You are not logged in.

#1 2019-03-26 09:08:26

dext
Member
From: Poland, Kraków
Registered: 2008-02-01
Posts: 98

Missing options in Iptables

Hi,

I need to setup a basic firewall for my desktop. I've always used https://wiki.archlinux.org/index.php/Si … l_firewall for that. But the examples showed there stopped working. I'm getting errors like:

iptables-restore v1.8.2 (legacy): unknown option "--reject-with"
iptables-restore v1.8.2 (legacy): unknown option "--tcp-flags"

1. Is "Simple stateful firewall" article obsolete?
2. Why is iptables-restore v1.8.2 marked as "legacy"?
3. Could you please point out what I'm doing wrong, and recommend a supported and current "Arch way" of setting up a very basic firewall for desktop use?

Offline

#2 2019-03-26 10:41:53

Lone_Wolf
Member
From: Netherlands, Europe
Registered: 2005-10-04
Posts: 11,866

Re: Missing options in Iptables

1. the article should still be valid

2. nftables is the replacement of the {ip,ip6,arp,eb}tables framework.
Both nftables and iptables are maintained by the netfilter group, they seem to have decided to decalre iptables legacy .

3.
Maybe you mistyped something while entering the commands, post /etc/iptables/iptables.rules please ,

You can find the nftables version of simple stateful firewall at https://wiki.archlinux.org/index.php/Nf … l_firewall
(within the last year I switched all my systems using ssf to the nftables variant, haven't encountered any problems with it.)


Disliking systemd intensely, but not satisfied with alternatives so focusing on taming systemd.


(A works at time B)  && (time C > time B ) ≠  (A works at time C)

Offline

#3 2019-04-14 22:33:13

xfzfflm
Member
Registered: 2017-01-13
Posts: 7

Re: Missing options in Iptables

I meet the same thing..

```
iptables-restore v1.8.2 (legacy): unknown option "--reject-with"
```

It seems the "reject-with" option is removed somehow...

Last edited by xfzfflm (2019-04-14 22:33:27)

Offline

#4 2019-08-18 20:26:19

juphu2Va
Member
Registered: 2019-05-16
Posts: 36

Re: Missing options in Iptables

xfzfflm wrote:

I meet the same thing..

```
iptables-restore v1.8.2 (legacy): unknown option "--reject-with"
```

It seems the "reject-with" option is removed somehow...

I got the same error on my Arch server with iptables v1.8.3 after I did a Kernel Upgrade. Try to reboot the machine.

Offline

Board footer

Powered by FluxBB