hi. i have installed from source iptables-1.2.3 thinking that the message i'm getting with iptables-1.2 was because of an older version. after installation i'm still getting the same message plus a newer one. i checked my filters and i can't see anything wrong with them. here's the message i'm getting: ip_tables: (c)2000 Netfilter core team ip_conntrack (1023 buckets, 8184 max) iptables: Table does not exist (do you need to insmod?) iptables v1.2.3: log-level `info' ambiguous the third line is what i was getting with version 1.2 that's why i upgraded. the last line i got only when i upgraded to version 1.2.3 and i don't see why it would be ambiguous. i've inserted my short filter: #!/bin/bash # #Point this to your copy of ip_tables IPT="/usr/sbin/iptables" #Load the module. modprobe ip_tables #Flush old rules, delete the firewall chain if it exists $IPT -F $IPT -F -t nat $IPT -X firewall #Set up the firewall chain $IPT -N firewall $IPT -A firewall -j LOG --log-level info --log-prefix "Firewall:" $IPT -A firewall -j DROP #Accept ourselves $IPT -A INPUT -s 127.0.0.1/32 -d 127.0.0.1/32 -j ACCEPT #Accept DNS, 'cause it's warm and friendly $IPT -A INPUT -p udp --source-port 53 -j ACCEPT #Allow ftp to send data back and forth. $IPT -A INPUT -p tcp --syn --source-port 20 --destination-port 1024:65535 -j ACCEPT $IPT -A INPUT -p tcp --syn --source-port 21 --destination-port 1024:65535 -j ACCEPT #Accept SMTP. Duh. $IPT -A INPUT -p tcp --destination-port 25 -j ACCEPT #Send everything else ot the firewall. $IPT -A INPUT -p icmp -j firewall $IPT -A INPUT -p tcp --syn -j firewall $IPT -A INPUT -p udp -j firewall -- "GUIs normally make it simple to accomplish simple actions and impossible to accomplish complex actions." --Doug Gwyn (22/Jun/91 in comp.unix.wizards)
Attachment:
pgp79SYOcfRBy.pgp
Description: PGP signature