0

I'm currently working on a project of making an highly secured router with my RaspberryPi to navigate anonymously on the net. Yet, I'm not able to correctly transfer the Internet connection to the new server:

pi@raspberrypi:~ $ sudo iptables -t nat -A FORWARD -i eth0 -o wlan0 -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables: No chain/target/match by that name.

After some research on the message error: It seems that maybe I forget to compile the module or forget to do a depmod (but I don't understand what does that mean...)

Indeed I did:

  • SSH connection to my Raspberry Pi: ssh [user]@[IP address]
  • installed the Dynamic Host Configuration Protocol sudo get-apt install hstapd isc-dhcp-server
  • configured DHCP by adding a # to the two options about domain name and suppressing # in front of the authoritative option seven lines under

  • adding

    subnet 192.168.42.0 netmask 255.255.255.0 { range 192.168.42.10 192.168.42.50; option broadcast-adress 192.168.42.255; option routers 192.168.42.1; default-lease-time 600; max-lease-time 7200; option domain-name "local"; option domain-name-servers 8.8.8.8, 8.8.4.4; }

to the file and saving it,

  • modified the DHCP server settings in order to be able to use it with a wireless adaptor: Interfaces ="wlan0"
  • set the Wifi adaptator with a static address an enabling it to receive incoming signals sudo nano /etc/network/interfaces adding a # to iface wlan 0 and to the following lines abiut anything connectod to wlan0

  • Gived to the interface a static IP address:

    iface wlan0 inet static address 192.168.XX.X netmask 255.255.255.0

saving.

  • Assign the wlan0 address 192.168.XX.X
  • creating the WLAN and configurating it
  • Modifying the Hostapd
  • Configurationg a NAT to do the network rooting.

  • Finally executing the two following commands to be sure that the connection has actually correctly been transfered:

    pi@raspberrypi:~ $ sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE pi@raspberrypi:~ $ sudo iptables -t nat -A FORWARD -i eth0 -o wlan0 -m state --state RELATED,ESTABLISHED -j ACCEPT iptables: No chain/target/match by that name.

Revolucion for Monica
  • 145
  • 8

1 Answers1

1

The error:

 iptables: No chain/target/match by that name

Some information from man iptables:

TABLES

filter:

This is the default table (if no -t option is passed). It contains the built-in chains INPUT (for packets destined to local sockets), FORWARD (for packets being routed through the box), and OUTPUT (for locally-generated packets).

nat:

This table is consulted when a packet that creates a new connection is encountered. It consists of three built-ins: PREROUTING (for altering packets as soon as they come in), OUTPUT (for altering locally-generated packets before routing), and POSTROUTING (for altering packets as they are about to go out).

And the command that generated the error with some indication of the cause, based on the documentation:

sudo iptables -t nat -A FORWARD -i eth0 -o wlan0 -m state --state RELATED,ESTABLISHED -j ACCEPT
                 ^^^    ^^^^^^^

So, as it says, there is no table nat with a chain FORWARD to do whatever it is you are intending to do there.

If you have not looked at iptables.info yet, BTW, it is worth doing some reading there. It has helped me in the past WRT using things such as hostapd and dhcpd (in an actual server context) -- although it does not talk about them directly, it does help to make sense of all those "Let's make a hotspot 1-2-3!" type blogs that are around which sometimes deal in cargo cult semantics. It never hurts to understand in detail what it is you are actually doing, even though this may seem like an impediment to rushing toward the 1-2-3 goal.

Unfortunately my own attitude toward networking on linux makes it difficult to offer other people specific advice about high level things, because I'm starting out from a fundamentally different perspective although really it is all the same software (such as iptables) involved.

Here's a couple of links from that site as examples of what I am talking about, that I think may be pertinent to your case:

And just reading down through the table of contents in the original link for a few minutes is worthwhile. To be a bit repetitive: If you are truly interested in doing this right you need to understand it, not just keep plugging away with the 1-2-3 type suggestions. This may require pushing the ultimate goal back a bit. That site is certainly hands down the best source of iptables related information on the internet and probably one of the best introductions to IP packet transfer protocols as well.

I am not claiming to be any kind of wizard with this stuff. You are more likely to find those people on Unix & Linux, just have your tish together and try to think about specific questions that can be generalized in a way that the answer might shed light on a mysterious issue too often glazed over by the 1-2-3 cargo cult blogs mentioned earlier.

Community
  • 1
goldilocks
  • 60,325
  • 17
  • 117
  • 234