I found the fix for restart or start iptables regarding the error message in
http://sysadmin.techmentor.com/2012/12/ ... -iptables/But the patch will not work, you must fix it manually.
- to fix it you must edit the file /etc/init.d/iptables by:
vim /etc/init.d/iptables
- around line 138 look for the following code:
echo -n $"${IPTABLES}: Setting chains to policy $policy: "
ret=0
for i in $tables; do
echo -n "$i "
case "$i" in
raw)
$IPTABLES -t raw -P PREROUTING $policy
&& $IPTABLES -t raw -P OUTPUT $policy
|| let ret+=1
;;
- now replace it for this one:
echo -n $"${IPTABLES}: Setting chains to policy $policy: "
ret=0
for i in $tables; do
echo -n "$i "
case "$i" in
security)
$IPTABLES -t security -P INPUT $policy
&& $IPTABLES -t security -P OUTPUT $policy
&& $IPTABLES -t security -P FORWARD $policy
|| let ret+=1
;;
raw)
$IPTABLES -t raw -P PREROUTING $policy
&& $IPTABLES -t raw -P OUTPUT $policy
|| let ret+=1
;;
* hit key "Ins" so that you go to edit mode and be able to insert text
* hit key "Esc" to leave edit mode
* hit key ":" + key "x" + key "Enter" to save and close the file
- to test if is fixed:
service iptables restart
- the good output will be like this:
[root@server]# service iptables restart
iptables: Flushing firewall rules: [ OK ]
iptables: Setting chains to policy ACCEPT: security raw nat[ OK ]filter
iptables: Unloading modules: [ OK ]
[root@server]#
- A bad output will be like this:
[code][root@server ~]# service iptables restart
iptables: Flushing firewall rules: [ OK ]
iptables: Setting chains to policy ACCEPT: security raw nat[FAILED]filter
iptables: Unloading modules: [ OK ]
[/code]