RE: iptables error message.
Dear All, I have a "iptables script file" which I copied from the net that work for years, it stopped working yesterday after I upgrade from Ubuntu 16.04 to 16.10. I am a beginner so the only way for me to diagnose the problem is to comment out line by line to see what cause the problems, my finding as follows; 482 $IPTABLES -A INPUT -i $EXTIF -s $UNIVERSE -d $EXTIP -m state --state \ 483 ESTABLISHED,RELATED -j ACCEPT error message; Bad argument `state' offending line; 527 $IPTABLES -A OUTPUT -o $INTIF -s $EXTIP -d $INTNET -j ACCEPT error message; Bad argument `192.168.0.0/24' offending line; 542 $IPTABLES -A OUTPUT -o $EXTIF -s $EXTIP -d $UNIVERSE -j ACCEPT error message; Bad argument `0.0.0.0/0' offending line; 592 $IPTABLES -t nat -A POSTROUTING -o $EXTIF -j SNAT --to $EXTIP error message; iptables v1.6.0: option "--to" requires an argument Also, variables INTNET=”192.168.0.0/24” and UNIVERSE=”0.0.0.0/0” I have searched the net for answers but most of them indicate something like "miss typing" etc. However, as the file work fine up to Ubuntu 16.04 (I have not touch the file in any way) so something must have changed in 16.10 and I am out of ideas. Thanks in advance for the assistance! Best regards, Victor Mong I am a beginner so the
Hi Victor, Can you share the full script? We need to know the variables EXTIF, INTIF and EXTIP too. Sean On 27 October 2016 at 16:02, Chung Kin Mong via luv-main < luv-main@luv.asn.au> wrote:
Dear All,
I have a "iptables script file" which I copied from the net that work for years, it stopped working yesterday after I upgrade from Ubuntu 16.04 to 16.10. I am a beginner so the only way for me to diagnose the problem is to comment out line by line to see what cause the problems, my finding as follows;
482 $IPTABLES -A INPUT -i $EXTIF -s $UNIVERSE -d $EXTIP -m state --state \ 483 ESTABLISHED,RELATED -j ACCEPT error message; Bad argument `state'
offending line; 527 $IPTABLES -A OUTPUT -o $INTIF -s $EXTIP -d $INTNET -j ACCEPT error message; Bad argument `192.168.0.0/24'
offending line; 542 $IPTABLES -A OUTPUT -o $EXTIF -s $EXTIP -d $UNIVERSE -j ACCEPT error message; Bad argument `0.0.0.0/0'
offending line; 592 $IPTABLES -t nat -A POSTROUTING -o $EXTIF -j SNAT --to $EXTIP error message; iptables v1.6.0: option "--to" requires an argument
Also, variables INTNET=”192.168.0.0/24” and UNIVERSE=”0.0.0.0/0”
I have searched the net for answers but most of them indicate something like "miss typing" etc. However, as the file work fine up to Ubuntu 16.04 (I have not touch the file in any way) so something must have changed in 16.10 and I am out of ideas.
Thanks in advance for the assistance!
