Results 1 to 2 of 2

Thread: iptables owner match support

  1. #1
    Just burned his ISO
    Join Date
    Sep 2010
    Posts
    5

    Default iptables owner match support

    I have encountered what appears to be a bug with the iptables owner match function on backtrack 4 r1. Actually I guess it's not really a bug because this feature is turned off by default in the config.. but it looks like there's something preventing this from working properly if enabled as a module.

    by default owner matching is not compiled at all according to the config in /boot
    Code:
    # CONFIG_NETFILTER_XT_MATCH_OWNER is not set
    I copied config from /boot and did "make menuconfig" and then "make prepare" and then "make M=net" and then after xt_owner.ko was built I did depmod and then modprobe. I can see that the module is loaded but it doesn't appear to function properly.

    EDIT: I decided to start fresh with a cloned backup. This time I followed directions from

    http://www.g-loaded.eu/2005/12/20/bu...kernel-module/

    Code:
    cd usr/src/linx-source-2.6.34
    make CONFIG_NETFILTER_XT_MATCH_OWNER=m M=net/netfilter
    cd net/netfilter
    cp xt_owner.ko /lib/modules/2.6.34/kernel/net/netfilter
    cd /lib/modules/2.6.34/kernel/net/netfilter
    depmod xt_owner.ko
    modprobe xt_owner
    same result.

    issuing the command
    Code:
    iptables -t nat -A OUTPUT -p tcp -m owner --uid-owner ettercap --destination-port 80 -j REDIRECT --to-port 10000
    returns error
    Code:
    iptables: Protocol wrong type for socket
    prior to install the same command would return
    Code:
    iptables: No chain/target/match by that name
    I have come across a few other threads with this error but no solutions. The only person claiming to get this to work on the backtrack forums was using a diff kernel. I've been googling this for days. Can someone please confirm or deny if this is even possible on R1? Oh and forgot to mention, I have also removed and reinstalled iptables via apt-get with no change.

    https://bugs.launchpad.net/ubuntu/+s...es/+bug/518493
    [ubuntu] Iptbables issue - Ubuntu Forums
    http://www.backtrack-linux.org/forum...tch-owner.html
    sslsniff or sslstrip & transparent Squid3 - Remote Exploit Forums

