Re: [Fwbuilder-discussion] fwbuilder 2.0.6 multiport iptables syntax error

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

On Mar 2, 2005, at 1:25 PM, David L. Crow wrote:

> I just upgraded to fwbuilder 2.0.6 from 2.0.0 with the iptables policy 
> compiler on Fedora Core 3 with the latest updates applied.  I 
> installed the pre-built RPM's for Fedora Core 3 from the SourceForge 
> download site:
>
>   fwbuilder-2.0.6-1.fdr3.i386.rpm
>   fwbuilder-ipt-2.0.6-1.fdr3.i386.rpm
>   libfwbuilder-2.0.6-1.fdr3.i386.rpm
>
> When I try to execute the generated script, I get a iptables syntax 
> error on the line:
>
>   $IPTABLES -A Cid3C491957.1 -p tcp -m tcp  -m multiport 
> --destination-port 80,443,8080,25,465  -j ACCEPT
>
> Diff'ing the generated script with the previous version, I noticed 
> that previously the "-m tcp" did not exist, so I changed the line (and 
> the others that showed the same problem) to
>
>   $IPTABLES -A Cid3C491957.1 -p tcp -m multiport  --destination-port 
> 80,443,8080,25,465,1723  -j ACCEPT
>
> and all works fine.
>
> (Un)fortunately because of fwbuilder, I'm not an iptables expert, so 
> I'm looking for confirmation that my change is correct and that there 
> is a bug in the compiler.
>

I can not reproduce this on my Fedora C3. I was able to install the 
following rule and it worked fine:

$IPTABLES -A Cid4226B16B.0 -p tcp -m tcp  -m multiport  --dports 80,22  
-j ACCEPT

What version of iptables you are running ? I have iptables-1.2.1-03.1 
and kernel kernel-2.6.9-1.667

--vk