptables?

Discussion in 'HyperWRT Firmware' started by itsmeohmy, Mar 28, 2006.

  1. itsmeohmy

    itsmeohmy Network Guru Member

    right now the iptables version is v1.2.11 when I run iptables -h
    iptables 1.3.5 is out and I want to upgrade, how would I go about doing it? Would this process be the same for upating other things? Thanks!
     
  2. sirsanka

    sirsanka LI Guru Member

    re:

    I have a build of +tofu13c with iptables 1.3.5 and Layer7. I could send it to you if want it.

    :rockon:
     
  3. itsmeohmy

    itsmeohmy Network Guru Member

    Is there any way to upgrade iptables on the firmware I already have. I am using Thibor 14?
     
  4. Thibor

    Thibor Super Moderator Staff Member Member

    not without recompiling the firmware, no
     
  5. Thibor

    Thibor Super Moderator Staff Member Member

    sirsanka, would you be willing to send your sources to me? i may be able to get them into the next build if it all works without affecting performance and stability
     
  6. sirsanka

    sirsanka LI Guru Member

    Sure Thibor.
    To be honest, I didn't change much in the code except to be able to compile and and make iptable 1.3.4 and 1.3.5 work I had to:
    1. add libipt_TRIGGER.c, libipt_TRIGGER.d of +tofu9.
    2. add TRIGGER in the Makefile of iptables under "extensions" directory
    3. add "const struct in6_addr in6addr_any;" to ip6tables.c, although I should had but that definition in ip6tables.h.
    4. I uncomented DO_IPV6=0 in the Makefile so IPv6 support is not added. Though it would save space.

    There might still be an issue with Upnp but since I don't use it, it doesn't bothers me.

    PM me to where to send the sources.

    Juan
     
  7. LAGMonkey

    LAGMonkey Network Guru Member

    Sirsanka...do you feel that Tofu13c with IPtables and L7 is better than thibor 14?

    Im currently running Thibor14 on my WRT54G v2.2

    I wouldnt mind trying your modded firmware if your willing to send it to me.
     
  8. professordave

    professordave Network Guru Member

    iptables, what are these?

    Greetings,

    Can anyone describe what this thread is all about?
     
  9. sirsanka

    sirsanka LI Guru Member

    LAGMonkey,
    I think that thibor might be incorporating iptables 1.3.5 and layer7 to his firmware. He has been developing this firmware for a while and we trust his coding abilities. Also he told me that I missed a module for iptables that is needed for web filtering I believe. I don't use web filtering so I didn't catch the problem. I added it to tofu13c but I need to test it. After I test it, I can send it you.

    professordave,
    We are talking about iptables (NAT and firewall software) and Layer7 (Application Layer Packet Classifier for Linux, which can identify what kind of network traffic is passing through, good for QoS and traffic shaping).

    Juan
     
  10. LAGMonkey

    LAGMonkey Network Guru Member

    Ahhh cool. Thanks for the reply sirsanka and many many thanks to thibor and the team. I shall wait for the newest release with baited breath. :thumb: :D
     
  11. Thibor

    Thibor Super Moderator Staff Member Member

    team? i wish there was a bloody team :)
     
  12. professordave

    professordave Network Guru Member

    Okay IPTables 1.3.5?

    Okay os is iptables 1.3.5 an algorithm for computing which devices are on the network?

    Layer 7 is the application layer, like a web browser, do what does it mean to have it included in the build?
     
  13. Thibor

    Thibor Super Moderator Staff Member Member

    iptables 1.3.5 is: iptables is the firewall software, and 1.3.5 is the version
    layer7 is a protocol that examines packets to determine what they are for, and filters/performs qos on them according to rules determined by iptables
     
  14. professordave

    professordave Network Guru Member

    okay

    So looking up iptables in a search engine I see that it is a peice of open source software and not "a table of ip's"

    Okay and looking up layer7 you are referring to another piece of software linux os piece and not the OSI Layer 7.

    There new stuff to learn every day
     
  15. sirsanka

    sirsanka LI Guru Member

    LAGMonkey,
    With Layer7 added to the firmware we should expect a drop in performance since every packet needs to be inspected based in the rules that one uses. I haven't notice much drop in performance yet. I do see an increase in the Load average. Probably Thibor will have a better feel. If you still want to triy my modded tofu13c, drop me PM but I would suggest to wait for Thibor's version.

    Regards,
    Juan
     

Share This Page