OLá pessoal, estou tentando entender esta regars o qual é simples, mas quando starto o script e executo o comando para parar aparece estes erros
[root@servidor jgama]# trava_msn.sh stop Liberando msn...iptables: Bad rule (does a matching rule exist in that chain?) iptables: Bad rule (does a matching rule exist in that chain?) iptables: Bad rule (does a matching rule exist in that chain?) iptables: Bad rule (does a matching rule exist in that chain?) iptables: Bad rule (does a matching rule exist in that chain?) feito.
O que tem de errado neste script, ou melhor na regras de apagar
#!/bin/bash case "$1" in start) for i in $(cat /root/maquinas.txt) do /sbin/iptables -A FORWARD -p tcp -s $i -d 0/0 --dport 1863:1864 -j DROP /sbin/iptables -A FORWARD -p udp -s $i -d 0/0 --dport 1863:1864 -j DROP /sbin/iptables -A FORWARD -p tcp -s $i -d 0/0 --dport 6891:6901 -j DROP /sbin/iptables -A FORWARD -p tcp -s $i -d 0/0 --dport 5190 -j DROP /sbin/iptables -A FORWARD -s $i -d loginnet.passport.com -j DROP # /sbin/iptables -A FORWARD -s $i -m string --string "msn" -j DROP # /sbin/iptables -A FORWARD -s $i -m string --string "Msn" -j DROP # /sbin/iptables -A FORWARD -s $i -m string --string "MSN" -j DROP echo "$i travada para msn." done ;; *stop) for i in $(cat /root/maquinas.txt) do echo -n "Liberando msn..." /sbin/iptables -D FORWARD -p tcp -s $i -d 0/0 --dport 1863:1864 -j DROP /sbin/iptables -D FORWARD -p udp -s $i -d 0/0 --dport 1863:1864 -j DROP /sbin/iptables -D FORWARD -p tcp -s $i -d 0/0 --dport 6891:6901 -j DROP /sbin/iptables -D FORWARD -p tcp -s $i -d 0/0 --dport 5190 -j DROP /sbin/iptables -D FORWARD -s $i -d loginnet.passport.com -j DROP # /sbin/iptables -D FORWARD -s $i -m string --string "msn" -j DROP # /sbin/iptables -D FORWARD -s $i -m string --string "Msn" -j DROP # /sbin/iptables -D FORWARD -s $i -m string --string "MSN" -j DROP echo "feito." done ;; esac *