[cod] Updating iptables if you don't have the --reap option of the recent module

Boyd G. Gafford Ph.D. drboyd at westportresearch.com
Fri Apr 20 10:40:58 EDT 2012 

Just a note about using the protection scripts under some Linux 
distributions (especially older ones).  The protection scripts use the 
recent iptables module with the --reap parameter in order to expire 
whitelisted players that have quit playing on the server.  You really 
need this in order for the scripts to work.

Escaped Turkey first reported this with Centos 6.2, so I installed this 
distribution on a VPS and verified it.  If you are using another flavor 
of Linux, you can check to see if the --reap parameter is already 
supported by doing a:

main iptables

followed by

/--reap[enter]

If you see "pattern not found", then you don't have an iptables that 
supports the --reap option, and need to update your iptables.  If your 
cursor lands on the option, then are are already good to go.

*In the case of most older Linux distributions, try updating them via 
the normal update process for the distribution first.  This usually gets 
you a newer iptables from the distribution's repository, which works 
nearly all of the time.*

However Centos 6.2 is a recent distribution, but for some reason --reap 
doesn't work.  So the best option is to update iptables to the latest.  
Here's how I did it (from root).  First off, if you don't have gcc or 
make installed, you need to do that first:

# yum install gcc
# yum install make

Now just do the following, which downloads the latest iptables source, 
builds it and makes it active.

# cd /root
# wget www.netfilter.org/projects/iptables/files/iptables-1.4.13.tar.bz2
# tar -jxvf iptables-1.4.13.tar.bz2
# cd iptables-1.4.13
# ./configure
# make
# make install
# cp /usr/local/sbin/xtables-multi /sbin/iptables-multi

And you are done!  Now your iptables module is updated to 1.4.13, 
complete with --reap option for the dynamic expiration of whitelisted 
players.

And of course the process here is very similar if you have other 
distributions.

Good luck,

/  Boyd/

/__________________________________
Boyd G. Gafford Ph.D.
Manager of Software Development
Westport Research Associates Inc.
7001 Blue Ridge Blvd
Raytown, MO 64133
(816) 358-8990
drboyd at westportresearch.com
/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://icculus.org/pipermail/cod/attachments/20120420/10411d80/attachment.htm>

More information about the cod mailing list