| View previous topic :: View next topic |
| Author |
Message |
Holysword
l33t
Joined: 19 Nov 2006
Posts: 946
Location: Greece
|
 Posted: Tue Jul 30, 2013 5:32 pm Post subject: [SOLVED] iptables service not starting |
 |
|
So, I have performed some major updates on my system (finally) and for some reason iptables service is not working anymore:
| Code: | ◢ perjanus ◣ ~ $ /etc/init.d/iptables start
* Loading iptables state and starting firewall ...
iptables-restore v1.4.19.1: state: option "--state" must be specified
Error occurred at line: 24
Try `iptables-restore -h' or 'iptables-restore --help' for more information. [ !! ]
* ERROR: iptables failed to start
◢ perjanus ◣ ~ $ |
I have no idea what line 24 that could be. The line 24 of the init script is "need localmount #434774", I'm not sure if that is any related...
_________________
"Nolite arbitrari quia venerim mittere pacem in terram non veni pacem mittere sed gladium" (Yeshua Ha Mashiach)
Last edited by Holysword on Thu Aug 01, 2013 4:06 am; edited 2 times in total |
|
| Back to top |
|
 |
papahuhn
l33t
Joined: 06 Sep 2004
Posts: 626
|
| Posted: Tue Jul 30, 2013 7:59 pm Post subject: |
|
|
What's in line 24 of /var/lib/iptables/rules-save?
_________________
Death by snoo-snoo! |
|
| Back to top |
|
|
Holysword
l33t
Joined: 19 Nov 2006
Posts: 946
Location: Greece
|
| Posted: Wed Jul 31, 2013 3:32 am Post subject: |
|
|
| papahuhn wrote: | | What's in line 24 of /var/lib/iptables/rules-save? |
Interesting. It is
| Code: | | [71677147:23248703227] -A INPUT -m state -j ACCEPT |
No idea what it means, I use fwbuilder to generate my iptables rules.
_________________
"Nolite arbitrari quia venerim mittere pacem in terram non veni pacem mittere sed gladium" (Yeshua Ha Mashiach) |
|
| Back to top |
|
|
papahuhn
l33t
Joined: 06 Sep 2004
Posts: 626
|
| Posted: Wed Jul 31, 2013 5:33 am Post subject: |
|
|
That rule is useless as seen here. You can either omit the whole line, or just remove "-m state", depending on the other rules for the input chain. Can you post the content of the whole file?
_________________
Death by snoo-snoo! |
|
| Back to top |
|
|
opotonil
l33t
Joined: 17 Jun 2005
Posts: 801
Location: 127.0.0.1
|
| Posted: Wed Jul 31, 2013 12:54 pm Post subject: |
|
|
| Quote: |
So, I have performed some major updates on my system (finally) and for some reason iptables service is not working anymore
|
Was updated the Kernel? Check kernel modules for iptables, seems as "state" option was not enabled.
_________________
Localnet
Films Localnet |
|
| Back to top |
|
|
Hu
Administrator
Joined: 06 Mar 2007
Posts: 23103
|
| Posted: Wed Jul 31, 2013 9:56 pm Post subject: |
|
|
| opotonil wrote: | | Was updated the Kernel? Check kernel modules for iptables, seems as "state" option was not enabled. |
Wrong. The problem is that the rule specifies to load the state module, but then does not specify anything to do with it. Therefore, it is flagged as an error. As papahuhn stated, the rule is pointless as written and should be modified or removed depending on factors the OP has not shown. |
|
| Back to top |
|
|
Holysword
l33t
Joined: 19 Nov 2006
Posts: 946
Location: Greece
|
| Posted: Thu Aug 01, 2013 2:50 am Post subject: |
|
|
| papahuhn wrote: | | That rule is useless as seen here. You can either omit the whole line, or just remove "-m state", depending on the other rules for the input chain. Can you post the content of the whole file? |
Sorry, for the delay!
I am afraid I don't have the old file anymore. I cleaned all the iptables rules and then used fwbuilder again to generate the rules. After I saved the new sane ones no problem occurred.
I have no idea why fwbuilder generated wrong rules to start with though.
_________________
"Nolite arbitrari quia venerim mittere pacem in terram non veni pacem mittere sed gladium" (Yeshua Ha Mashiach)
Last edited by Holysword on Thu Aug 01, 2013 4:20 am; edited 1 time in total |
|
| Back to top |
|
|
|
Networking & Security
