[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Iptables question(s)



* Stefan Srdic (linuxbox@telusplanet.net) [010719 20:41]:
> Vineet Kumar wrote:
> 
> > From the kernel? What does the message really say? IIRC pump sometimes
> > reports "Operation failed" -- can you diagnose more precisely where
> > the message orignates from? Does it show up in a log? (which one?) or
> > on the console?
> >
> > Vineet
> 
> Here is the complete error mesage I receive from command prompt after I
> attemp to execute my netfilter script as root after a clean boot.
> 
> root@NodeFilter:/etc/network# sh netfilter
> Operation failed.
> Bad argument `eth0'
> Try `iptables -h' or 'iptables --help' for more information.
> 
> If I hash out the lines:
> 
> >IPADDR="`/sbin/pump --status | /bin/grep IP: | /bin/sed -e 's/.*IP: > //'`"
> 
> and
> 
> > iptables -A INPUT --source $IPADDR -i $EXTIFACE -j DROP
> 
> I do not receive any error messages. I'm assuming that the error message is
> related to the operation that determines my IP address and to the IPTables
> rule which executes incorrectly after the inital IP determinition option
> fails.
> 
> Any ideas on how-to solve this?
> 
> Stef
> 

Well, I do think the 'Operation failed.' is from pump. Perhaps the
best thing to do would be to try and make the script a little more
robust; if pump fails, maybe you want your script to exit with a more
complete error message instead of trying to go forth anyway. One way
to help diagnose which error messages are coming from where is to add
echos in the script; something like this:

echo IPADDR="`/sbin/pump --status | /bin/grep IP: | /bin/sed -e 's/.*IP:
IPADDR="`/sbin/pump --status | /bin/grep IP: | /bin/sed -e 's/.*IP:
//'`"
echo IPADDR is $IPADDR

echo iptables -A INPUT --source $IPADDR -i $EXTIFACE -j DROP
iptables -A INPUT --source $IPADDR -i $EXTIFACE -j DROP

that way you can see exactly what it's trying to do (what the
variables expand to) and what commands bring what error messages.

Vineet

Attachment: pgpxkAMAgvy8Y.pgp
Description: PGP signature


Reply to: