Discussion:
An state argument.
Sthu Deus
2012-07-13 07:53:30 UTC
Permalink
Good time of the day.


This does not work for me:

/sbin/iptables -I INPUT 4 -p tcp -m tcp --dport 25 -m state NEW -m
recent --update --seconds 60 --hitcount 10 -j LOG --log-prefix
INPUT-EXTRA_SMTP-> --log-level 1

giving this error:

Bad argument `NEW'

According to man, it is correct. Please advice how I can accomplish
this. OR Is it a bug and should be reported?


Thanks for Your time.
Markus Jochim
2012-07-13 07:59:57 UTC
Permalink
Post by Sthu Deus
Good time of the day.
/sbin/iptables -I INPUT 4 -p tcp -m tcp --dport 25 -m state NEW -m
recent --update --seconds 60 --hitcount 10 -j LOG --log-prefix
INPUT-EXTRA_SMTP-> --log-level 1
Bad argument `NEW'
According to man, it is correct. Please advice how I can accomplish
this. OR Is it a bug and should be reported?
Thanks for Your time.
With -m state you only load the module, you can't specify another
argument there. Try -m state --state NEW.
Rainer Nagel
2012-07-13 08:04:27 UTC
Permalink
Hi Sthu,
/sbin/iptables -I INPUT 4 -p tcp -m tcp --dport 25 -m state NEW -m recent --update --seconds 60 --hitcount 10 -j LOG --log-prefix INPUT-EXTRA_SMTP-> --log-level 1
/sbin/iptables -I INPUT 4 -p tcp -m tcp --dport 25 -m state --state NEW -m recent --update --seconds 60 --hitcount 10 -j LOG --log-prefix INPUT-EXTRA_SMTP-> --log-level 1

Hint:
the ">" needs to be escaped on the commandline:

/sbin/iptables -I INPUT 4 -p tcp -m tcp --dport 25 -m state --state NEW -m recent --update --seconds 60 --hitcount 10 -j LOG --log-prefix INPUT-EXTRA_SMTP-\> --log-level 1
Bad argument `NEW'
According to man, it is correct. Please advice how I can accomplish
this. OR Is it a bug and should be reported?
Ciao
--
Rainer Nagel, freenet Datenkommunikations GmbH ***@freenet.ag
WillstÀtterStr. 13, D-40549 DÌsseldorf Tel.: +49 211 53087 423
GeschÀftsfÌhrung: Stephan Esch, Nicolas Tetau Fax.: +49 211 53087 500
Sitz der Gesellschaft: Hamburg HRB 88147, Amtsgericht Hamburg
Loading...