    my lsmod
    Code:
    root@bt:/usr/src/linux-source-2.6.34/net/netfilter# lsmod
    Module                  Size  Used by
    xt_owner                 819  0
    xt_multiport            2191  0
    ipt_REDIRECT             795  0
    xt_tcpudp               1827  0
    iptable_nat             3242  0
    nf_nat                 12023  2 ipt_REDIRECT,iptable_nat
    nf_conntrack_ipv4       8739  3 iptable_nat,nf_nat
    nf_conntrack           41039  3 iptable_nat,nf_nat,nf_conntrack_ipv4
    nf_defrag_ipv4           807  1 nf_conntrack_ipv4
    aes_i586                6860  3
    aes_generic            25686  1 aes_i586
    ipv6                  213785  10
    i915                  234023  2
    drm_kms_helper         23317  1 i915
    drm                   129932  4 i915,drm_kms_helper
    sbs                     8449  0
    sbshc                   2600  1 sbs
    acpi_cpufreq            5455  0
    cpufreq_stats           3065  0
    cpufreq_powersave        626  0
    cpufreq_performance      630  0
    cpufreq_ondemand        6601  2
    freq_table              1999  3 acpi_cpufreq,cpufreq_stats,cpufreq_ondemand
    cpufreq_conservative     7556  0
    iptable_filter           876  0
    ip_tables               9295  2 iptable_nat,iptable_filter
    x_tables               10096  7 xt_owner,xt_multiport,ipt_REDIRECT,xt_tcpudp,iptable_nat,iptable_filter,ip_tables
    parport_pc             18091  0
    lp                      7036  0
    parport                24463  2 parport_pc,lp
    snd_hda_codec_realtek   189078  1
    snd_hda_intel          18246  0
    snd_hda_codec          55869  2 snd_hda_codec_realtek,snd_hda_intel
    snd_hwdep               4634  1 snd_hda_codec
    snd_pcm_oss            33571  0
    snd_mixer_oss          12346  1 snd_pcm_oss
    snd_pcm                57794  3 snd_hda_intel,snd_hda_codec,snd_pcm_oss
    option                 14643  0
    rtc_cmos                7678  0
    rtc_core               11351  1 rtc_cmos
    rtc_lib                 1526  1 rtc_core
    arc4                    1038  2
    snd_seq_dummy           1015  0
    ecb                     1557  2
    video                  15442  1 i915
    output                  1288  1 video
    snd_seq_oss            23461  0
    snd_seq_midi            3720  0
    eeepc_wmi               2593  0
    sparse_keymap           2159  1 eeepc_wmi
    snd_rawmidi            14527  1 snd_seq_midi
    snd_seq_midi_event      4304  2 snd_seq_oss,snd_seq_midi
    snd_seq                40162  6 snd_seq_dummy,snd_seq_oss,snd_seq_midi,snd_seq_midi_event
    usbserial              25922  1 option
    snd_timer              14918  2 snd_pcm,snd_seq
    snd_seq_device          4165  5 snd_seq_dummy,snd_seq_oss,snd_seq_midi,snd_rawmidi,snd_seq
    snd                    38765  12 snd_hda_codec_realtek,snd_hda_intel,snd_hda_codec,snd_hwdep,snd_pcm_oss,snd_mixer_oss,snd_pcm,snd_seq_oss,snd_rawmidi,snd_seq,snd_timer,snd_seq_device
    ath9k                  64574  0
    ath9k_common            2005  1 ath9k
    rtl8187                52142  0
    ath9k_hw              207042  2 ath9k,ath9k_common
    mac80211              199768  3 ath9k,ath9k_common,rtl8187
    ath                     6600  2 ath9k,ath9k_hw
    psmouse                31899  0
    cfg80211              119135  5 ath9k,ath9k_common,rtl8187,mac80211,ath
    iTCO_wdt                8709  0
    rfkill                 11984  1 cfg80211
    serio_raw               3344  0
    eeprom_93cx6             964  1 rtl8187
    atl1c                  27779  0
    led_class               1779  2 ath9k,rtl8187
    iTCO_vendor_support     1465  1 iTCO_wdt
    soundcore               4239  1 snd
    snd_page_alloc          5469  2 snd_hda_intel,snd_pcm
    wmi                     5129  1 eeepc_wmi
    intel_agp              23876  2 i915
    agpgart                22417  3 drm,intel_agp
    shpchp                 25507  0
    joydev                  7728  0
    evdev                   6681  15
    aufs                  130221  2261
    squashfs               18933  1
    sg                     19941  0
    fuse                   49697  1
    Last edited by zestforlife; 09-02-2010 at 11:35 PM.

  2. #2
    Just burned his ISO
    Join Date
    Feb 2010
    Posts
    3

    Default Re: iptables owner match support

    Hello all,

    I have the same problem with BT4R1.
    I recompiled modules (as I did in BT4) but with no success.
    Has anybody a solution?

    Dali.

Similar Threads

  1. iptables --match owner
    By da410li in forum Beginners Forum
    Replies: 2
    Last Post: 02-10-2010, 01:23 PM
  2. BT3 MAC xx:xx:xx:xx:xx doesn't match the specified mac (-h)
    By duckyshucky in forum OLD Newbie Area
    Replies: 0
    Last Post: 06-20-2009, 09:11 PM
  3. how match WLAN and GPS data
    By TheMrOrange in forum OLD General IT Discussion
    Replies: 0
    Last Post: 04-07-2009, 04:28 PM
  4. Ubiquiti SRC 300 owner's opinion wanted.
    By uunfews in forum OLD Newbie Area
    Replies: 0
    Last Post: 03-24-2009, 09:44 PM
  5. First time Mac owner, some questions with USB booting BT4
    By phillyred79 in forum OLD Newbie Area
    Replies: 5
    Last Post: 02-24-2009, 06:51 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •