LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 03-14-2016, 03:30 AM   #1
hack3rcon
Senior Member
 
Registered: Jan 2015
Posts: 1,432

Rep: Reputation: 10
Thumbs down iptables-restore : Line 1 failed.


Hello.
I write below iptables rules and want restore it on CentOS 7 :
Code:
-A INPUT -i lo -j ACCEPT
-A INPUT ! -i lo -d 127.0.0.0/8 -j REJECT

#  Accepts all established inbound connections
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

#  Allows all outbound traffic
#  You can modify this to only allow certain traffic
-A OUTPUT -j ACCEPT

# Allows HTTP and HTTPS connections from anywhere (the normal ports for websites)
-A INPUT -p tcp --dport 80 -j ACCEPT
-A INPUT -p tcp --dport 443 -j ACCEPT
-A INPUT -p tcp --dport 25 -j ACCEPT
-A INPUT -p tcp --dport 21 -j ACCEPT
-A INPUT -p tcp --dport 110 -j ACCEPT
-A INPUT -p tcp --dport 143 -j ACCEPT
-A INPUT -p tcp --dport 465 -j ACCEPT
-A INPUT -p tcp --dport 587 -j ACCEPT
-A INPUT -p tcp --dport 993 -j ACCEPT
-A INPUT -p tcp --dport 995 -j ACCEPT
-A INPUT -p tcp --dport 995 -j ACCEPT
-A INPUT -s IP.nrp.co -p tcp --dport 53 -j ACCEPT 
-A INPUT -s IP.nrp.co -p udp --dport 53 -j ACCEPT 

#  Allows SSH connections (only 4 attempts by an IP every 3 minutes, drop the rest)
-A INPUT -p tcp -m tcp --dport 22 -m state --state NEW -m recent --set --name DEFAULT --rsource
-A INPUT -p tcp -m tcp --dport 22 -m state --state NEW -m recent --update --seconds 180 --hitcount 4 --name DEFAULT --rsource -j DROP
-A INPUT -p tcp -m state --state NEW --dport 22 -j ACCEPT

# Allow ping
-A INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT

# log iptables denied calls
-A INPUT -m limit --limit 5/min -j LOG --log-prefix "iptables denied: " --log-level 7
But it show me an error about "line 1 failed".

What is your idea?
 
Old 03-14-2016, 03:49 AM   #2
JJJCR
Senior Member
 
Registered: Apr 2010
Posts: 1,850

Rep: Reputation: 337Reputation: 337Reputation: 337Reputation: 337
Have you tried changing this line:
-A INPUT ! -i lo -d 127.0.0.0/8 -j REJECT

to

-A INPUT -i lo -d 127.0.0.0/8 -j REJECT

i think "!" is not needed.
 
Old 03-14-2016, 03:57 AM   #3
hack3rcon
Senior Member
 
Registered: Jan 2015
Posts: 1,432

Original Poster
Rep: Reputation: 10
Quote:
Originally Posted by JJJCR View Post
Have you tried changing this line:
-A INPUT ! -i lo -d 127.0.0.0/8 -j REJECT

to

-A INPUT -i lo -d 127.0.0.0/8 -j REJECT

i think "!" is not needed.
Same error.
 
Old 03-14-2016, 05:03 AM   #4
zhjim
Senior Member
 
Registered: Oct 2004
Distribution: Debian Squeeze x86_64
Posts: 1,748
Blog Entries: 11

Rep: Reputation: 233Reputation: 233Reputation: 233
You use iptables-restore to get those lines back?
How did you "write" those iptables rules?
Did you read up on iptables-save and iptables-restore?

Really hack3rcon if we are to do your work at least be more specific of what we need to do.
 
Old 03-14-2016, 05:06 AM   #5
hack3rcon
Senior Member
 
Registered: Jan 2015
Posts: 1,432

Original Poster
Rep: Reputation: 10
Quote:
Originally Posted by zhjim View Post
You use iptables-restore to get those lines back?
How did you "write" those iptables rules?
Did you read up on iptables-save and iptables-restore?

Really hack3rcon if we are to do your work at least be more specific of what we need to do.
I used "iptables-restore" and I used "gedit" for write the rules.
 
Old 03-14-2016, 10:28 AM   #6
zhjim
Senior Member
 
Registered: Oct 2004
Distribution: Debian Squeeze x86_64
Posts: 1,748
Blog Entries: 11

Rep: Reputation: 233Reputation: 233Reputation: 233
Your file has the wrong syntax for iptables-restore. Get that fixed.
 
Old 03-15-2016, 01:05 AM   #7
hack3rcon
Senior Member
 
Registered: Jan 2015
Posts: 1,432

Original Poster
Rep: Reputation: 10
Thank you so much.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
iptables error in android: iptables-save and iptables-restore not working preetb123 Linux - Mobile 5 04-11-2011 01:56 PM
Restore iptables Rules that have been saved with iptables-save tiuz Linux - Security 4 08-14-2010 05:50 PM
iptables-restore ubuntu server does not restore at boot R03L Ubuntu 4 02-09-2010 08:14 PM
iptables-save, iptables-restore, how to set up them in some script sarajevo Linux - Networking 1 03-24-2008 11:39 PM
iptables-restore v1.2.11: Line 68 seems to have a -t table option. SupaDucta Linux - Networking 2 01-11-2006 05:38 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 04:24 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration