You are not logged in.

#1 2007-08-05 22:48:24

ravisghosh
Member
From: Intergalactic Spaces
Registered: 2006-10-12
Posts: 516
Website

Iptables/unknown protocol `input' specified

I was trying this http://wiki.archlinux.org/index.php/Sim … wall_HOWTO to create a simple firewall for my standalone system which is connected via a router.

but I'm getting these error:

[root@bluehead shantanu]# iptables -p FORWARD ACCEPT
iptables v1.3.8: unknown protocol `forward' specified
Try `iptables -h' or 'iptables --help' for more information.

and

[root@bluehead shantanu]# iptables -p INPUT DROP
iptables v1.3.8: unknown protocol `input' specified
Try `iptables -h' or 'iptables --help' for more information.

which is making me unable to set a firewall. Any solution to this.

Offline

#2 2007-08-06 01:05:05

ataraxia
Member
From: Pittsburgh
Registered: 2007-05-06
Posts: 1,553

Re: Iptables/unknown protocol `input' specified

It's an uppercase 'P'.

Offline

#3 2007-08-06 11:26:57

ravisghosh
Member
From: Intergalactic Spaces
Registered: 2006-10-12
Posts: 516
Website

Re: Iptables/unknown protocol `input' specified

thanks for the solution. It just could not figure it out.

however, I could not understand this section:

The open chain contains rules for accepting incoming connections on specific ports or protocols. For example, if you want to accept ssh connections on every interface, add this rule: 
# iptables -A open -p tcp --dport 22 -j ACCEPT

To accept incoming HTTP connections on the interface ppp0: 
# iptables -A open -i ppp0 -p tcp --dport 80 -j ACCEPT

To accept all incoming tcp connections with destination ports 65000 to 65005 on interface foo: 
# iptables -A open -i foo -p tcp --dport 65000:65005 -j ACCEPT

The same is of course possible with udp: 
# iptables -A open -i foo -p udp --dport 65000:65005 -j ACCEPT

or with other protocols than tcp and udp: 
# iptables -A open -i foo -p 123 -j ACCEPT

I've not opend port 22 since I do not need ssh (i supposed it is used so that other ppl can get access to my local system).

I opened tcp on 80 (to my knowledge it is used for browsing, messenger etc.)

I guess the third and fourth lines to open ports 65000 to 65005 are for torrents. But I am confused what my interface. Till date I knew that it was eth0 (broadband connected via router to ethernet port), but my router shows the interface as "ppo-0." Now which one to use instead of foo above.


Another thing is that after setting up the firewall, I tested it with https://www.grc.com/x/ne.dll?bh0bkyd2, but it still gives the same result that my system is unsure. In some other post, it is mentioned that I need to connect my computer directly (i suppose in ethernet port) rather than via router. But in that case, internet does not work at all (also the cords are different too)..

Offline

Board footer

Powered by FluxBB