Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. iptables>
  3. User
Spot the error !!
ghastings at sc
Jul 24, 2001, 10:17 PM
Post #1 of 4 (2092 views)
Permalink
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Can someone tell me why this line doesn't work

/sbin/iptables -A INPUT -i eth1 -m state --state NEW --dport 22 -j
ACCEPT

Thanks

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com>

iQA/AwUBO15WUyGB8Ri4BtJMEQJSTACg7qrQw+JFLzpk34yZW39IT5Ef4n8AnRcx
c5Z7FW5lEcnrOpE1iQNbA+UG
=OdlM
-----END PGP SIGNATURE-----
Re: Spot the error !! [ In reply to ]
shane at knowplace
Jul 24, 2001, 10:20 PM
Post #2 of 4 (2018 views)
Permalink
Gareth Hastings wrote:
> Can someone tell me why this line doesn't work
>
> /sbin/iptables -A INPUT -i eth1 -m state --state NEW --dport 22 -j
> ACCEPT

No protocol. Since IP itself doesn't have ports, you need to specific a
protocol for port 22. I assume you're probably trying for ssh (TCP).

Shane
RE: Spot the error !! [ In reply to ]
ghastings at sc
Jul 24, 2001, 10:23 PM
Post #3 of 4 (2025 views)
Permalink
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

thanks, I changed it to
/sbin/iptables -A INPUT -p tcp -i eth1 --dport 22 -m state --state
NEW -j ACCEPT
and it works fine

- -----Original Message-----
From: netfilter-admin@lists.samba.org
[mailto:netfilter-admin@lists.samba.org]On Behalf Of Shane Chen
Sent: 25 July 2001 01:21
To: Gareth Hastings
Cc: netfilter@lists.samba.org
Subject: Re: Spot the error !!


Gareth Hastings wrote:
> Can someone tell me why this line doesn't work
>
> /sbin/iptables -A INPUT -i eth1 -m state --state NEW --dport 22 -j
> ACCEPT

No protocol. Since IP itself doesn't have ports, you need to
specific a
protocol for port 22. I assume you're probably trying for ssh (TCP).

Shane

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com>

iQA/AwUBO15XwiGB8Ri4BtJMEQL2tACgmGSRzW9dIUE7XYqR5FeXljC6N7MAoKvF
ToZFaHgj5mtSN/la/rCSPh6+
=+n6+
-----END PGP SIGNATURE-----
Re: Spot the error !! [ In reply to ]
nickmclean at optushome
Jul 24, 2001, 11:04 PM
Post #4 of 4 (2033 views)
Permalink
Hey,
You need to specify a protocol that it is going to be using,
I'm guessing that this is for ssh so the rule would look like this...

/sbin/iptables -A INPUT -i eth1 -p TCP -m state --state NEW --dport 22 -j
ACCEPT

Nick

----- Original Message -----
From: "Gareth Hastings" <ghastings@sc.rr.com>
To: <netfilter@lists.samba.org>
Sent: Wednesday, July 25, 2001 3:17 PM
Subject: Spot the error !!


>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Can someone tell me why this line doesn't work
>
> /sbin/iptables -A INPUT -i eth1 -m state --state NEW --dport 22 -j
> ACCEPT
>
> Thanks
>
> -----BEGIN PGP SIGNATURE-----
> Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com>
>
> iQA/AwUBO15WUyGB8Ri4BtJMEQJSTACg7qrQw+JFLzpk34yZW39IT5Ef4n8AnRcx
> c5Z7FW5lEcnrOpE1iQNbA+UG
> =OdlM
> -----END PGP SIGNATURE-----
>
>

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal