Hi all,
I need to block access to an external IP address, on CentOS 5 with iptables, but can't seem to get it right.
I have the following options in /etc/sysconfig/iptables:
-A RH-Firewall-1-OUTPUT -d 87.89.180.50 -j LOG -A RH-Firewall-1-OUTPUT -d 87.89.180.50 - j DROP
But when I restart iptables, I get the following errors: Flushing firewall rules: [OK] Setting chains to policy ACCEPT: filter [OK] Unloading iptables modules: [OK] Applying iptables firewall rules: iptables-restore v1.3.5: Couldn't load target: 'RH-Firewall-1-OUTPUT':/lib/iptables/libipt_RH-Firewall-1-OUTPUT.so: cannot open shared object file: no such file or directory. [FAILED]
So, how can I block & log all outgoing traffic to this IP?
The server is off line, and I only have remote access via KVM-over-IP to it.
On Mon, Apr 6, 2009 at 2:04 PM, Ian Blackwell ian@ikel.id.au wrote:
Rudi Ahlers wrote:
I have the following options in /etc/sysconfig/iptables:
-A RH-Firewall-1-OUTPUT -d 87.89.180.50 -j LOG -A RH-Firewall-1-OUTPUT -d 87.89.180.50 - j DROP
Perhaps it is the space between the hyphen and the j on your second line?
Ian _______________________________________________
Hi Ian,
There's no space, I made a typo when I typed what I saw. I can't copy & past from the remote KVM.
Rudi Ahlers wrote:
On Mon, Apr 6, 2009 at 2:04 PM, Ian Blackwell ian@ikel.id.au wrote:
Rudi Ahlers wrote:
I have the following options in /etc/sysconfig/iptables:
-A RH-Firewall-1-OUTPUT -d 87.89.180.50 -j LOG -A RH-Firewall-1-OUTPUT -d 87.89.180.50 - j DROP
Perhaps it is the space between the hyphen and the j on your second line?
Ian _______________________________________________
Hi Ian,
There's no space, I made a typo when I typed what I saw. I can't copy & past from the remote KVM.
Excusing the space, your syntax looks OK - as long as you have something like this at the top of your file:- :RH-Firewall-1-OUTPUT - [0:0]
Can you send more detail about your OUTPUT chain?
Ian
On Mon, Apr 6, 2009 at 2:14 PM, Ian Blackwell ian@ikel.id.au wrote:
Rudi Ahlers wrote:
On Mon, Apr 6, 2009 at 2:04 PM, Ian Blackwell ian@ikel.id.au wrote:
Rudi Ahlers wrote:
I have the following options in /etc/sysconfig/iptables:
-A RH-Firewall-1-OUTPUT -d 87.89.180.50 -j LOG -A RH-Firewall-1-OUTPUT -d 87.89.180.50 - j DROP
Perhaps it is the space between the hyphen and the j on your second line?
Ian _______________________________________________
Hi Ian,
There's no space, I made a typo when I typed what I saw. I can't copy & past from the remote KVM.
Excusing the space, your syntax looks OK - as long as you have something like this at the top of your file:- :RH-Firewall-1-OUTPUT - [0:0]
Can you send more detail about your OUTPUT chain?
Ian _______________________________________________
Aha, that's what I've missed :)
-
Ian Blackwell -
Rudi Ahlers