Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Hi people, I can't seem to find anything like this on the internet. I've just installed fedora core 2, kernel version 2.6.5-1.358 (if I remember correctly) with iptables version 1.2.9.
Now most of it works properly but when ever I try to add in --sport or --dport into one of my rules I get a bad command response and it tells me to check out the -help page.
Looked at the help page and noticed that --sport/--dport was not mentioned ..... has this been removed in iptables v1.2.9 ?? All of the tutorials I've seen still use those commands
I have tried -dport
--dport
--destination-port
Heres an example rule of mine (not working) in a script
$iptables -A FORWARD -p udp -d 203.34.44.54 --sport 53 -m state --state NEW -j ACCEPT
then when I run the script it comes up with the above error about not knowing the command --sport.
thanks for any help
PS I have reinstalled fedora but it still doesn't work.
No, --sport is still supported in iptables 1.2.9 and the rule you've posted loads just fine. Obviously make sure that there isn't a syntax error in the rule that you're trying to load. But it sounds like you're short an iptables kernel module. Do lsmod and post all the iptables modules that you have loaded. If you have iptables built into the kernel, then look at your config and the netfilter modules should be listed there.
i'v had the same prob, try using something like iptables -p tcp --sport 5644 -j DROP or whatever. the key is adding the -p tcp switch, otherwise sport and dport don't work.
Thanks for that, I just went back through looking at my rules and I hadn't put the -p switch in. Actually I had in one of them but not the other five rules. And I managed to post the rule with the -p switch in it above ....
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.