Menu
▾
▴
RE: [webmin-l] Firewall error
|
From: Dave I. <dav...@en...> - 2006-03-20 19:46:20
|
There is no such field that I can see. I this a new field? I am using 1.250. Thanks Dave I -----Original Message----- From: web...@li... [mailto:web...@li...] On Behalf Of Jamie Cameron Sent: Monday, March 20, 2006 1:30 PM To: web...@li... Subject: RE: [webmin-l] Firewall error Hi Dave, You should be able to use the 'Reject with ICMP code' field to change the --reject-with option, or better still select the Default option to remove it altogether. - Jamie On 20/Mar/2006 12:58 Dave Isaacs wrote .. Actually, the problem is not *completely* beyond the scope of Webmin. Everything in our iptables file is hunky-dory until, during our upgrade process, an 'server iptables save' command is used. This command appears to append '--reject-with icmp-port-unreachable' to the end of any REJECT rules that do not have already have a --reject-with argument. Webmin, it appears, does not provide any way to edit this argument. When the rule is changed back to ACCEPT, it maintains the --reject-with argument even though it no longer applies. I guess this could be considered a Webmin bug, or maybe just a lack of functionality. Any ideas for a work-around (beyond dropping the affected rules and recreating them manually)? Thanks Dave I -----Original Message----- From: web...@li... [mailto:web...@li...] On Behalf Of Dave Isaacs Sent: Friday, March 17, 2006 4:52 PM To: 'web...@li...' Subject: RE: [webmin-l] Firewall error Let's see, Line 42: -A RH-Firewall-1-INPUT -p tcp -m tcp -m state --dport 25 --state NEW -j ACCEPT --reject-with icmp-port-unreachable I must say, that looks odd. I have no idea where that --reject-with came from. Looking at the Webmin Action Logs, the file diffs do NOT show that being added. Looks like tehre must be a problem beyond the scope of Webmin. Thanks Dave I -----Original Message----- From: web...@li... [mailto:web...@li...] On Behalf Of Craig White Sent: Friday, March 17, 2006 4:44 PM To: web...@li... Subject: Re: [webmin-l] Firewall error On Fri, 2006-03-17 at 16:35 -0500, Dave Isaacs wrote: > We have an issue here while performing an upgrade to our Red Hat EL3 > machine. > > Before the upgrade, the Linux Firewall module is used to disable > access to port 25 (the existing Accept rule is set to Reject). > > After the upgrade, when the Linux Firewall module is used to turn port > 25 back on (change the Reject to Accept), we get the following error: > > > Failed to apply configuration : > Flushing firewall rules: [ OK ] > Setting chains to policy ACCEPT: filter mangle nat [ OK ] > Unloading iptables modules: [ OK ] > Applying iptables firewall rules: iptables-restore v1.2.8: Unknown arg > `--reject-with' > Error occured at line: 42 > Try `iptables-restore -h' or 'iptables-restore --help' for more > information. > [FAILED] > > > Any idea what the problem might be? > > BTW, part of the upgrade also upgrades Webmin from version 1.170 to > 1.250. ---- it would make sense to post the contents of line 42 in /etc/sysconfig/iptables Craig ------------------------------------------------------- This SF.Net email is sponsored by xPML, a groundbreaking scripting language that extends applications into web and mobile media. Attend the live webcast and join the prime developer group breaking into this new coding territory! http://sel.as-us.falkag.net/sel?cmd=lnk <http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642> &kid=110944&bid=241720&dat=121642 - Forwarded by the Webmin mailing list at web...@li... To remove yourself from this list, go to http://lists.sourceforge.net/lists/listinfo/webadmin-list <http://lists.sourceforge.net/lists/listinfo/webadmin-list> |
