good Morning everyone;
i'm confused because the option not "!" is not working any more,
this is the rules that i need to add to iptables:
#iptables A FORWARD i eth1 o eth0 -d 192.168.2.0/24 j LOCAL-DMZ
#iptables A FORWARD i eth1 o eth0 -d !192.168.2.0/24 j LOCAL-INTERNET ----> with !192.168.2.0/24 i want to say any traffic comming but not from this ip pool
#iptables A FORWARD i eth0 o eth1 s 192.168.2.0/24 j DMZ-LOCAL
#iptables A FORWARD i eth0 o eth1 s !192.168.2.0/24 -j INTERNET-LOCAL ---> with !192.168.2.0/24 i want to say not from this ip pool
when i type these options with "!" i have the error message:
#iptables A FORWARD i eth1 o eth0 -d !192.168.2.0/24 j LOCAL-INTERNET
iptables -A FORWARD -i eth1 -o eth0 -d iptables -A INPUT DROP.168.2.0/24 -j LOCAL-INTERNET
iptables v1.4.7: Cannot use -A with -A
Try 'iptables -h' or 'iptables --help' for more information.
it is really strange for me, any idea please in order to understand and solve this issue.
Thanks in Advance.
Samy
[SOLVED] IPTables option "!"
Re: IPTables option "!"
Hi,
Your error on the Centos 6.2 looks like this:
Using intrapositioned negation (`--option ! this`) is deprecated in favor of extrapositioned (`! --option this`).
Try this code:
#iptables A FORWARD i eth1 o eth0 -d 192.168.2.0/24 j LOCAL-DMZ
#iptables A FORWARD i eth1 o eth0 [b]! -d[/b] 192.168.2.0/24 j LOCAL-INTERNET
#iptables A FORWARD i eth0 o eth1 s 192.168.2.0/24 j [b]LOCAL-DMZ[/b]
#iptables A FORWARD i eth0 o eth1 [b]! s[/b] 192.168.2.0/24 -j [b]LOCAL-INTERNET[/b]
I thing it will be ok.
jackblack
Your error on the Centos 6.2 looks like this:
Using intrapositioned negation (`--option ! this`) is deprecated in favor of extrapositioned (`! --option this`).
Try this code:
#iptables A FORWARD i eth1 o eth0 -d 192.168.2.0/24 j LOCAL-DMZ
#iptables A FORWARD i eth1 o eth0 [b]! -d[/b] 192.168.2.0/24 j LOCAL-INTERNET
#iptables A FORWARD i eth0 o eth1 s 192.168.2.0/24 j [b]LOCAL-DMZ[/b]
#iptables A FORWARD i eth0 o eth1 [b]! s[/b] 192.168.2.0/24 -j [b]LOCAL-INTERNET[/b]
I thing it will be ok.
jackblack
Re: IPTables option "!"
Good Morning jackblack
i just added the iptables addresses and it is working fine
thank you for your help
This Topic is SOLVED, how can i tag that please?
i just added the iptables addresses and it is working fine
thank you for your help
This Topic is SOLVED, how can i tag that please?
-
- Retired Moderator
- Posts: 18276
- Joined: 2006/12/13 20:15:34
- Location: Tidewater, Virginia, North America
- Contact:
[SOLVED] IPTables option "!"
Done.
For future reference, just reply with [SOLVED] (or [RESOLVED] if more appropriate) in the subject as explained in [url=http://www.centos.org/modules/newbb/viewtopic.php?topic_id=28726&forum=54]Readme First[/url]. A moderator should come along and mark the head of the thread on your behalf. The current brain-damaged forum software does not allow a user to do so.
For future reference, just reply with [SOLVED] (or [RESOLVED] if more appropriate) in the subject as explained in [url=http://www.centos.org/modules/newbb/viewtopic.php?topic_id=28726&forum=54]Readme First[/url]. A moderator should come along and mark the head of the thread on your behalf. The current brain-damaged forum software does not allow a user to do so.