Troubles installing tor-ddos script

[Heartbleed14]

Hello, i'm running Hyperbola GNU/Linux-libre
Kernel version: 5.10.106-gnu1-1-lts
nftables version: nftables v0.9.7 (Anyface)

when i try to install the script (iptables.sh) i get this error:
doas ./iptables.sh
./iptables.sh: line 4: iptables: command not found
./iptables.sh: line 18: iptables: command not found
./iptables.sh: line 19: iptables: command not found
./iptables.sh: line 20: iptables: command not found
./iptables.sh: line 21: iptables: command not found
./iptables.sh: line 22: iptables: command not found
./iptables.sh: line 23: iptables: command not found

I tried to translate the rules using my other machine with iptables installed, but didn't worked.

sudo iptables-translate -t mangle -A PREROUTING -p tcp --destination-port 443 -m recent --name tor-ddos --set
nft # -t mangle -A PREROUTING -p tcp --destination-port 443 -m recent --name tor-ddos --set

[Enkidu-6]

Hi,

Yes, iptables-translate chokes on a few of those rules.

I'm afraid Hyperbola is one of those operating systems with numerous modifications, including the fact that it no longer runs the standard Linux kernel and it's replaced systemd completely. It requires a lot of reading to get it up and running and I'm not familiar with it.

I'm not even sure if it has iptables and ipset packages installed or not. Current iptables version I believe is 1.8.4 and it works with nftables. In fact if you look for the version "iptables -V" it identifies itself as "iptables v1.8.4 (nf_tables)" and accept both iptables and nft commands. So installing it shouldn't interfere with your current rules if they are nft rulesets.

The only suggestion I can offer, I'm afraid, is to see whether you have iptables and it's disabled in favor of nftables or it's not there at all. Then either enable it or install iptables. Also check for ipset package "ipset -v" you may have to install that too.

But frankly if you're running Hyperbola, you know far more about it than I do. And you can probably find out how the Linux-libre kernel behaves with iptables if installed.

Sorry I couldn't help much but I'm still here to answer any question that might help.

[Heartbleed14]

Thanks for the reply, iptables is not present in the system.
I was thinking to install the rules in my debian PC with iptables and nftables installed and then export the translated rules for nftables. That should work i think :)

[Enkidu-6]

When you have a recent version of iptables, it processes the rules in either format natively. It doesn't go through translating them to one format or another because it understands both. Transferring the rules from your debian to Hyperbola may not work but let me know how it turns out.

You may also want to consider installing iptables on your Hyperbola if it's available. I don't believe it can harm your system in any way. You'll still be able to use both iptables and nft rules.

Good luck and let us know. I'm sure everyone can benefit from the information.