| teleshoes | anyway, has anyone written a gui like mobilehotspot for the n9, or perhaps just a nice script for doing iptables etc? | 21:01 |
|---|
| robertjw | I'm debugging an iptables issue, I normally feel good when I have the sources in front of me. | 01:29 |
|---|
| robertjw | i can run /sbin/iptables -L -v from a root terminal, but when running the same commnd from a root ssh over usb connection I get an error | 00:53 |
|---|
| pa | for natting one would need iptables | 16:11 |
|---|
| mschlens | iptables -A POSTROUTING -t nat -s 192.168.2.15/32 -j MASQUERADE | 11:46 |
|---|---|---|
| niwakame | RandomGuyOnBed you could maybe do some fancy iptables routing...but then no. Search at tmo | 14:19 |
| merlin1991 | jonni: did you get iptables back in? | 22:47 |
|---|---|---|
| merlin1991 | when I wanted todo usbnet quick and dirty I didn't find anything iptables related | 22:48 |
| jonni | merlin1991: even stock kernel has iptables, but you must mean custom modules | 22:48 |
| merlin1991 | I mean those "iptables" which are controlled via the "iptables" binary where you usually do things along the lines of iptables -t nat -A POSTROUTING -s 192.168.2.14 -o tun0 -j MASQUERADE | 22:49 |
| jonni | merlin1991: iptables alway have worked, you with masquarade you mean the NAT module, which is not compiled in my default. | 22:50 |
| robertjw | iptables errors out from a devel-su shell with a "you must be root" message. any tips on how to run iptables in harmattan? | 18:53 |
|---|---|---|
| robertjw | /sbin/iptables -L -vn | 18:54 |
| djszapi_ | someone used iptables previously, but it is not fully functional. | 18:55 |
| robertjw | devel_su and then develsh: that's the magic for running iptables | 19:09 |
| jonni | robertjw: devel-su+develsh is enough to run iptables | 20:45 |
| jonni | well sure, but all the iptables functionality that system script uses by default is avail with develsh | 20:56 |
| djszapi_ | jonni: http://mg.pov.lt/harmattan-irclog/search?q=iptable | 20:57 |
| jonni | yes, nat is not compiled in by default, so ofcourse that is not avail, but iptables with the all kernel default modules work with develsh. | 20:59 |
| jonni | afaik question was what was required to run iptables-binary, and develsh is enough for that. | 21:00 |
| djszapi_ | no, the question was with a certain iptable run | 21:00 |
| djszapi_ | and I mentioned not all the iptables functionalities are available | 21:01 |
| chem|st | iptables? | 23:52 |
|---|
| clau | I'm concerned with ppp, but also with iptables | 17:57 |
|---|
| ZogG_N9 | jonni, iptables ? =) | 15:49 |
|---|---|---|
| jonni | ZogG_laptop: yep, basicly UI fronend for iptables, since most people dont how to use them. | 15:49 |
| jonni | 'iptables for dummies' work name :) | 15:51 |
| ZogG_N9 | and iptables is neat | 15:53 |
| merlin1991 | iptables has no nat tbale | 22:18 |
|---|
| pa | i wonder whether aegis let root set iptables rules | 11:14 |
|---|---|---|
| jonni | pa: if you have net_admin and sys_module capas then yes you can set iptables rules. | 11:18 |
| franz` | is there anything different than usual on harmattan's iptables? | 07:48 |
|---|
| jonni | faenil: well you can always setup iptables to filter ports 67 and 68 and only allow specific ip through. | 20:21 |
|---|---|---|
| jonni | faenil: iptables is idiot-proof | 20:22 |
| itsnotabigtruck | well, i'm thinking at least ipsec and iptables stuff | 01:34 |
|---|---|---|
| Sazpaimon | iptables would be nice I gues | 01:34 |
| itsnotabigtruck | and it looks like the that mostly ends up being a bunch of ipsec / iptables stuff | 02:38 |
| itsnotabigtruck | i'm doing a modules build of the kernel right now, to add a whole bunch of netfilter/iptables stuff, ipsec stuff, and more crypto algorithms | 19:07 |
| itsnotabigtruck | lots of people want iptables nat | 19:49 |
|---|
| pa | once you jailbreak, you can set your own iptables rules :) | 00:02 |
|---|---|---|
| DocScrutinizer | show me the iptable rule that makes nokia account for maps work | 00:03 |
| admiral0 | want my iptables_nat | 19:56 |
|---|
| Richlv | iptables v1.4.8: can't initialize iptables table `filter': Permission denied (you must be root) | 04:28 |
|---|---|---|
| virtuald | richlv: develsh -c 'iptables -nL' | 04:48 |
