FC-1 firewall script for bittorrent

Robert Locke rlocke at ralii.com
Tue Jun 15 01:50:29 UTC 2004


Russell,

I would presume the blank line(s) you put in?  At least that is what the
error sounds like and in counting the lines in your file.....

Just a guess....

--Rob

On Mon, 2004-06-14 at 21:31, russell wrote:
> Thanks for responding to my query for help.  I edited my file as per 
> your example and this is it:
> 
> # Firewall configuration written by redhat-config-securitylevel
> # Manual customization of this file is not recommended.
> *filter
> :INPUT ACCEPT [0:0]
> :FORWARD ACCEPT [0:0]
> :OUTPUT ACCEPT [0:0]
> :RH-Firewall-1-INPUT - [0:0]
> -A INPUT -j RH-Firewall-1-INPUT
> -A FORWARD -j RH-Firewall-1-INPUT
> -A RH-Firewall-1-INPUT -i lo -j ACCEPT
> -A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT
> -A RH-Firewall-1-INPUT -p 50 -j ACCEPT
> -A RH-Firewall-1-INPUT -p 51 -j ACCEPT
> -A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
> -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 
> 6881:6889 -j ACCEPT
> -A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport 
> 6881:6889 -j ACCEPT
> -A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
> 
> 
> COMMIT
> ~
> "/etc/sysconfig/iptables" 20L, 780C                           
> 19,0-1        All
> 
> When I run a restart this is the error I get:
> 
> Flushing firewall rules:                                   [  OK  ]
> Setting chains to policy ACCEPT: filter                    [  OK  ]
> Unloading iptables modules:                                [  OK  ]
> Applying iptables firewall rules: iptables-restore v1.2.9: no command 
> specified
> Error occurred at line: 18
> Try `iptables-restore -h' or 'iptables-restore --help' for more information.
>                                                            [FAILED]
> 
> Any idea what is wrong with line 18?
> 
> russell
> 
> 
> 
> Erik Espinoza wrote:
> 
> ># Firewall configuration written by system-config-securitylevel
> ># Manual customization of this file is not recommended.
> >*filter
> >:INPUT ACCEPT [0:0]
> >:FORWARD DROP [0:0]
> >:OUTPUT ACCEPT [0:0]
> >:RH-Firewall-1-INPUT - [0:0]
> >-A INPUT -j RH-Firewall-1-INPUT
> >-A FORWARD -j RH-Firewall-1-INPUT
> >-A RH-Firewall-1-INPUT -i lo -j ACCEPT
> >-A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT
> >-A RH-Firewall-1-INPUT -p 50 -j ACCEPT
> >-A RH-Firewall-1-INPUT -p 51 -j ACCEPT
> >-A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
> >-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport
> >6881:6889 -j ACCEPT
> >-A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport
> >6881:6889 -j ACCEPT
> >-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
> >COMMIT
> >
> >
> >
> >  
> >
> >
> >  
> >
> 
> 





More information about the fedora-list mailing list