Best regards,
Victor Mong I am a beginner so the _______________________________________________ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
On Thursday, 27 October 2016 4:02:18 PM AEDT Chung Kin Mong via luv-main wrote:
482 $IPTABLES -A INPUT -i $EXTIF -s $UNIVERSE -d $EXTIP -m state --state \ 483 ESTABLISHED,RELATED -j ACCEPT error message; Bad argument `state'
Try instead of running ./script.sh use "bash -x ./script.sh" this will show you what the script is doing and the commands that are run with variables expanded. -- My Main Blog http://etbe.coker.com.au/ My Documents Blog http://doc.coker.com.au/
Hi Victor, On 27/10/16 16:02, Chung Kin Mong via luv-main wrote:
Dear All,
I have a "iptables script file" which I copied from the net that work for years, it stopped working yesterday after I upgrade from Ubuntu 16.04 to 16.10. I am a beginner so the only way for me to diagnose the problem is to comment out line by line to see what cause the problems, my finding as follows;
482 $IPTABLES -A INPUT -i $EXTIF -s $UNIVERSE -d $EXTIP -m state --state \ 483 ESTABLISHED,RELATED -j ACCEPT error message; Bad argument `state'
offending line; 527 $IPTABLES -A OUTPUT -o $INTIF -s $EXTIP -d $INTNET -j ACCEPT error message; Bad argument `192.168.0.0/24'
offending line; 542 $IPTABLES -A OUTPUT -o $EXTIF -s $EXTIP -d $UNIVERSE -j ACCEPT error message; Bad argument `0.0.0.0/0'
offending line; 592 $IPTABLES -t nat -A POSTROUTING -o $EXTIF -j SNAT --to $EXTIP error message; iptables v1.6.0: option "--to" requires an argument
Also, variables INTNET=”192.168.0.0/24” and UNIVERSE=”0.0.0.0/0” It looks like all your problems actually comes from the $EXTIP variable. check the beginning of the script if it is initialised. I guess is the External IP address. It might be just assigned like EXTIP="xxxx" or your script might try to get it from the interface. If your script pools it from the interface, then that part might be stuffed. The common issue with some major releasese is the new rules of naming interfaces. make sure that EXTIF wasn't changed. Running the script with "bash -x script_name" will show you that $EXTIP is blank
Regards, Cristian
I have searched the net for answers but most of them indicate something like "miss typing" etc. However, as the file work fine up to Ubuntu 16.04 (I have not touch the file in any way) so something must have changed in 16.10 and I am out of ideas.
Thanks in advance for the assistance!
Best regards,
Victor Mong I am a beginner so the _______________________________________________ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
Hi Sean, Russell, Cristian and All, Thank you very much for all your help, you guys are really life saver! As a beginner, my understanding is the problems were caused by the (different) ways U16.04 and U16.10 handle/response to the command of "ifconfig" as mentioned by Sean! The solution is, as suggested by Sean, modify/change line 134 to ; EXTIP="`$IFCONFIG $EXTIF | $AWK '/inet\s/ { print $2 }'`" Thanks again Sean! Also thanks for Russell and Cristian, you two show me the correct way for diagnosing the problems and I have learnt a lot. Thanks again! Best regards, Victor Mong On 27/10/2016, Cristian Ilyes via luv-main <luv-main@luv.asn.au> wrote:
Hi Victor,
On 27/10/16 16:02, Chung Kin Mong via luv-main wrote:
Dear All,
I have a "iptables script file" which I copied from the net that work for years, it stopped working yesterday after I upgrade from Ubuntu 16.04 to 16.10. I am a beginner so the only way for me to diagnose the problem is to comment out line by line to see what cause the problems, my finding as follows;
482 $IPTABLES -A INPUT -i $EXTIF -s $UNIVERSE -d $EXTIP -m state --state \ 483 ESTABLISHED,RELATED -j ACCEPT error message; Bad argument `state'
offending line; 527 $IPTABLES -A OUTPUT -o $INTIF -s $EXTIP -d $INTNET -j ACCEPT error message; Bad argument `192.168.0.0/24'
offending line; 542 $IPTABLES -A OUTPUT -o $EXTIF -s $EXTIP -d $UNIVERSE -j ACCEPT error message; Bad argument `0.0.0.0/0'
offending line; 592 $IPTABLES -t nat -A POSTROUTING -o $EXTIF -j SNAT --to $EXTIP error message; iptables v1.6.0: option "--to" requires an argument
Also, variables INTNET=”192.168.0.0/24” and UNIVERSE=”0.0.0.0/0” It looks like all your problems actually comes from the $EXTIP variable. check the beginning of the script if it is initialised. I guess is the External IP address. It might be just assigned like EXTIP="xxxx" or your script might try to get it from the interface. If your script pools it from the interface, then that part might be stuffed. The common issue with some major releasese is the new rules of naming interfaces. make sure that EXTIF wasn't changed. Running the script with "bash -x script_name" will show you that $EXTIP is blank
Regards, Cristian
I have searched the net for answers but most of them indicate something like "miss typing" etc. However, as the file work fine up to Ubuntu 16.04 (I have not touch the file in any way) so something must have changed in 16.10 and I am out of ideas.
Thanks in advance for the assistance!
Best regards,
Victor Mong I am a beginner so the _______________________________________________ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
_______________________________________________ luv-main mailing list luv-main@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
participants (4)
-
Chung Kin Mong -
Cristian Ilyes -
Russell Coker -
Sean Crosby