FC-1 firewall script for bittorrent
russell
simmonsr at verizon.net
Tue Jun 15 02:18:45 UTC 2004
Thanks Robert, that was indeed the proble. I always seem to overlook
the obvious. :-)
Now I just need to test if the script works.
russell
Robert Locke wrote:
>Russell,
>
>I would presume the blank line(s) you put in? At least that is what the
>error sounds like and in counting the lines in your file.....
>
>Just a guess....
>
>--Rob
>
>On Mon, 2004-06-14 at 21:31, russell wrote:
>
>
>>Thanks for responding to my query for help. I edited my file as per
>>your example and this is it:
>>
>># Firewall configuration written by redhat-config-securitylevel
>># Manual customization of this file is not recommended.
>>*filter
>>:INPUT ACCEPT [0:0]
>>:FORWARD ACCEPT [0:0]
>>:OUTPUT ACCEPT [0:0]
>>:RH-Firewall-1-INPUT - [0:0]
>>-A INPUT -j RH-Firewall-1-INPUT
>>-A FORWARD -j RH-Firewall-1-INPUT
>>-A RH-Firewall-1-INPUT -i lo -j ACCEPT
>>-A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT
>>-A RH-Firewall-1-INPUT -p 50 -j ACCEPT
>>-A RH-Firewall-1-INPUT -p 51 -j ACCEPT
>>-A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
>>-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport
>>6881:6889 -j ACCEPT
>>-A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport
>>6881:6889 -j ACCEPT
>>-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
>>
>>
>>COMMIT
>>~
>>"/etc/sysconfig/iptables" 20L, 780C
>>19,0-1 All
>>
>>When I run a restart this is the error I get:
>>
>>Flushing firewall rules: [ OK ]
>>Setting chains to policy ACCEPT: filter [ OK ]
>>Unloading iptables modules: [ OK ]
>>Applying iptables firewall rules: iptables-restore v1.2.9: no command
>>specified
>>Error occurred at line: 18
>>Try `iptables-restore -h' or 'iptables-restore --help' for more information.
>> [FAILED]
>>
>>Any idea what is wrong with line 18?
>>
>>russell
>>
>>
>>
>>Erik Espinoza wrote:
>>
>>
>>
>>># Firewall configuration written by system-config-securitylevel
>>># Manual customization of this file is not recommended.
>>>*filter
>>>:INPUT ACCEPT [0:0]
>>>:FORWARD DROP [0:0]
>>>:OUTPUT ACCEPT [0:0]
>>>:RH-Firewall-1-INPUT - [0:0]
>>>-A INPUT -j RH-Firewall-1-INPUT
>>>-A FORWARD -j RH-Firewall-1-INPUT
>>>-A RH-Firewall-1-INPUT -i lo -j ACCEPT
>>>-A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT
>>>-A RH-Firewall-1-INPUT -p 50 -j ACCEPT
>>>-A RH-Firewall-1-INPUT -p 51 -j ACCEPT
>>>-A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
>>>-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport
>>>6881:6889 -j ACCEPT
>>>-A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport
>>>6881:6889 -j ACCEPT
>>>-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
>>>COMMIT
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>
>>
>
>
>
>
More information about the fedora-list
mailing list