|
Question on Iptables
Hi all
After creating a rule in linux firewall if you restart the firewall why does it give errors like this Created a rule as [root@server1 root]# iptables -A INPUT -s 192.168.0.100 -p icmp --icmp-type echo-request -j REJECT Why do we get the following error on the server even after saving the firewall rule with the service iptables save command: - [root@server1 root]# service iptables restart Flushing firewall rules: OK ] Setting chains to policy ACCEPT: filter OK ] Unloading iptables modules: OK ] Applying iptables firewall rules: Bad argument `any' Error occured at line: 11 Try `iptables-restore -h' or 'iptables-restore --help' for more information. FAILED] |
try
iptables --flush to flush any prevous iptables rules then try again regards |
Thanks for the suggestion but i dnt wanted to delete the rule i created
I beleive it worked when I added iptables to chkconfig --level 235 on and then restarted I was using redhat-config-securitylevel before that created its own chain named RH-Firewall-1-INPUT. But when I flushed the firewall chains and again tried the command [root@server1 root]# iptables -A INPUT -s 192.168.0.100 -p icmp --icmp-type echo-request -j REJECT I did get destination host unreachable on the XP computer and then changing the REJECT to DROP gives me the lovely Request Timed Out that i wanted So the command I used was [root@server1 root]# iptables -A INPUT -s 192.168.0.100 -p icmp --icmp-type echo-request -j DROP and then "service iptables save" and then "service iptables restart" all loaded fine But still to find that when I add a rule to INPUT it gives errors I beleive I have to append the rule to RH-Firewall-1-INPUT rather than to INPUT. But thanks anyways for the reply :) JAS;) |
Hey i think there is something wrong when you try redhat-config-securitylevel on the server
What happens is it created a RH-Firewall-1-INPUT named chain and there was a entry for Rejecting the ICMP packets but it was not doing that on the connected computers I did append rules to RH-Firewall-1-INPUT this time and still it dnt worked Also the eth0 the only ethernet card was not in the trusted cards so not to worry regarding that. I appended a rule in the same as icmp DROP still dnt work Can any one tell how to APPEND new rules after configuring redhat-config-securitylevel ? Or is it possible to append rules to the firewall after configuring redhat-config-securitylevel ? I beleive have to understand the firewall used here. Any suggestions or disussions will be welcomed Thanks and Regards JAS;) |
| All times are GMT -5. The time now is 12:57 AM. |