On Wed, 8 Mar 2006, John Vasileff wrote:
On 3/8/06, Daryl Herzmann <akrherz iastate edu> wrote:I am just using -p 834 so that I can iptables the service, which btw, has something strange going on as well. Most of my /etc/sysconfig/iptables settings are no longer working (iptables refuses to load) with the el4u3 update. Very frustrating.Daryl, Can you provide more information regarding the iptables? I will soon be testing U3 and want to make sure I don't miss anything. Are saying that the ip_tables.ko fails to load or just that certain rules are not working? Also, are you runing i386 or x86_64?
Thanks for the email. My first guess is that I am doing something wrong, which is usually to blame for my problems!
I manually add my iptables rules in the /etc/sysconfig/iptables file. This rule, in particular, works on rhel4u2 and not rhel4u3
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp --dport 834 -j ACCEPT
I get this error when attempting to start the firewall
Applying iptables firewall rules: iptables-restore: line 54 failed
[FAILED]
(line 54 is the COMMIT line.) Even if I put iptables-restore into verbose
mode, I don't get any more descriptive error.
With the generous help of a collegue, we were able to get the firewall working again by adding a '-p tcp' to the entry. So this now works:
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 834 -j ACCEPT
I am not sure what causes this difference. Perhaps others here can enlighten me for I am a mere iptables mortal. :)
thanks! daryl