Closed SHolzhauer closed 1 year ago
Hi @SHolzhauer,
Thanks so much for reporting this. Would you mind telling which version of Ubuntu you are using? Ill have to look into getting those iptables to work.
@jayjb this happens on both ubuntu20.04 as well as within the docker image based on the dockerfile
You might need to launch your docker containers with NET_ADMIN
capability to allow managing traffic via iptables. By default containers are pretty limited ( for a good reason ;-) ) with capabilities.
docker run --cap-add NET_ADMIN <your_image_name>
So i added the capability mentioned to the container and it is now returning these errors:
iptables: Bad rule (does a matching rule exist in that chain?).
Will try to figure out how to fix that
It might have to do with me trying to use AWS ECS, but then again its still an linux host with a docker container
Hi @SHolzhauer,
We don't recommend running portscan.py
module if you are using the Docker version because iptables
in docker may have unexpected consequences. Afaik, docker uses iptables
to do some of its networking which is why we don't recommend it.
Hi @SHolzhauer,
So this issue has brought about two separate considerations that I wanted to mention and say thanks for bringing to light:
iptables v1.8.7 (nf_tables)
is actually a symlink to nftables
which is the new NetFilter program replacing iptables. The iptables
change is interesting because we would need to cater for the new nftables
formatting instead of regular iptables
however there is another path, /usr/sbin/iptables-legacy
which is the old school iptables. So I've kicked off a discussion of using the legacy iptables
vs using nftables
Hi,
When running the portscan module there is an error on start. After some trying around and digging into portscan.py I found out the iptables statements there are not supported with the current 1.8.7 version installed on ubuntu by default.
Is this know/what version of Iptables is expected?