Iptables if-pre-up blocking my network interfaces - Debian
 

Good day

First i'd like to say that i'm a completely noob at this Linux universe, so forgive me if this questions seems really stupid:redface:

I installed Debian at a laptop to be a torrent box + DLNA server, i had a Raspberry Pi doing this but I reached a high number of seeding and I had to upgrade it, anyway everything was running fine when I decided to mess with iptables, now I can't start any network interface, when I try ifup wlan0 or eth0 I get this message, "failed o exec /etc/network/if-pre-up.d/iptables: no such file (...) exited with return code 1."

The file is there with 777 permission and root as owner, I searched all over the internet looking for a solution, but i can't find a answer.

If anyone can give me the direction to follow I'll appreciate.

Thank you

In what way?
You're saying it worked, then it didn't work but not detailing what you might of done to cause that.

Sefyir thank you for reply.

After install everything was working, I could use wlan and eth.

I used this guide to set some rules at iptables (https://www.lisenet.com/2014/configu...ian-wheezy-pc/)

Add these lines to the file

*filter
-F INPUT
-F OUTPUT
-F FORWARD

-P INPUT ACCEPT
-P FORWARD DROP
-P OUTPUT ACCEPT

-A INPUT -i lo -j ACCEPT
-A INPUT ! -i lo -d 127.0.0.0/8 -j REJECT
-A INPUT -p tcp -m state --state NEW --dport 22 -j ACCEPT
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

-A OUTPUT -o lo -d 127.0.0.0/8 -j ACCEPT
-A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

COMMIT

add these lines to the file

#!/bin/bash
/sbin/iptables-restore < /etc/iptables.up.rules

then I thought it could be a permission problem and changed to 0777

and that is it, now I can't start any network interface.
If I use Ifup wlan0 or ifup eth0 I get this message, "failed o exec /etc/network/if-pre-up.d/iptables: no such file (...) exited with return code 1."

I really dont know what I did, and worst than that I cant undo it.

Ok. so changing the file back to 755 would be smart since it should be owned by root anyways. Sometimes having too lax permissions will cause it to fail (running a script as root that anyone can modify is a bad idea)

From the error it looks like it is looking for /etc/network/if-pre-up.d/iptables, deciding it doesn't exist and exiting.
What happens when you run:
As a fyi, if you have a policy of accepting packets (-P INPUT ACCEPT), in most cases having rules to accept packets is useless. This means the only rule that actually does anything in your INPUT is -A INPUT ! -i lo -d 127.0.0.0/8 -j REJECT

I run it and got this message, "/sbin/iptables-restore: bad interpreter: No such file or directory"

I checked the directory and the file is there, but I cant read it, I believe its encrypted.

About iptables rules, Is there any default rules set to apply?

So far:
If you run ifconfig to raise a device it runs your script which then results in
Checking your script reveals this line
Running this line manually results in this error
iptables-restore is a program, much like ssh or bash. It's not encrypted but in binary format (versus human readable format like a bash script)
I'm not sure why iptables-restore isn't being found, but if you remove that line from your code does the problem go away? Mostly to see if that isolates the problem.

This line
from this file?

Hi I did it, and nothing changed.

So I tried to clean the file and use the following command

Then everything back to normal, I dont know how but now its working.

Thank you Sefyir for your help :hattip: