Results 1 to 5 of 5

Thread: iptables does not start

  1. #1

    Default iptables does not start

    Dear All,

    After applying this rule

    iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 8080

    i am unable to restart the iptables

    [root@xxx ~]# service iptables save
    Saving firewall rules to /etc/sysconfig/iptables: [ OK ]
    [root@xxx ~]# service iptables restart
    Flushing firewall rules: [ OK ]
    Setting chains to policy ACCEPT: filter nat [ OK ]
    Unloading iptables modules: [ OK ]
    Applying iptables firewall rules: [FAILED]
    Best Regards,
    Ghulam Yaseen

  2. #2

    Default Re: iptables does not start

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    It appears that something with 'Applying iptables firewall rules' is not
    working. Post what happens at that point, or perhaps the output from the
    following:

    bash -x /sbin/service iptables restart

    Good luck.





    ghulamyaseen wrote:
    > Dear All,
    >
    > After applying this rule
    >
    > iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port
    > 8080
    >
    > i am unable to restart the iptables
    >
    > [root@xxx ~]# service iptables save
    > Saving firewall rules to /etc/sysconfig/iptables: [ OK ]
    > [root@xxx ~]# service iptables restart
    > Flushing firewall rules: [ OK ]
    > Setting chains to policy ACCEPT: filter nat [ OK ]
    > Unloading iptables modules: [ OK ]
    > Applying iptables firewall rules: [FAILED]
    >
    >

    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v2.0.9 (GNU/Linux)
    Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

    iQIcBAEBAgAGBQJKFrLfAAoJEF+XTK08PnB5fUAQAI6vgJ7X+r/BTD9vAlJ4bCcT
    7CBXqnHUxOMCb0hoeIAH/b9AShUPcfUa9iY6OZZLnEJj4kT7zAbr0DgCUzDYNJgL
    9DMzpbYT2x/m5EBNIS3BZ8TwWwS8LsM669CmaLxD+R0Rb0P9ngo9Yr99Rc4JB1E3
    /NPiCy+KH6VoHCz6Ysbn/Bfs9A3lLMb5PFORzCIlZN/DxHfk7UkAMONKnLLZnyZG
    8Sdnh2FTsomuT5q5AeggQD0aHppXSCQBMzCoaqLSj+pEhzIgQ+G1rZ5oDKHcDebn
    FG32BTEZEFBuUQsBzGcf8Hzpi7DXft2lDRUMwWMkCaaNm9sjnZAYeUu2t4YteA7p
    WsjDkGjED6TEFPv1rt6Z3419403Ew0x/d/BLi+LMAndRJzucT8L5lu8qQJCc7f6k
    odukALxNkU4zuVgepiyb7rgAfca5aCu65keJTFdMHUubh665M8t3wP3mKJxHcXjX
    +NNOsAZ+v0VXymPRa9o4lqnC9W1+BYqvmjSADBNNxAJOzx21iajs55PolWKNR7dF
    yvtbowGr1gmlUkmrE84J8QIIApcQkIR8zOKzmfgyPxdB68KV5EAE4klUZ0RNpxEo
    TXjQwv9xbn/CTanxwlVz3uyHdEWLF6EyVyqSRgWZ40Ip+kFY1axgEDov4F9mg4L6
    qRjrBpGWH8t2rhWSZTEm
    =E1ti
    -----END PGP SIGNATURE-----

  3. #3

    Default Re: iptables does not start

    sir,

    follwing is the output from your command


    [root@dchub ~]# bash -x /sbin/service iptables restart
    + . /etc/init.d/functions
    ++ TEXTDOMAIN=initscripts
    ++ umask 022
    ++ PATH=/sbin:/usr/sbin:/bin:/usr/bin
    ++ export PATH
    ++ '[' -z '' ']'
    ++ COLUMNS=80
    ++ '[' -z '' ']'
    +++ /sbin/consoletype
    ++ CONSOLETYPE=pty
    ++ '[' -f /etc/sysconfig/i18n -a -z '' ']'
    ++ . /etc/profile.d/lang.sh
    +++ sourced=0
    +++ for langfile in /etc/sysconfig/i18n '$HOME/.i18n'
    +++ '[' -f /etc/sysconfig/i18n ']'
    +++ . /etc/sysconfig/i18n
    ++++ LANG=en_US.UTF-8
    ++++ SYSFONT=latarcyrheb-sun16
    +++ sourced=1
    +++ for langfile in /etc/sysconfig/i18n '$HOME/.i18n'
    +++ '[' -f /root/.i18n ']'
    +++ '[' -n '' ']'
    +++ '[' 1 = 1 ']'
    +++ '[' -n en_US.UTF-8 ']'
    +++ export LANG
    +++ '[' -n '' ']'
    +++ unset LC_ADDRESS
    +++ '[' -n '' ']'
    +++ unset LC_CTYPE
    +++ '[' -n '' ']'
    +++ unset LC_COLLATE
    +++ '[' -n '' ']'
    +++ unset LC_IDENTIFICATION
    +++ '[' -n '' ']'
    +++ unset LC_MEASUREMENT
    +++ '[' -n '' ']'
    +++ unset LC_MESSAGES
    +++ '[' -n '' ']'
    +++ unset LC_MONETARY
    +++ '[' -n '' ']'
    +++ unset LC_NAME
    +++ '[' -n '' ']'
    +++ unset LC_NUMERIC
    +++ '[' -n '' ']'
    +++ unset LC_PAPER
    +++ '[' -n '' ']'
    +++ unset LC_TELEPHONE
    +++ '[' -n '' ']'
    +++ unset LC_TIME
    +++ '[' -n '' ']'
    +++ unset LC_ALL
    +++ '[' -n '' ']'
    +++ unset LANGUAGE
    +++ '[' -n '' ']'
    +++ unset LINGUAS
    +++ '[' -n '' ']'
    +++ unset _XKB_CHARSET
    ++++ /sbin/consoletype
    +++ consoletype=pty
    +++ '[' -n '' ']'
    +++ '[' -n '' ']'
    +++ '[' -n en_US.UTF-8 ']'
    +++ case $LANG in
    +++ '[' xterm = linux ']'
    +++ unset SYSFONTACM SYSFONT
    +++ unset sourced
    +++ unset langfile
    ++ '[' -z '' ']'
    ++ '[' -f /etc/sysconfig/init ']'
    ++ . /etc/sysconfig/init
    +++ BOOTUP=color
    +++ GRAPHICAL=yes
    +++ RES_COL=60
    +++ MOVE_TO_COL='echo -en \033[60G'
    +++ SETCOLOR_SUCCESS='echo -en \033[0;32m'
    +++ SETCOLOR_FAILURE='echo -en \033[0;31m'
    +++ SETCOLOR_WARNING='echo -en \033[0;33m'
    +++ SETCOLOR_NORMAL='echo -en \033[0;39m'
    +++ LOGLEVEL=3
    +++ PROMPT=yes
    +++ AUTOSWAP=no
    ++ '[' pty = serial ']'
    ++ '[' color '!=' verbose ']'
    ++ INITLOG_ARGS=-q
    ++ __sed_discard_ignored_files='/\(~\|\.bak\|\.orig\|\.rpmnew\|\.rpmorig\|\.rpmsave\)$/d'
    ++ basename /sbin/service
    + VERSION='service ver. 0.91'
    ++ basename /sbin/service
    + USAGE='Usage: service < option > | --status-all | [ service_name [ command | --full-restart ] ]'
    + SERVICE=
    + SERVICEDIR=/etc/init.d
    + OPTIONS=
    + '[' 2 -eq 0 ']'
    + cd /
    + '[' 2 -gt 0 ']'
    + case "${1}" in
    + '[' -z '' -a 2 -eq 1 -a iptables = --status-all ']'
    + '[' 2 -eq 2 -a restart = --full-restart ']'
    + '[' -z '' ']'
    + SERVICE=iptables
    + shift
    + '[' 1 -gt 0 ']'
    + case "${1}" in
    + '[' -z iptables -a 1 -eq 1 -a restart = --status-all ']'
    + '[' 1 -eq 2 -a '' = --full-restart ']'
    + '[' -z iptables ']'
    + OPTIONS=' restart'
    + shift
    + '[' 0 -gt 0 ']'
    + '[' -x /etc/init.d/iptables ']'
    + env -i LANG=en_US.UTF-8 PATH=/sbin:/usr/sbin:/bin:/usr/bin TERM=xterm /etc/init.d/iptables restart
    Applying iptables firewall rules: [FAILED]
    Best Regards,
    Ghulam Yaseen

  4. #4

    Default Re: iptables does not start

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    Instead try:

    bash -x /etc/init.d/iptables restart

    Good luck.






    ghulamyaseen wrote:
    > sir,
    >
    > follwing is the output from your command
    >
    >
    > [root@dchub ~]# bash -x /sbin/service iptables restart
    > + . /etc/init.d/functions
    > ++ TEXTDOMAIN=initscripts
    > ++ umask 022
    > ++ PATH=/sbin:/usr/sbin:/bin:/usr/bin
    > ++ export PATH
    > ++ '[' -z '' ']'
    > ++ COLUMNS=80
    > ++ '[' -z '' ']'
    > +++ /sbin/consoletype
    > ++ CONSOLETYPE=pty
    > ++ '[' -f /etc/sysconfig/i18n -a -z '' ']'
    > ++ . /etc/profile.d/lang.sh
    > +++ sourced=0
    > +++ for langfile in /etc/sysconfig/i18n '$HOME/.i18n'
    > +++ '[' -f /etc/sysconfig/i18n ']'
    > +++ . /etc/sysconfig/i18n
    > ++++ LANG=en_US.UTF-8
    > ++++ SYSFONT=latarcyrheb-sun16
    > +++ sourced=1
    > +++ for langfile in /etc/sysconfig/i18n '$HOME/.i18n'
    > +++ '[' -f /root/.i18n ']'
    > +++ '[' -n '' ']'
    > +++ '[' 1 = 1 ']'
    > +++ '[' -n en_US.UTF-8 ']'
    > +++ export LANG
    > +++ '[' -n '' ']'
    > +++ unset LC_ADDRESS
    > +++ '[' -n '' ']'
    > +++ unset LC_CTYPE
    > +++ '[' -n '' ']'
    > +++ unset LC_COLLATE
    > +++ '[' -n '' ']'
    > +++ unset LC_IDENTIFICATION
    > +++ '[' -n '' ']'
    > +++ unset LC_MEASUREMENT
    > +++ '[' -n '' ']'
    > +++ unset LC_MESSAGES
    > +++ '[' -n '' ']'
    > +++ unset LC_MONETARY
    > +++ '[' -n '' ']'
    > +++ unset LC_NAME
    > +++ '[' -n '' ']'
    > +++ unset LC_NUMERIC
    > +++ '[' -n '' ']'
    > +++ unset LC_PAPER
    > +++ '[' -n '' ']'
    > +++ unset LC_TELEPHONE
    > +++ '[' -n '' ']'
    > +++ unset LC_TIME
    > +++ '[' -n '' ']'
    > +++ unset LC_ALL
    > +++ '[' -n '' ']'
    > +++ unset LANGUAGE
    > +++ '[' -n '' ']'
    > +++ unset LINGUAS
    > +++ '[' -n '' ']'
    > +++ unset _XKB_CHARSET
    > ++++ /sbin/consoletype
    > +++ consoletype=pty
    > +++ '[' -n '' ']'
    > +++ '[' -n '' ']'
    > +++ '[' -n en_US.UTF-8 ']'
    > +++ case $LANG in
    > +++ '[' xterm = linux ']'
    > +++ unset SYSFONTACM SYSFONT
    > +++ unset sourced
    > +++ unset langfile
    > ++ '[' -z '' ']'
    > ++ '[' -f /etc/sysconfig/init ']'
    > ++ . /etc/sysconfig/init
    > +++ BOOTUP=color
    > +++ GRAPHICAL=yes
    > +++ RES_COL=60
    > +++ MOVE_TO_COL='echo -en \033[60G'
    > +++ SETCOLOR_SUCCESS='echo -en \033[0;32m'
    > +++ SETCOLOR_FAILURE='echo -en \033[0;31m'
    > +++ SETCOLOR_WARNING='echo -en \033[0;33m'
    > +++ SETCOLOR_NORMAL='echo -en \033[0;39m'
    > +++ LOGLEVEL=3
    > +++ PROMPT=yes
    > +++ AUTOSWAP=no
    > ++ '[' pty = serial ']'
    > ++ '[' color '!=' verbose ']'
    > ++ INITLOG_ARGS=-q
    > ++
    > __sed_discard_ignored_files='/\(~\|\.bak\|\.orig\|\.rpmnew\|\.rpmorig\|\.rpmsave\)$/d'
    > ++ basename /sbin/service
    > + VERSION='service ver. 0.91'
    > ++ basename /sbin/service
    > + USAGE='Usage: service < option > | --status-all | [ service_name [
    > command | --full-restart ] ]'
    > + SERVICE=
    > + SERVICEDIR=/etc/init.d
    > + OPTIONS=
    > + '[' 2 -eq 0 ']'
    > + cd /
    > + '[' 2 -gt 0 ']'
    > + case "${1}" in
    > + '[' -z '' -a 2 -eq 1 -a iptables = --status-all ']'
    > + '[' 2 -eq 2 -a restart = --full-restart ']'
    > + '[' -z '' ']'
    > + SERVICE=iptables
    > + shift
    > + '[' 1 -gt 0 ']'
    > + case "${1}" in
    > + '[' -z iptables -a 1 -eq 1 -a restart = --status-all ']'
    > + '[' 1 -eq 2 -a '' = --full-restart ']'
    > + '[' -z iptables ']'
    > + OPTIONS=' restart'
    > + shift
    > + '[' 0 -gt 0 ']'
    > + '[' -x /etc/init.d/iptables ']'
    > + env -i LANG=en_US.UTF-8 PATH=/sbin:/usr/sbin:/bin:/usr/bin TERM=xterm
    > /etc/init.d/iptables restart
    > Applying iptables firewall rules: [FAILED]
    >
    >

    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v2.0.9 (GNU/Linux)
    Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

    iQIcBAEBAgAGBQJKFsNkAAoJEF+XTK08PnB5AiUQAJxRK/YRoqRc3ET3mqBqejY/
    Yk2lnbvY3dR1XcEXWh09DzRSgKBSaOz0rAjkfjUISOnUoqorUhkeI7zXHeCKXRh7
    muXVAqYhlAR41Jp7/ZLUZiFQdCmC0fza4RU9FAF2u5p/IeQtpkDvNFypXL1lqwx9
    D1N+oi5X4/+ZyxJfXqSZf9vjrydNlD8WscoRxWBjuQBkOwVxgDkJzdZKYRqdOoeB
    Ggl1ajCZc/aLi8AxQ/cucR8Jech6G9ACz4bP2r/NdN7sLBQNTlDUioUF5UX5KxVh
    oU2KQSK19DWb8ah0N4SrOdKceKYqhnTOrC55CAQbO+bn9VpSg4xAYQAk0eFBxtIC
    AEvq4CXZG7bEX20WPdfKtqSZLE71mHta5rjvpO0McVgbOsAMahAX1IHAcVVPEXAW
    BI6ru8BuTg20OARmSDvPCgOojdU9qxsGlfN9h/sAw/RxlrnqUyvvLX35IAc7gny+
    mugBEJ/oJC1MZEddVOODKUraWSovLCEd6XIAhdAB/1mU99pNsv0ezTnRPSnrUEo/
    ce+KxQF6g5NIcbcRH6PhSKRkNrSZerHRRwQS1zOfMCePsmJDOwgJ8fefko4gQOcS
    RGOOtWYE8V/iX1fGUrk6Aij3uwPzvXungyH72rI+DsScOJSmxz01JXJ6JH85x3qp
    W1JuAQBTL/KNYmNWsJoD
    =b5D/
    -----END PGP SIGNATURE-----

  5. #5
    Join Date
    Jun 2008
    Location
    Auckland, NZ
    Posts
    20,006
    Blog Entries
    1

    Default Re: iptables does not start

    iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 8080
    I think its a syntax error. Try

    iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-ports 8080
    Although it would be nice if computers could understand singular and plural forms ;-)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •