Re: [OT] eliminar regla DROP en iptables

To: debian-user-spanish@lists.debian.org
Cc: debian-user-spanish@lists.debian.org
Subject: Re: [OT] eliminar regla DROP en iptables
From: jmramirez <mas_ke_na@hotmail.com>
Date: Thu, 4 Nov 2010 17:56:02 +0100
Message-id: <[🔎] BLU0-SMTP1258330C40055F142096461B14B0@phx.gbl>
In-reply-to: <[🔎] AANLkTin+y06KfE0KithQb5ht2FQqiGBjr-fSqOaEw7mH@mail.gmail.com>
References: <[🔎] BLU0-SMTP2114C8D223A0A43BACB568DB14B0@phx.gbl> <[🔎] AANLkTi=7W8UsBuMgu588JoWPpxCHgPX2kfMoDxPHpitm@mail.gmail.com> <[🔎] BLU0-SMTP12914B9AB4C57F88F45244FB14B0@phx.gbl> <[🔎] AANLkTin+y06KfE0KithQb5ht2FQqiGBjr-fSqOaEw7mH@mail.gmail.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

>>> Hola
>>> Sin ser yo tampoco un experto en iptables, ni mucho menos, me parece
>>> que acá te diste la respuesta tu mismo.
>>> La orden *tiene* que ser la misma.
>>> No estás teniendo en cuenta el *state NEW*
>>> Probá de agregarle un --state new a la linea de borrado. O algo asi
>>
>>> Suerte
>>
>> Gracias, que por probar no quede... luego ya leere y vere que hizo :P...
>>
>> root@proxycorreo:~# iptables -D INPUT -p tcp --dport 3128 -j ACCEPT
>> - --state NEW
>> iptables v1.3.8: Unknown arg `--state'
>> Try `iptables -h' or 'iptables --help' for more information.
>>
>> No le gusto ese argumento. Gracias de todas formas
>>
> 
> En el ejemplo este que pusiste acá estás tratando de borrar la que
> agregaste vos, no la original
> 
> Sólo para que me deje de molestar:
> poné el --state NEW antes del -j DROP
> en todo caso agregale un m state antes
> 
> y decinos que pasó, porque según el man tiene que reconocer el comando.
> ¿que versión de iptables tenés?
Buenas....

	Gracias por el dato, pero ya no tengo la otra regla, porque pude
eliminarla. Por lo que no puedo verificarlo.

	Mi version de iptables es:

root@proxycorreo:~# dpkg -l | grep iptables
ii  iptables
2:1.3.8.0debian1-1ubuntu2layer7         administration tools for packet
filtering an

	Os recuerdo que es una ubuntu hardy

##########iptables --help | grep state no dio resultados

root@proxycorreo:~# iptables --help
iptables v1.3.8

Usage: iptables -[AD] chain rule-specification [options]
       iptables -[RI] chain rulenum rule-specification [options]
       iptables -D chain rulenum [options]
       iptables -[LFZ] [chain] [options]
       iptables -[NX] chain
       iptables -E old-chain-name new-chain-name
       iptables -P chain target [options]
       iptables -h (print this help information)

Commands:
Either long or short options are allowed.
  --append  -A chain		Append to chain
  --delete  -D chain		Delete matching rule from chain
  --delete  -D chain rulenum
				Delete rule rulenum (1 = first) from chain
  --insert  -I chain [rulenum]
				Insert in chain as rulenum (default 1=first)
  --replace -R chain rulenum
				Replace rule rulenum (1 = first) in chain
  --list    -L [chain]		List the rules in a chain or all chains
  --flush   -F [chain]		Delete all rules in  chain or all chains
  --zero    -Z [chain]		Zero counters in chain or all chains
  --new     -N chain		Create a new user-defined chain
  --delete-chain
            -X [chain]		Delete a user-defined chain
  --policy  -P chain target
				Change policy on chain to target
  --rename-chain
            -E old-chain new-chain
				Change chain name, (moving any references)
Options:
  --proto	-p [!] proto	protocol: by number or name, eg. `tcp'
  --source	-s [!] address[/mask]
				source specification
  --destination -d [!] address[/mask]
				destination specification
  --in-interface -i [!] input name[+]
				network interface name ([+] for wildcard)
  --jump	-j target
				target for rule (may load target extension)
  --goto      -g chain
                              jump to chain with no return
  --match	-m match
				extended match (may load extension)
  --numeric	-n		numeric output of addresses and ports
  --out-interface -o [!] output name[+]
				network interface name ([+] for wildcard)
  --table	-t table	table to manipulate (default: `filter')
  --verbose	-v		verbose mode
  --line-numbers		print line numbers when listing
  --exact	-x		expand numbers (display exact values)
[!] --fragment	-f		match second or further fragments only
  --modprobe=<command>		try to insert modules using this command
  --set-counters PKTS BYTES	set the counter during insert/append
[!] --version	-V		print package version.

##########

Un saludo
- -- 
"Si los tontos volaran, el cielo se oscurecería"

No me envié correos en formatos propietarios
http://www.gnu.org/philosophy/no-word-attachments.es.html
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEcBAEBAgAGBQJM0uWiAAoJEOWNzQnqy+fzqTwIAKe1y7F4nRsTvXRc7w4ne5EE
NUZrcUzgaPOSmIViYj/cOL17Vdnuu7QAvdvoRbRaTE9Ty42atCVPbf+AoO2n320q
6+6LlM6OBYwQq9ahs4qPXFpQ1TOqEhwMzbUctgq8Unw8s1nRKZc87qie87sc4GTp
wvoUK1yCwla9XSI3KAa3uL9yYo7112Y59t+jDhMpwdb8+jXwxy52Ybyjv1hYWXAa
gDbELZIQ0FG4RlfTU67GW606OQ3AV1iecvZuKU5F4C6Nctx7nB3bHiX6Vdq9btnr
1FtwQ28U1DJmt+s7wF2aMkLQrPY/EX0uGaUC/cDIGfPb4rojLrGxU1mB2eAe03M=
=vmhn
-----END PGP SIGNATURE-----

Reply to:

Follow-Ups:
- Re: [OT] eliminar regla DROP en iptables
  - From: "Jorge A. Secreto" <jorgesecreto@gmail.com>

References:
- [OT] eliminar regla DROP en iptables
  - From: jmramirez <mas_ke_na@hotmail.com>
- Re: [OT] eliminar regla DROP en iptables
  - From: "Jorge R." <jrrperi@gmail.com>
- Re: [OT] eliminar regla DROP en iptables
  - From: jmramirez <mas_ke_na@hotmail.com>
- Re: [OT] eliminar regla DROP en iptables
  - From: "Jorge A. Secreto" <jorgesecreto@gmail.com>

Prev by Date: Re: [OT] eliminar regla DROP en iptables
Next by Date: Re: [OT] eliminar regla DROP en iptables [SOLUCIONADO]
Previous by thread: Re: [OT] eliminar regla DROP en iptables
Next by thread: Re: [OT] eliminar regla DROP en iptables
Index(es):
- Date
- Thread