On Mon, 2016-01-04 at 22:37 +0000, William Harrington wrote: > Hello Daniel, > > Run the script one line at a time and you can add verbosity to iptables > with multiple verbose options "-v" or "-vv" or more, view the man page. > When you hit the error, you should get more information. I'm still > thinking something is wrong in the kernel config. > > Sincerely, > > William Harrington
Heya, here is the result with -v: iptables -v -A INPUT -p tcp --dport 22 -m conntrack --ctstate NEW -m recent --set --name SSH tcp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 tcp dpt:22 ctstate NEW recent: SET name: SSH side: source mask: 255.255.255.255 and the result with -vv (Only the parts with error): Entry 11 (2064): SRC IP: 0.0.0.0/0.0.0.0 DST IP: 0.0.0.0/0.0.0.0 Interface: `'/................to `'/................ Protocol: 0 Flags: 00 Invflags: 00 Counters: 0 packets, 0 bytes Cache: 00000000 Target name: `ERROR' [64] error=`SSH' Entry 12 (2240): SRC IP: 0.0.0.0/0.0.0.0 DST IP: 0.0.0.0/0.0.0.0 Interface: `'/................to `'/................ Protocol: 0 Flags: 00 Invflags: 00 Counters: 0 packets, 0 bytes Cache: 00000000 Target name: `' [40] verdict=RETURN Entry 13 (2392): SRC IP: 0.0.0.0/0.0.0.0 DST IP: 0.0.0.0/0.0.0.0 Interface: `'/................to `'/................ Protocol: 0 Flags: 00 Invflags: 00 Counters: 0 packets, 0 bytes Cache: 00000000 Target name: `ERROR' [64] error=`ERROR' I will turn on everything in regards to netfilter. Will get back to you with the results. Thanks. Regards, Daniel -- http://lists.linuxfromscratch.org/listinfo/lfs-support FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page Do not top post on this list. A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing? A: Top-posting. Q: What is the most annoying thing in e-mail? http://en.wikipedia.org/wiki/Posting_style
