1

I am trying to run the following iptables command from https://github.com/farukuzun/notsodeep on ubuntu 20.04.1.

iptables -A INPUT -p tcp --tcp-flags SYN,ACK SYN,ACK --sport 443 -j NFQUEUE --queue-num 200 --queue-bypass

But the result of execution is as follows:

# iptables -A INPUT -p tcp --tcp-flags SYN,ACK SYN,ACK --sport 443 -j NFQUEUE --queue-num 200 --queue-bypass
iptables v1.8.4 (legacy): unknown option "--queue-num"
Try `iptables -h' or 'iptables --help' for more information.

And the following execution result makes it look like the NFQUEUE target doesn't exist on my machine at all:

# iptables -A INPUT -j NFQUEUE
iptables v1.8.4 (legacy): Couldn't load target `NFQUEUE':No such file or directory

Try `iptables -h' or 'iptables --help' for more information.

I'm embarrassed because it's a situation I've never seen before. As I expected, all commands should work fine.

Is this all because the Ubuntu system I'm using is based on WSL (https://docs.microsoft.com/windows/wsl/install-win10)?

Andrew Schulman
  • 8,561
  • 21
  • 31
  • 47
이형욱
  • 13
  • 3

2 Answers2

1

Check the output of these commands:

  • modinfo xt_NFQUEUE
  • lsmod | grep NFQUEUE
  • iptables -j NFQUEUE --help

Every xtables target consists of two parts:

  • Userspace library for iptables tool -- it parses command line arguments from user and translates it into a data structure, and vise versa to print rules from kernel
  • Kernel module, that processes the packets.

First two commands check the presence of the kernel module and the loading of it. Third rule checks the presence of the userspace library and list of supported options.

The first version WSL has very limited support of the native linux tools, because it doesn't use the Linux kernel itself, but use the translation of system calls to Windows NT kernel.

To get complete support of the iptables you should use the WSL2. It uses the real Linux kernel, not emulation over Windows NT kernel.

Anton Danilov
  • 4,874
  • 2
  • 11
  • 20
  • I've tried your answer. But it all printed out a message saying it didn't exist. `modinfo xt_NFQUEUE` printed `modinfo: ERROR: Module alias xt_NFQUEUE not found.`, and `lsmod | grep NFQUEUE` printed blank lines. My guess is that the xt_NFQUEUE module is not installed. I'm using WSL2 and have tested it on both ubuntu and debian. – 이형욱 Dec 29 '20 at 16:22
  • thank you for the reply! – 이형욱 Dec 29 '20 at 16:22
  • I got the idea from your answer. I'm trying to figure out how to install the xt_NFQUEUE kernel module myself. – 이형욱 Dec 29 '20 at 16:26
0

about installing the xt_NFQUEUE kernel module in WSL2,you need to custom your own WSL kenel.you can refer to the following website: https://gist.github.com/cerebrate/d40c89d3fa89594e1b1538b2ce9d2720

I must add something about including "NFQUEUE" in kernel,refer to figure below https://i.stack.imgur.com/FhGfy.png

Twsa Liu
  • 1