iptables error, probably due to kernel
-
Jose R. Lopez
MemberI've had some issues with some specific rules in iptables. I troubleshooted this by commenting line per line to see which ones where giving errors. After some research I found out on ubuntu site that it most likely because of kernel modules missing. So I though I would post the rules not working here to see if there was any alternative or suggestions about the missing kernel modules. These are the rules:
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p tcp -m state --state NEW --dport 30000 -j ACCEPT
-A INPUT -m limit --limit 5/min -j LOG --log-prefix "iptables denied: " --log-level 7
Any of these will cause an error.
Here is the reference ubuntu site:
https://help.ubuntu.com/community/IptablesHowTo
Thanks in advance.
Jose R. Lopez
Posted 1 year ago # -
what do the error logs say Jose? and did you notice any errors when installing iptables?
you've got errors anyway so:-
sudo aptitude purge iptables
sudo aptitude install iptablesalternatively, ConfigServer is a more user-friendly, and configurable, alternative to iptables
Posted 1 year ago # -
Jose R. Lopez
MemberThe error was always the same, pointing to the commit line in the file. From what I read these errors are difficult to troubleshoot as the system goes through the entire file until it realizes there is an error hence errors on most lines will point out to the commit line.
In any case, like I said, I attributed this to my kernel. A little later I noticed my virtuozzo has its own iptables on the node level which I can customize for each container. So I am sure I can just configure it there instead, I have not tried yet tho.
Thanks for your help.
Jose R. Lopez
Posted 1 year ago # -
JOse ..
sudo iptables -F
.. flushes existing ruleset (YOU HAVE NO FIREWALL AT THIS STAGE)
then follow the IPtables tut on here to set up afresh.
Posted 1 year ago #
Reply
You must log in to post.
Want HTML?
a blockquote code em strong ul ol liPlace code between backticks `codeHere`
You've got it.