Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: iptables: User

Spot the error !!

  

 
iptables user RSS feed   Index | Next | Previous | View Threaded


ghastings at sc

Jul 24, 2001, 10:17 PM

Post #1 of 4 (934 views)
Permalink
Spot the error !!
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Can someone tell me why this line doesn't work

/sbin/iptables -A INPUT -i eth1 -m state --state NEW --dport 22 -j
ACCEPT

Thanks

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com>

iQA/AwUBO15WUyGB8Ri4BtJMEQJSTACg7qrQw+JFLzpk34yZW39IT5Ef4n8AnRcx
c5Z7FW5lEcnrOpE1iQNbA+UG
=OdlM
-----END PGP SIGNATURE-----


shane at knowplace

Jul 24, 2001, 10:20 PM

Post #2 of 4 (880 views)
Permalink
Re: Spot the error !! [In reply to]
Gareth Hastings wrote:
> Can someone tell me why this line doesn't work
>
> /sbin/iptables -A INPUT -i eth1 -m state --state NEW --dport 22 -j
> ACCEPT

No protocol. Since IP itself doesn't have ports, you need to specific a
protocol for port 22. I assume you're probably trying for ssh (TCP).

Shane


ghastings at sc

Jul 24, 2001, 10:23 PM

Post #3 of 4 (887 views)
Permalink
RE: Spot the error !! [In reply to]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

thanks, I changed it to
/sbin/iptables -A INPUT -p tcp -i eth1 --dport 22 -m state --state
NEW -j ACCEPT
and it works fine

- -----Original Message-----
From: netfilter-admin [at] lists
[mailto:netfilter-admin [at] lists]On Behalf Of Shane Chen
Sent: 25 July 2001 01:21
To: Gareth Hastings
Cc: netfilter [at] lists
Subject: Re: Spot the error !!


Gareth Hastings wrote:
> Can someone tell me why this line doesn't work
>
> /sbin/iptables -A INPUT -i eth1 -m state --state NEW --dport 22 -j
> ACCEPT

No protocol. Since IP itself doesn't have ports, you need to
specific a
protocol for port 22. I assume you're probably trying for ssh (TCP).

Shane

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com>

iQA/AwUBO15XwiGB8Ri4BtJMEQL2tACgmGSRzW9dIUE7XYqR5FeXljC6N7MAoKvF
ToZFaHgj5mtSN/la/rCSPh6+
=+n6+
-----END PGP SIGNATURE-----


nickmclean at optushome

Jul 24, 2001, 11:04 PM

Post #4 of 4 (890 views)
Permalink
Re: Spot the error !! [In reply to]
Hey,
You need to specify a protocol that it is going to be using,
I'm guessing that this is for ssh so the rule would look like this...

/sbin/iptables -A INPUT -i eth1 -p TCP -m state --state NEW --dport 22 -j
ACCEPT

Nick

----- Original Message -----
From: "Gareth Hastings" <ghastings [at] sc>
To: <netfilter [at] lists>
Sent: Wednesday, July 25, 2001 3:17 PM
Subject: Spot the error !!


>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Can someone tell me why this line doesn't work
>
> /sbin/iptables -A INPUT -i eth1 -m state --state NEW --dport 22 -j
> ACCEPT
>
> Thanks
>
> -----BEGIN PGP SIGNATURE-----
> Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com>
>
> iQA/AwUBO15WUyGB8Ri4BtJMEQJSTACg7qrQw+JFLzpk34yZW39IT5Ef4n8AnRcx
> c5Z7FW5lEcnrOpE1iQNbA+UG
> =OdlM
> -----END PGP SIGNATURE-----
>
>

iptables user RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.