HPE Community
Operating System - Linux
1824721 Members
3507 Online
109674 Solutions
New Discussion юеВ

Problem with iptables script

 
Andrew Kaplan
Super Advisor

тАО01-25-2008 04:27 PM

тАО01-25-2008 04:27 PM

Problem with iptables script

Hi there --

I am trying to get an iptables script to run, but have run into some errors whenever I try to execute it. The error messages that are showing up on-screen are shown below:

[+] Setting up INPUT chain...
Bad argument `tcp'
Try `iptables -h' or 'iptables --help' for more information.
Bad argument `tcp'
Try `iptables -h' or 'iptables --help' for more information.
Bad argument `tcp'
Try `iptables -h' or 'iptables --help' for more information.
iptables v1.3.8: Can't use -i with OUTPUT

Try `iptables -h' or 'iptables --help' for more information.
Bad argument `5666'
Try `iptables -h' or 'iptables --help' for more information.
Bad argument `5666'
Try `iptables -h' or 'iptables --help' for more information.

I have included a copy of the script in this e-mail. There is a command syntax error here, but I am not sure what it is. Can someone lend a hand? Thanks.
A Journey In The Quest Of Knowledge
0 Kudos
Reply
2 REPLIES 2
Ivan Ferreira
Honored Contributor

тАО01-26-2008 04:05 AM

тАО01-26-2008 04:05 AM

Re: Problem with iptables script

I think that your problem is that you did not configured the INT_NET variable, so the command expects to be:

$IPTABLES -A INPUT -i eth0 -p tcp -s $INT_NET -p tcp

But as INT_NET is empty, you get:

$IPTABLES -A INPUT -i eth0 -p tcp -s -p tcp

Try configuring INT_NET first.
Por que hacerlo dificil si es posible hacerlo facil? - Why do it the hard way, when you can do it the easy way?
0 Kudos
Reply
palaniappan.sp
Regular Advisor

тАО01-26-2008 04:22 AM

тАО01-26-2008 04:22 AM

Re: Problem with iptables script

Hi,
You didn't define the ipddress in the following places of the script..
a) Remove the hash and mention the m/c ip address/subnet mask.
# INT_NET=192.168.10.0/24

b) Specify the ip address in the place of
this is for allowing incoming and outgoing packets.

## Accept connections from
$IPTABLES -A INPUT -i eth0 -p icmp -s -j ACCEPT
$IPTABLES -A OUTPUT -i eth0 -p icmp -d -j ACCEPT
$IPTABLES -A INPUT -i eth0 -p tcp -s --dport 22 --syn -m state --state NEW -j ACCEPT
$IPTABLES -A INPUT -i eth0 -p tcp 5666 -s -j ACCEPT
$IPTABLES -A OUTPUT -i eth0 -p udp 5666 -s -j ACCEPT

c) Make the script executable.

Then try,
I hope this will work...

Regds
Palani
Everything is Possible and Anything is Feasible if u try
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.