Slackers,
Few days back, I upgraded to Slackware 14.0.
It is VERY GREAT.
I found ONE problem with iptables-restore
My iptables rule is:
Code:
$IPTABLES -A bad_packets -p tcp \! --syn -m state --state NEW -j LOG --log-level info --log-prefix "iptables_bad_packet:"
$IPTABLES -A deny_packets -j LOG --log-level info --log-prefix="iptables_deny:"
Output of command :
Code:
# iptables --line-number -nv -L
1 0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcpflags:! 0x17/0x02 state NEW LOG flags 0 level 6 prefix "iptables_bad_packet:"
1 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix "iptables_deny:"
Followed by :
Code:
# iptables-save > ipt-save
# iptables-restore < ipt-save
# iptables-save > new-ipt-save
See the diff :
Code:
42c42
< -A bad_packets -p tcp -m tcp ! --tcp-flags FIN,SYN,RST,ACK SYN -m state --state NEW -j LOG --log-prefix "iptables_bad_packet:" --log-level 6
---
> -A bad_packets -p tcp -m tcp ! --tcp-flags FIN,SYN,RST,ACK SYN -m state --state NEW -j LOG --log-prefix --log-prefix --log-level 6
44c44
< -A deny_packets -j LOG --log-prefix "iptables_deny:" --log-level 6
---
> -A deny_packets -j LOG --log-prefix --log-prefix --log-level 6
Output of command :
Code:
# iptables --line-number -nv -L
1 0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcpflags:! 0x17/0x02 state NEW LOG flags 0 level 6 prefix "--log-prefix"
1 1 40 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix "--log-prefix"
My syslogd says :
Code:
Oct 5 17:52:38 slax kernel: [ 4647.126101] --log-prefixIN=ppp0 OUT= MAC= SRC=115.236.16.238 DST=<my_internet_ip_removed> LEN=40 TOS=0x00 PREC=0x00 TTL=95 ID=256 PROTO=TCP SPT=6000 DPT=1433 WINDOW=16384 RES=0x00 SYN URGP=0
When I was running Slackware 13.37. I found NO PROBLEM with SAME iptables rules.
