I'm able to run the first rule with no error. The second rule gives me the same error and when I remove the '--dport 3128' part, it goes through. Do you really need to restrict the rule to only '--dport 3128'?
Ramin On Fri, Apr 26, 2002 at 09:20:28AM -0500, monkey wrote: > Okay, I'm feeling really stupid right now. Whenever I run my script I see tons of >errors. Most of them have to do > with port designations. So, can someone slap me with a clue bat, please?!! First I >see: > > iptables v1.2.6a: invalid port/service '1024:' specified > > One of the "offending" lines looks like this: > > iptables -A OUTPUT -p tcp -o eth0 -s 192.168.0.254 --sport 22 -d any/0 --dport 1024: >-j ACCEPT > > So, what is glaringly wrong here? If nothing, then why the hell is iptables >complaining?!! > > The other errors I get deal with the multiport match. For example: > > iptables v1.2.6a: multiport can only have one option > > An "offending" line looks like this: > > iptables -A INPUT -p tcp -m multiport --source-ports 80,443,8080 -i eth0 -s any/0 \ > -d 192.168.0.254 --dport 3128 -j ACCEPT > > So, what's wrong here? I mean, isn't the definition of the multiport match the >ability to match multiple ports? I > don't see anything wrong with the syntax. So, where have I messed up? > > netfilter/iptables is just kicking my ass all over the place this week. So, I'm >begging, a little help here, eh? > > geoffrey > -- > +++++++++++++++++++++++++++++++++++ > Santa Claus, > the Tooth Fairy, > Windows 2000 ... > Some things you just outgrow. > +++++++++++++++++++++++++++++++++++
