I just compiled a LEDE build for my wrt1900ac. i selected most iptables addons that i think should support geo filtering. However when i try to run the iptables command with geo filtering it gives an error:
iptables -A INPUT -m geoip ! --src-cc CN,CO,SG,YC,OD,ES -i eth1.2 -m conntrack --ctstate NEW -j DROP
Error loading shared library libnetfilter_conntrack.so.3: No such file or directory (needed by /usr/sbin/iptables)
Error loading shared library libnfnetlink.so.0: No such file or directory (needed by /usr/sbin/iptables)
i have the following iptables packages installed on the router:
iptables-mod-geoip
kmod-ipt-geoip
kmod-ipt-conntrack
kmod-ipt-conntrack-extra
kmod-nf-conntrack
kmod-nf-conntrack6
Thanks. While ive sorted out the setup and all. But looks like the block rule is working/or getting triggered.
i can see the geoip block rule in my firewall. However when i test by coming into my home from the outside (using a vpn to seem like im coming from one of the blocked coutries). Im still able to hit my internal webserver, etc…And i dont see the packaets being dropped on my firewall.
Just wondering where can i get more help on this, From the looks of it, my setup it correct.
ok. while i can also find it in the same path using the find command. i cannot find the 'xtables-addons' as a package that i can select to be inclluded in my build.Sorry im not an expert at development. Just enough knowledge to compile a custom image using the LEDE build environment.
see attached picture when i search in the make menuonfig interface. I only find those two entries.
I don't find it either. Might be a bug in the package or the build system as it should be under Network > Firewall
define Package/xtables-addons
SECTION:=net
CATEGORY:=Network
SUBMENU:=Firewall
TITLE:=Extensions not distributed in the main Xtables
URL:=http://xtables-addons.sourceforge.net/
endef