[Firehol-support] error with firehol.conf processing.

Costa Tsaousis costa at tsaousis.gr
Sun Oct 31 01:08:35 CEST 2004


Hi,

There is something wrong in the first 6 lines of your firehol.conf and
somehow the BASH parser does not read them right. Can we see them?

Costa


> Hi Costa,
> It works in "firehol explain" but again fails when given for firehol.conf
> :(
>
> Praveen.
>
>
> On Sun, 31 Oct 2004 Costa Tsaousis wrote :
>>Hi,
>>
>> > "dnat to 10.96.6.201:22 inface eth0 dst 203.90.xxx.xxx proto tcp dport
>> 23"
>>
>>Please do:
>>
>>firehol explain
>>
>>at the prompt, enter the dnat line. Here is what mine says:
>>
>>---
>>
>># FireHOL [:] > dnat to 10.96.6.201:22 inface eth0 dst 203.90.xxx.xxx
>>proto tcp dport 23
>>
>>#
>>\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/
>># Cmd Line : 1
>># Command  : dnat to 10.96.6.201:22 inface eth0 dst 203.90.xxx.xxx proto
>>tcp dport 23
>>
>># Creating chain 'nat.1' under 'PREROUTING' in table 'nat'
>>/sbin/iptables -t nat -N nat.1
>>/sbin/iptables -t nat -A PREROUTING -i eth0 -p tcp -d 203.90.xxx.xxx
>>--dport 23 -j nat.1
>>
>># Taking the NAT action: 'dnat'
>>/sbin/iptables -t nat -A nat.1 -p tcp -j DNAT --to-destination
>> 10.96.6.201:22
>>
>># > OK <
>>
>>---
>>
>>Which seems ok. What is your output?
>>
>>Costa
>>
>>
>> >
>> > Hi All,
>> > I am using firehol-1.191 to configure my firewall and on parsing
>> > firehol.conf it says:
>> >
>> > ERROR: #1
>> > WHAT: A runtime command failed to execute(returned error 2).
>> > SOURCE: line 6 of /etc/firehol/firehol.conf
>> > COMMAND: /sbin/iptables -t nat -A nat.1 -p tcp -j DNAT
>> > OUTPUT:
>> >
>> > iptables V1.2.8: You must specify --to-destination
>> > Try \iptables -h' for more information.
>> > ---------------------
>> > the line 6 is:
>> > "dnat to 10.96.6.201:22 inface eth0 dst 203.90.xxx.xxx proto tcp dport
>> 23"
>> >
>> > Kindly help,
>> >
>> > Best Regards,
>> > praveen.
>>
>>
>






More information about the Firehol-support mailing list