Re: iptables syntax problems

To: Debian Firewall <debian-firewall@lists.debian.org>
Cc: Ross <bender@lomag.net>
Subject: Re: iptables syntax problems
From: Jean Christophe ANDRÃ? <jean-christophe.andre@auf.org>
Date: Wed, 12 Jun 2002 15:13:18 +0700
Message-id: <[🔎] 20020612081318.GK15734@virus.home>
In-reply-to: <[🔎] 200206112327.50911.bender@lomag.net>
References: <[🔎] 200206112327.50911.bender@lomag.net>

Ross ecrivait :
> #this rule has a syntax problem
> #Bad argument `1024:65535'
> #iptables -A OUTPUT -o $INTERNET -p tcp \
> #         -s $IPADRR --sport $UNPRIVPORTS \
> #         -d $NAMESERVER --dport 53 -j ACCEPT

The IPADRR doesn't exist (you mean IPADDR I guess) so -s is taking "--sport"
as argument un the UNPRIVPORTS come as an unknown option to iptables.

In general, always quote your variables using double-quote (")! It will give
you more correct error message since an unknown variable comes as an empty
one but this is replaced by the shell before using it to execute the command
so the command is not able to see the empty argument.

Regards, J.C.
-- 
Jean Christophe ANDRÉ <jean-christophe.andre@auf.org> http://www.vn.refer.org/
Coordonnateur technique régional (systèmes et réseaux informatiques)
Agence universitaire de la Francophonie (AuF) / Bureau Asie-Pacifique (BAP)
Adresse postale : AUF, 21 Lê Thánh Tông, T.T. Hoàn Kiếm, Hà Nội, Việt Nam
Tél. : +84 4 9331108   Fax : +84 4 8247383   Mobile : +84 91 3248747


-- 
To UNSUBSCRIBE, email to debian-firewall-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to:

References:
- iptables syntax problems
  - From: Ross <bender@lomag.net>

Prev by Date: Routing 2 networks
Next by Date: kde and iptables problem
Previous by thread: Re: iptables syntax problems
Next by thread: Re: iptables syntax problems
Index(es):
- Date
- Thread