LinuxQuestions.org
Support LQ: Use code LQ3 and save $3 on Domain Registration
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 03-16-2013, 02:03 AM   #1
SarahGurung
Member
 
Registered: Jul 2011
Posts: 301

Rep: Reputation: Disabled
iptables doesnt start in centos 6.3


this same rule worked in centos 5.x series and when i applied the same to centos 6.3 it showed the followign error:
Code:
iptables: Applying firewall rules: iptables-restore v1.4.7: option `--port' requires an argument
Error occurred at line: 25
Try `iptables-restore -h' or 'iptables-restore --help' for more information.
                                                           [FAILED]
i had the following rules:
Code:
:RH-Firewall-1-INPUT - [0:0]
-A INPUT -j RH-Firewall-1-INPUT
-A FORWARD -j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT
-A RH-Firewall-1-INPUT -p 50 -j ACCEPT
-A RH-Firewall-1-INPUT -p 51 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp --dport 5353 -d 224.0.0.251 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 21 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 20 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport 20 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport 21 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -j ACCEPT -p tcp -m multiport --port
s 62222:63333
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
COMMIT
it shows the error in following rules(line 13):
Code:
-A RH-Firewall-1-INPUT -m state --state NEW -j ACCEPT -p tcp -m multiport --port
s 62222:63333
can anyone tell me what's wrong?
 
Old 03-16-2013, 02:11 AM   #2
kirukan
Senior Member
 
Registered: Jun 2008
Location: Eelam
Distribution: Redhat, Solaris, Suse
Posts: 1,220

Rep: Reputation: 131Reputation: 131
Quote:
multiport
This module matches a set of source or destination ports. Up to 15 ports can be specified. A port range (port : port) counts as two ports. It can only be used in conjunction with -p tcp or -p udp.

[!] --source-ports,--sport port[,port|,port : port]...
Match if the source port is one of the given ports. The flag --sports is a convenient alias for this option. Multiple ports or port ranges are separated using a comma, and a port range is specified using a colon. 53,1024 : 65535 would therefore match ports 53 and all from 1024 through 65535.
[!] --destination-ports,--dport port[,port|,port : port]...
Match if the destination port is one of the given ports. The flag --dports is a convenient alias for this option.
[!] --ports port[,port|,port : port]...
Match if either the source or destination ports are equal to one of the given ports.

The above is the format, i think it can't be "--port s"

Last edited by kirukan; 03-16-2013 at 07:13 AM.
 
Old 03-16-2013, 02:53 AM   #3
SarahGurung
Member
 
Registered: Jul 2011
Posts: 301

Original Poster
Rep: Reputation: Disabled
thanks...
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
CentOs Java program doesnt pop up nutomgg Linux - Newbie 1 07-24-2011 06:18 PM
iptables - connlimit doesnt work dlugasx Linux - Server 1 12-30-2010 03:12 AM
Mail doesnt work on my CentOS in LAN kumars.nitin123 Linux - Server 2 11-05-2009 05:31 AM
my iptables command doesnt work rohit83.ken Linux - Networking 1 04-01-2008 06:24 AM
Doesnt 2.4 kernel have iptables cirkut5732 Linux - Newbie 8 04-15-2003 06:29 PM


All times are GMT -5. The time now is 12:15 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration