Itto
Advanced Member | Редактировать | Профиль | Сообщение | Цитировать | Сообщить модератору при попытке запуска имеем такое сообщение Код: >service iptables start Redirecting to /bin/systemctl start iptables.service Job for iptables.service failed because the control process exited with error code. See "systemctl status iptables.service" and "journalctl -xe" for details. | читаем далее Код: >systemctl status iptables.service ● iptables.service - IPv4 firewall with iptables Loaded: loaded (/usr/lib/systemd/system/iptables.service; enabled; vendor preset: disabled) Active: failed (Result: exit-code) since Sun 2016-10-30 15:05:50 MSK; 45s ago Process: 14892 ExecStart=/usr/libexec/iptables/iptables.init start (code=exited, status=1/FAILURE) Main PID: 14892 (code=exited, status=1/FAILURE) | Код: >journalctl -xe >Oct 30 15:05:50 mahadev polkitd[10467]: Registered Authentication Agent for unix-process:14877:23478676 (system bus name :1 Oct 30 15:05:50 mahadev iptables.init[14892]: iptables: Applying firewall rules: iptables-restore v1.4.21: no command speci Oct 30 15:05:50 mahadev iptables.init[14892]: Error occurred at line: 56 Oct 30 15:05:50 mahadev iptables.init[14892]: Try `iptables-restore -h' or 'iptables-restore --help' for more information. Oct 30 15:05:50 mahadev iptables.init[14892]: [FAILED] Oct 30 15:05:50 mahadev polkitd[10467]: Unregistered Authentication Agent for unix-process:14877:23478676 (system bus name lines 964-1001/1001 (END) | читаем /var/log/messages Код: Oct 30 15:05:50 mahadev iptables.init: iptables: Applying firewall rules: iptables-restore v1.4.21: no command specified Oct 30 15:05:50 mahadev iptables.init: Error occurred at line: 56 Oct 30 15:05:50 mahadev iptables.init: Try `iptables-restore -h' or 'iptables-restore --help' for more information. Oct 30 15:05:50 mahadev iptables.init: [FAILED] | и читаем 56 строку конфига и там видим COMMIT Кто подскажет - что я делаю не так ? как мне запустить iptables ?? вот конфиг целиком конфиг пока вообще не правился Помогие пожалуйста запустить . Код: # sample configuration for iptables service # you can edit this manually or use system-config-firewall # please do not ask us to add additional ports/services to this default configuration *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] UTPUT ACCEPT [0:0] :RH-Firewall-1-INPUT - [0:0] -A INPUT -p udp -m udp --dport ftp-data -j ACCEPT -A INPUT -p udp -m udp --dport ftp -j ACCEPT -A INPUT -p udp -m udp --dport domain -j ACCEPT -A INPUT -p tcp -m tcp --dport 20000 -j ACCEPT -A INPUT -p tcp -m tcp --dport 10000 -j ACCEPT -A INPUT -p tcp -m tcp --dport https -j ACCEPT -A INPUT -p tcp -m tcp --dport http -j ACCEPT -A INPUT -p tcp -m tcp --dport imaps -j ACCEPT -A INPUT -p tcp -m tcp --dport imap -j ACCEPT -A INPUT -p tcp -m tcp --dport pop3s -j ACCEPT -A INPUT -p tcp -m tcp --dport pop3 -j ACCEPT -A INPUT -p tcp -m tcp --dport ftp-data -j ACCEPT -A INPUT -p tcp -m tcp --dport ftp -j ACCEPT -A INPUT -p tcp -m tcp --dport domain -j ACCEPT -A INPUT -p tcp -m tcp --dport submission -j ACCEPT -A INPUT -p tcp -m tcp --dport smtp -j ACCEPT -A INPUT -p tcp -m tcp --dport ssh -j ACCEPT -A INPUT -p tcp -m tcp --dport 57643:57653 -j ACCEPT -A INPUT -p udp -m udp --dport ftp-data -j ACCEPT -A INPUT -p udp -m udp --dport ftp -j ACCEPT -A INPUT -p udp -m udp --dport domain -j ACCEPT -A INPUT -p tcp -m tcp --dport 20000 -j ACCEPT -A INPUT -p tcp -m tcp --dport 10000 -j ACCEPT -A INPUT -p tcp -m tcp --dport https -j ACCEPT -A INPUT -p tcp -m tcp --dport http -j ACCEPT -A INPUT -p tcp -m tcp --dport imaps -j ACCEPT -A INPUT -p tcp -m tcp --dport imap -j ACCEPT -A INPUT -p tcp -m tcp --dport pop3s -j ACCEPT -A INPUT -p tcp -m tcp --dport pop3 -j ACCEPT -A INPUT -p tcp -m tcp --dport ftp-data -j ACCEPT -A INPUT -p tcp -m tcp --dport ftp -j ACCEPT -A INPUT -p tcp -m tcp --dport domain -j ACCEPT -A INPUT -p tcp -m tcp --dport submission -j ACCEPT -A INPUT -p tcp -m tcp --dport smtp -j ACCEPT -A INPUT -p tcp -m tcp --dport ssh -j ACCEPT -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT -A INPUT -p icmp -j ACCEPT -A INPUT -i lo -j ACCEPT -A INPUT -p tcp -m state -m tcp --dport 22 --state NEW -j ACCEPT -A INPUT -j REJECT --reject-with icmp-host-prohibited -A FORWARD -j REJECT --reject-with icmp-host-prohibited -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT -A INPUT -p icmp -j ACCEPT -A INPUT -i lo -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT -A INPUT -j REJECT --reject-with icmp-host-prohibited -A FORWARD -j REJECT --reject-with icmp-host-prohibited COMMIT | | Всего записей: 1557 | Зарегистр. 05-02-2005 | Отправлено: 15:18 30-10-2016 | Исправлено: Itto, 15:23 30-10-2016 |
|