Iptables Issue

Support for security such as Firewalls and securing linux
Post Reply
knigh7
Posts: 8
Joined: 2006/05/06 12:08:50
Location: Australia

Iptables Issue

Post by knigh7 » 2006/05/07 00:53:48

Hello im having an issue with my iptables.

system: centos 4.3

[root@box sysconfig]# service iptables start
Flushing firewall rules: [ OK ]
Setting chains to policy ACCEPT: filter nat [ OK ]
Unloading iptables modules: [ OK ]
Applying iptables firewall rules: iptables-restore: line 65 failed
[FAILED]

here is a copy of my iptables (note ive hidden the port numbers) as one can see line 65 is the line containg COMMIT. Any help with this would be greatly appreciated

1.
# Generated by iptables-save v1.2.11 on Thu Apr 6 08:59:11 2006
2.
*nat
3.
:PREROUTING ACCEPT [0:0]
4.
:POSTROUTING ACCEPT [0:0]
5.
:OUTPUT ACCEPT [0:0]
6.
-A POSTROUTING -s 192.168.3.0/255.255.255.0 -j SNAT --to-source 10.1.1.2
7.
COMMIT
8.
# Completed on Thu Apr 6 08:59:11 2006
9.
# Generated by iptables-save v1.2.11 on Thu Apr 6 08:59:11 2006
10.
*filter
11.
:INPUT ACCEPT [0:0]
12.
:FORWARD ACCEPT [0:0]
13.
:OUTPUT ACCEPT [1398510:920327168]
14.
:RH-Firewall-1-INPUT - [0:0]
15.
-A INPUT -j RH-Firewall-1-INPUT
16.
-A FORWARD -j RH-Firewall-1-INPUT
17.
-A RH-Firewall-1-INPUT -p gre -j ACCEPT
18.
-A RH-Firewall-1-INPUT -p icmp -m icmp --icmp-type any -j ACCEPT
19.
-A RH-Firewall-1-INPUT -p ipv6-crypt -j ACCEPT
20.
-A RH-Firewall-1-INPUT -p ipv6-auth -j ACCEPT
21.
-A RH-Firewall-1-INPUT -d 224.0.0.251 -p udp -m udp --dport #### -j ACCEPT
22.
-A RH-Firewall-1-INPUT -p udp -m udp --dport #### -j ACCEPT
23.
-A RH-Firewall-1-INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
24.
-A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport #### -j ACCEPT
25.
-A RH-Firewall-1-INPUT -p udp -m state --state NEW -m udp --dport #### -j ACCEPT
26.
-A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport #### -j ACCEPT
27.
-A RH-Firewall-1-INPUT -p udp -m state --state NEW -m udp --dport #### -j ACCEPT
28.
-A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport #### -j ACCEPT
29.
-A RH-Firewall-1-INPUT -p udp -m state --state NEW -m udp --dport #### -j ACCEPT
30.
-A RH-Firewall-1-INPUT -p udp -m state --state NEW -m udp --dport #### -j ACCEPT
31.
-A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport #### -j ACCEPT
32.
-A RH-Firewall-1-INPUT -p udp -m state --state NEW -m udp --dport #### -j ACCEPT
33.
-A RH-Firewall-1-INPUT -p udp -m state --state NEW -m udp --dport #### -j ACCEPT
34.
-A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport #### -j ACCEPT
35.
-A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport #### -j ACCEPT
36.
-A RH-Firewall-1-INPUT -p udp -m state --state NEW -m udp --dport #### -j ACCEPT
37.
-A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport #### -j ACCEPT
38.
-A RH-Firewall-1-INPUT -p udp -m state --state NEW -m udp --dport #### -j ACCEPT
39.
-A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport #### -j ACCEPT
40.
-A RH-Firewall-1-INPUT -p udp -m state --state NEW -m udp --dport #### -j ACCEPT
41.
-A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport #### -j ACCEPT
42.
-A RH-Firewall-1-INPUT -p udp -m state --state NEW -m udp --dport #### -j ACCEPT
43.
-A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport #### -j ACCEPT
44.
-A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m udp --dport #### -j ACCEPT
45.
-A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport #### -j ACCEPT
46.
-A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport #### -j ACCEPT
47.
-A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport #### -j ACCEPT
48.
-A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport #### -j ACCEPT
49.
-A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport #### -j ACCEPT
50.
-A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport #### -j ACCEPT
51.
-A RH-Firewall-1-INPUT -p udp -m state --state NEW -m udp --dport #### -j ACCEPT
52.
-A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport #### -j ACCEPT
53.
-A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport #### -j ACCEPT
54.
-A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport #### -j ACCEPT
55.
-A RH-Firewall-1-INPUT -p udp -m state --state NEW -m udp --dport #### -j ACCEPT
56.
-A RH-Firewall-1-INPUT -p udp -m state --state NEW -m udp --dport #### -j ACCEPT
57.
-A RH-Firewall-1-INPUT -p udp -m state --state NEW -m udp --dport #### -j ACCEPT
58.
-A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport #### -j ACCEPT
59.
-A RH-Firewall-1-INPUT -p udp -m state --state NEW -m udp --dport #### -j ACCEPT
60.
-A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport #### -j ACCEPT
61.
-A RH-Firewall-1-INPUT -p udp -m state --state NEW -m udp --dport #### -j ACCEPT
62.
-A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport #### -j ACCEPT
63.
-A RH-Firewall-1-INPUT -p udp -m state --state NEW -m udp --dport #### -j ACCEPT
64.
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
65.
COMMIT
66.
# Completed on Thu Apr 6 08:59:11 2006

knigh7
Posts: 8
Joined: 2006/05/06 12:08:50
Location: Australia

Re: Iptables Issue

Post by knigh7 » 2006/05/08 06:42:12

AAAHAAA found the bastard

A RH-Firewall-1-INPUT -p [b]tcp[/b] -m state --state NEW -m [b]udp[/b] --dport #### -j ACCEPT

thanks for the help guys

Post Reply

Return to “CentOS 4 - Security Support”