| jonni | as its integrated into too many places, most likely it cannot be removed, but you can block it from working quite easily, etc/hosts, iptables, etc | 11:37 |
| lbt | yes - that's scriptable too | 14:20 |
|---|
| Jare | is anyone doing an iptables gui for the n9? I would prefer a reasonably configured firewall since iptables is already built-in | 23:57 |
|---|
| admiral0 | i want iptables mangle | 17:57 |
|---|---|---|
| alterego | If we don't have iptables how does the wi-fi hotspot work? | 17:59 |
| alterego | My N9 has iptables .. | 17:59 |
| admiral0 | alterego: iptables -t nat | 18:00 |
| admiral0_n9 | i didn't see nat and iptables -t nat returns saying module is not loaded | 19:42 |
|---|
| marsje | that needs iptables | 00:14 |
|---|---|---|
| marsje | I mean, the tool sshuttle calls iptables | 00:14 |
| marsje | and I did not make sshuttle, so in theory I don't control where it looks for iptables | 00:15 |
| marsje | sshuttle combines ssh and iptables into a simple vpn | 00:17 |
| marsje | I get: iptables v1.4.8: can't initialize iptables table `nat': Permission denied (you must be root) | 00:30 |
| marsje | djszapi: I get a slightly different error now, but I think there is some progress: iptables v1.4.8: can't initialize iptables table `nat': Table does not exist (do you need to insmod?) | 00:43 |
| Piru | with iptables | 23:08 |
|---|
| ieatlint | theoretically you could do it via sdk mode and iptables, as done on the n900 | 20:11 |
|---|
| SpeedEvil | iptables list? | 19:46 |
|---|
| DocScrutinizer | or even that, make IPtables PID aware | 19:22 |
|---|---|---|
| doomdog | iproute2, iptables, tun/tap maybe | 19:22 |
| DocScrutinizer | and an OS that allows to mess with iptables | 19:22 |
| flux | such as iptables | 13:26 |
|---|
| flux | you would use iptables and its QUEUE target | 14:57 |
|---|---|---|
| flux | iptables does static rules of course as well | 14:58 |
| flux | iptables is in /sbin/iptables | 14:59 |
| flux | but hey, iptables works now, that was going to be my other question :) | 12:39 |
|---|
| frals | mece: disable the iptables line in /etc/network/if-up.d/ | 11:11 |
|---|---|---|
| frals | mece: well if the rule is there already i guess you need to flush iptables | 11:22 |
| frals | ... i guess that would be the aegis friendly way of doing it instead of messing with the drop_gprs script... assuming root is allowed to mess with iptables :( | 11:23 |
| ieatlint | i looked at that... couldn't get iptables to access the filter table | 11:23 |
| frals | petteri: afaik iptables drops the packages when on 3g, but i might be wrong | 11:59 |
|---|
| zx2c4 | iptables v1.4.8: can't initialize iptables table `nat': Table does not exist (do you need to insmod?) | 19:33 |
|---|
| djszapi | done on the phone: route add default gw 192.168.2.14 | done on the PC: iptables -A POSTROUTING -t nat -s 192.168.2.15/32 -j MASQUERADE && echo 1 > /proc/sys/net/ipv4/ip_forward | 04:00 |
|---|
| djszapi | Hi! Could someone tell me a use case when someone would like to use iptable on the phone ? | 11:29 |
|---|---|---|
| djszapi | I am asking it because iptable would like to have NET_ADMIN credential which is again something very powerful. | 11:30 |
| flux | traffic control is done with iptables (and iproute2) | 11:31 |
| Qantourisc | reminds me ... iptables ? | 11:01 |
|---|
| DocScrutinizer | there are some magic iptables incantations to do this | 15:51 |
|---|
| mgedmin | devel-su; develsh; /sbin/iptables -vnL --> yay iptables are there! | 13:48 |
|---|---|---|
| mgedmin | /sbin/iptables -vnL -t nat -> f%%k, no NAT support | 13:49 |
| SpeedEvil | djszapi: How do you overcome the lack of iptables in kernel? | 13:54 |
| djszapi | 7:ip_tables 8122 1 iptable_filter | 13:55 |
| djszapi | SpeedEvil: lsmod | grep -rni iptable | 13:55 |
| djszapi | 6:iptable_filter 1854 1 | 13:55 |
| mgedmin | djszapi, now try /sbin/modprobe iptable_nat :) | 13:56 |
| SpeedEvil | (11:49:03 AM) mgedmin: /sbin/iptables -vnL -t nat -> f%%k, no NAT support | 13:56 |
| DocScrutinizer | djszapi: [2011-07-28 12:49:03] <mgedmin> /sbin/iptables -vnL -t nat -> f%k, no NAT support | 13:56 |
90 matches in 3614 log files with 780707 lines (3.4 seconds).
Generated by irclogsearch.py 2.15.1 by Marius Gedminas - find it at mg.pov.lt!