You are not logged in.

#1 2019-03-26 09:08:26

dext
Member
From: Poland, Kraków
Registered: 2008-02-01
Posts: 68

Missing options in Iptables

Hi,

I need to setup a basic firewall for my desktop. I've always used https://wiki.archlinux.org/index.php/Si … l_firewall for that. But the examples showed there stopped working. I'm getting errors like:

iptables-restore v1.8.2 (legacy): unknown option "--reject-with"
iptables-restore v1.8.2 (legacy): unknown option "--tcp-flags"

1. Is "Simple stateful firewall" article obsolete?
2. Why is iptables-restore v1.8.2 marked as "legacy"?
3. Could you please point out what I'm doing wrong, and recommend a supported and current "Arch way" of setting up a very basic firewall for desktop use?


English is not my first language, so please forgive me for my mistakes.

Offline

#2 2019-03-26 10:41:53

Lone_Wolf
Member
From: Netherlands, Europe
Registered: 2005-10-04
Posts: 7,288

Re: Missing options in Iptables

1. the article should still be valid

2. nftables is the replacement of the {ip,ip6,arp,eb}tables framework.
Both nftables and iptables are maintained by the netfilter group, they seem to have decided to decalre iptables legacy .

3.
Maybe you mistyped something while entering the commands, post /etc/iptables/iptables.rules please ,

You can find the nftables version of simple stateful firewall at https://wiki.archlinux.org/index.php/Nf … l_firewall
(within the last year I switched all my systems using ssf to the nftables variant, haven't encountered any problems with it.)


Multi-init booting with apg Openrc and systemd coexisting
Automounting : not needed, i prefer pmount
Aur helpers : makepkg + my own local repo === rarely need them

Offline

#3 2019-04-14 22:33:13

xfzfflm
Member
Registered: 2017-01-13
Posts: 6

Re: Missing options in Iptables

I meet the same thing..

```
iptables-restore v1.8.2 (legacy): unknown option "--reject-with"
```

It seems the "reject-with" option is removed somehow...

Last edited by xfzfflm (2019-04-14 22:33:27)

Offline

#4 2019-08-18 20:26:19

juphu2Va
Member
Registered: 2019-05-16
Posts: 11

Re: Missing options in Iptables

xfzfflm wrote:

I meet the same thing..

```
iptables-restore v1.8.2 (legacy): unknown option "--reject-with"
```

It seems the "reject-with" option is removed somehow...

I got the same error on my Arch server with iptables v1.8.3 after I did a Kernel Upgrade. Try to reboot the machine.

Offline

Board footer

Powered by FluxBB