[SOLVED] IPTables option "!"

Support for security such as Firewalls and securing linux
Post Reply
simsym05
Posts: 37
Joined: 2012/04/28 12:08:56
Location: Tunisia
Contact:

[SOLVED] IPTables option "!"

Post by simsym05 » 2012/06/15 01:12:08

good Morning everyone;

i'm confused because the option not "!" is not working any more,
this is the rules that i need to add to iptables:


#iptables –A FORWARD –i eth1 –o eth0 -d 192.168.2.0/24 –j LOCAL-DMZ
#iptables –A FORWARD –i eth1 –o eth0 -d !192.168.2.0/24 –j LOCAL-INTERNET ----> with !192.168.2.0/24 i want to say any traffic comming but not from this ip pool
#iptables –A FORWARD –i eth0 –o eth1 –s 192.168.2.0/24 –j DMZ-LOCAL
#iptables –A FORWARD –i eth0 –o eth1 –s !192.168.2.0/24 -j INTERNET-LOCAL ---> with !192.168.2.0/24 i want to say not from this ip pool

when i type these options with "!" i have the error message:


#iptables –A FORWARD –i eth1 –o eth0 -d !192.168.2.0/24 –j LOCAL-INTERNET
iptables -A FORWARD -i eth1 -o eth0 -d iptables -A INPUT DROP.168.2.0/24 -j LOCAL-INTERNET
iptables v1.4.7: Cannot use -A with -A

Try 'iptables -h' or 'iptables --help' for more information.


it is really strange for me, any idea please in order to understand and solve this issue.

Thanks in Advance.

Samy

jackblack
Posts: 2
Joined: 2012/06/18 19:21:26

Re: IPTables option "!"

Post by jackblack » 2012/06/18 20:04:17

Hi,
Your error on the Centos 6.2 looks like this:
Using intrapositioned negation (`--option ! this`) is deprecated in favor of extrapositioned (`! --option this`).

Try this code:
#iptables –A FORWARD –i eth1 –o eth0 -d 192.168.2.0/24 –j LOCAL-DMZ
#iptables –A FORWARD –i eth1 –o eth0 [b]! -d[/b] 192.168.2.0/24 –j LOCAL-INTERNET
#iptables –A FORWARD –i eth0 –o eth1 –s 192.168.2.0/24 –j [b]LOCAL-DMZ[/b]
#iptables –A FORWARD –i eth0 –o eth1 [b]! –s[/b] 192.168.2.0/24 -j [b]LOCAL-INTERNET[/b]

I thing it will be ok.
jackblack

simsym05
Posts: 37
Joined: 2012/04/28 12:08:56
Location: Tunisia
Contact:

Re: IPTables option "!"

Post by simsym05 » 2012/06/28 00:42:42

Good Morning jackblack


i just added the iptables addresses and it is working fine

thank you for your help


This Topic is SOLVED, how can i tag that please?

pschaff
Retired Moderator
Posts: 18276
Joined: 2006/12/13 20:15:34
Location: Tidewater, Virginia, North America
Contact:

[SOLVED] IPTables option "!"

Post by pschaff » 2012/06/28 18:31:06

Done.

For future reference, just reply with [SOLVED] (or [RESOLVED] if more appropriate) in the subject as explained in [url=http://www.centos.org/modules/newbb/viewtopic.php?topic_id=28726&forum=54]Readme First[/url]. A moderator should come along and mark the head of the thread on your behalf. The current brain-damaged forum software does not allow a user to do so.

Post Reply

Return to “CentOS 6 - Security Support”