Hello,
I have a sh-script that contains this code:
echo "Initialize Firewall"
iptables -F
iptables -X
iptables -P INPUT DROP
iptables -P OUTPUT DROP
iptables -P FORWARD DROP
iptables -Z
#Stateful Inspection
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
but when i run this script, i get this error:
# /opt/firewall_script.sh
Initialize Firewall
iptables: Invalid argument
I dont't think, that i have forgotten any kernel-module to load (on my host machine):
# lsmod | grep nf
nf_nat_ftp 7296 0
nf_nat 22548 2 ipt_MASQUERADE,nf_nat_ftp
nf_conntrack_ftp 12728 1 nf_nat_ftp
nf_conntrack_ipv4 24352 2 nf_nat
nf_conntrack 82688 5 xt_state,nf_nat_ftp,nf_nat,nf_conntrack_ftp,nf_conntrack_ipv4
# lsmod | grep ipt
ipt_MASQUERADE 6528 0
ipt_LOG 10372 2
nf_nat 22548 2 ipt_MASQUERADE,nf_nat_ftp
ipt_ttl 6144 0
iptable_mangle 8704 0
iptable_filter 8320 1
ipt_REJECT 7552 0
ip_tables 21776 2 iptable_mangle,iptable_filter
x_tables 25736 13 xt_state,ipt_MASQUERADE,ipt_LOG,xt_tcpudp,xt_length,ipt_ttl,xt_tcpmss,xt_TCPMSS,xt_multiport,xt_limit,xt_dscp,ipt_REJECT,ip_tables
My Host is this Machine:
# uname -a
Linux Debian-50-lenny-64-minimal 2.6.26-2-openvz-amd64 #1 SMP Thu Feb 11 01:40:09 UTC 2010 x86_64 GNU/Linux
My Virtual-Image is this Machine:
uname -a
Linux xx.xx.net 2.6.26-2-openvz-amd64 #1 SMP Thu Feb 11 01:40:09 UTC 2010 x86_64 GNU/Linux
I don't know why there is any problem.
But maybe it is useful for you, that if i forget to load the module ipt_state, than i get this error.
iptables: No chain/target/match by that name
plz Help me.
thx
[Updated on: Sat, 13 March 2010 10:21]
Report message to a moderator