Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
[SOLVED] iptables service not starting
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
Holysword
l33t
l33t


Joined: 19 Nov 2006
Posts: 946
Location: Greece

PostPosted: Tue Jul 30, 2013 5:32 pm    Post subject: [SOLVED] iptables service not starting Reply with quote

So, I have performed some major updates on my system (finally) and for some reason iptables service is not working anymore:

Code:
◢ perjanus ◣ ~ $  /etc/init.d/iptables start
 * Loading iptables state and starting firewall ...
iptables-restore v1.4.19.1: state: option "--state" must be specified

Error occurred at line: 24
Try `iptables-restore -h' or 'iptables-restore --help' for more information.                                                        [ !! ]
 * ERROR: iptables failed to start
◢ perjanus ◣ ~ $


I have no idea what line 24 that could be. The line 24 of the init script is "need localmount #434774", I'm not sure if that is any related...
_________________
"Nolite arbitrari quia venerim mittere pacem in terram non veni pacem mittere sed gladium" (Yeshua Ha Mashiach)


Last edited by Holysword on Thu Aug 01, 2013 4:06 am; edited 2 times in total
Back to top
View user's profile Send private message
papahuhn
l33t
l33t


Joined: 06 Sep 2004
Posts: 623

PostPosted: Tue Jul 30, 2013 7:59 pm    Post subject: Reply with quote

What's in line 24 of /var/lib/iptables/rules-save?
_________________
Death by snoo-snoo!
Back to top
View user's profile Send private message
Holysword
l33t
l33t


Joined: 19 Nov 2006
Posts: 946
Location: Greece

PostPosted: Wed Jul 31, 2013 3:32 am    Post subject: Reply with quote

papahuhn wrote:
What's in line 24 of /var/lib/iptables/rules-save?

Interesting. It is
Code:
[71677147:23248703227] -A INPUT -m state -j ACCEPT

No idea what it means, I use fwbuilder to generate my iptables rules.
_________________
"Nolite arbitrari quia venerim mittere pacem in terram non veni pacem mittere sed gladium" (Yeshua Ha Mashiach)
Back to top
View user's profile Send private message
papahuhn
l33t
l33t


Joined: 06 Sep 2004
Posts: 623

PostPosted: Wed Jul 31, 2013 5:33 am    Post subject: Reply with quote

That rule is useless as seen here. You can either omit the whole line, or just remove "-m state", depending on the other rules for the input chain. Can you post the content of the whole file?
_________________
Death by snoo-snoo!
Back to top
View user's profile Send private message
opotonil
l33t
l33t


Joined: 17 Jun 2005
Posts: 801
Location: 127.0.0.1

PostPosted: Wed Jul 31, 2013 12:54 pm    Post subject: Reply with quote

Quote:

So, I have performed some major updates on my system (finally) and for some reason iptables service is not working anymore


Was updated the Kernel? Check kernel modules for iptables, seems as "state" option was not enabled.
_________________
Localnet
Films Localnet
Back to top
View user's profile Send private message
Hu
Moderator
Moderator


Joined: 06 Mar 2007
Posts: 13509

PostPosted: Wed Jul 31, 2013 9:56 pm    Post subject: Reply with quote

opotonil wrote:
Was updated the Kernel? Check kernel modules for iptables, seems as "state" option was not enabled.
Wrong. The problem is that the rule specifies to load the state module, but then does not specify anything to do with it. Therefore, it is flagged as an error. As papahuhn stated, the rule is pointless as written and should be modified or removed depending on factors the OP has not shown.
Back to top
View user's profile Send private message
Holysword
l33t
l33t


Joined: 19 Nov 2006
Posts: 946
Location: Greece

PostPosted: Thu Aug 01, 2013 2:50 am    Post subject: Reply with quote

papahuhn wrote:
That rule is useless as seen here. You can either omit the whole line, or just remove "-m state", depending on the other rules for the input chain. Can you post the content of the whole file?

Sorry, for the delay!
I am afraid I don't have the old file anymore. I cleaned all the iptables rules and then used fwbuilder again to generate the rules. After I saved the new sane ones no problem occurred.
I have no idea why fwbuilder generated wrong rules to start with though.
_________________
"Nolite arbitrari quia venerim mittere pacem in terram non veni pacem mittere sed gladium" (Yeshua Ha Mashiach)


Last edited by Holysword on Thu Aug 01, 2013 4:20 am; edited 1 time in total
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum