* Error when adding an entry to mangle/PREROUTING
@ 2009-02-09 20:08 Ralf
2009-02-09 20:38 ` Gilad Benjamini
0 siblings, 1 reply; 3+ messages in thread
From: Ralf @ 2009-02-09 20:08 UTC (permalink / raw)
To: netfilter
The following command brings an error ("iptables: Invalid argument"):
$IPTABLES -t mangle -A PREROUTING -p tcp --dport 9999 -j REJECT
What's wrong here?
^ permalink raw reply [flat|nested] 3+ messages in thread
* RE: Error when adding an entry to mangle/PREROUTING
2009-02-09 20:08 Error when adding an entry to mangle/PREROUTING Ralf
@ 2009-02-09 20:38 ` Gilad Benjamini
2009-02-10 9:59 ` Ralf
0 siblings, 1 reply; 3+ messages in thread
From: Gilad Benjamini @ 2009-02-09 20:38 UTC (permalink / raw)
To: 'Ralf', netfilter
Quoting from man iptables: " This target is only valid in the INPUT,
FORWARD and OUTPUT chains"
Since the validation is done by the kernel module, you don't see the error
message directly, but rather via syslog; e.g. in my case, in
/var/log/messages you see " kernel: ip_tables: REJECT target: only valid in
filter table, not mangle"
> -----Original Message-----
> From: netfilter-owner@vger.kernel.org [mailto:netfilter-
> owner@vger.kernel.org] On Behalf Of Ralf
> Sent: Monday, February 09, 2009 12:08 PM
> To: netfilter@vger.kernel.org
> Subject: Error when adding an entry to mangle/PREROUTING
>
> The following command brings an error ("iptables: Invalid argument"):
>
> $IPTABLES -t mangle -A PREROUTING -p tcp --dport 9999 -j REJECT
>
> What's wrong here?
>
> --
> To unsubscribe from this list: send the line "unsubscribe netfilter" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: Error when adding an entry to mangle/PREROUTING
2009-02-09 20:38 ` Gilad Benjamini
@ 2009-02-10 9:59 ` Ralf
0 siblings, 0 replies; 3+ messages in thread
From: Ralf @ 2009-02-10 9:59 UTC (permalink / raw)
To: netfilter
Gilad Benjamini wrote:
> Quoting from man iptables: " This target is only valid in the INPUT,
> FORWARD and OUTPUT chains"
>
> Since the validation is done by the kernel module, you don't see the error
> message directly, but rather via syslog; e.g. in my case, in
> /var/log/messages you see " kernel: ip_tables: REJECT target: only valid in
> filter table, not mangle"
DROP works, but REJECT does not work.
Maybe it is a bug/oversight, because IMHO I don't see any reason
why REJECT shouldn't be allowed here.
>> -----Original Message-----
>> From: netfilter-owner@vger.kernel.org [mailto:netfilter-
>> owner@vger.kernel.org] On Behalf Of Ralf
>> Sent: Monday, February 09, 2009 12:08 PM
>> To: netfilter@vger.kernel.org
>> Subject: Error when adding an entry to mangle/PREROUTING
>>
>> The following command brings an error ("iptables: Invalid argument"):
>>
>> $IPTABLES -t mangle -A PREROUTING -p tcp --dport 9999 -j REJECT
>>
>> What's wrong here?
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2009-02-10 9:59 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2009-02-09 20:08 Error when adding an entry to mangle/PREROUTING Ralf
2009-02-09 20:38 ` Gilad Benjamini
2009-02-10 9:59 ` Ralf
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.