-----Original Message----- From: Juan Alberto Cirez [mailto:[EMAIL PROTECTED] Sent: Friday, September 05, 2003 5:11 PM To: [EMAIL PROTECTED] Subject: Re: (clug-talk) Stuck with RH9 iptables install
> Here is a crazy idea: Try running some of the commands on the script at the command line. > If you keep getting the no file or directory found error everytime you type /sbin/iptables > it may be because the iptables binary is not at /sbin/iptables. > which iptables Returns /sbin/iptables > or > find / -name "iptables" -print > may tell you where it is. Returns: /var/lock/subsys/iptables /etc/sysconfig/iptables /etc/rc.d/init.d/iptables /lib/iptables /sbin/iptables > Again, running some of the commands on the script by hand is a sure fire way to figure out where > things go wrong. > If the script gives an error to tell you you're missing a kernel module, then use a command to > list all the loaded modules and see if the one you're missing is being loaded. If not, then you > will have to re-compile the kernel to include it... The module in question IS NOT in the list. Instead, the following entries are shown: ... ipt_LOG 4152 (autoclean) iptable_nat 21720 (unused) ip_conntrack_ftp 5295 (unused) ip_conntrack 26976 [iptable_nat ip_conntrack_ftp] iptable_filter 2412 (autoclean) ip_tables 15096 [ipt_LOG iptable_nat iptable_filter] ... Here is _my_ crazy idea: what if "ip_nat_ftp" is obsoleted by RH9? After all, I am not even sure if I need it. I certainly need NAT for routing between Net and LAN, but it might be handled by "iptable_nat" module that I DO have on the list? Finally, I did run some of the script commands "by hand", such as: /sbin/iptables -F /sbin/iptables -t nat -F /sbin/iptables -P INPUT DROP No complaints. To be sure, I misspelled one command: /sbin/iptables -P IMPUT DRIP Got the following error: iptables: Bad built-in chain name. In other words, it is working - but not in the script. So, by now the question should be: what is wrong with my script? Would you like me to post it in its entirety (I cut it down to a few lines that still reproduce the problem) so that you could try it at your end? Regards, Alex.
