Uploaded image for project: 'Modules'
  1. Modules
  2. MODULES-451

firewall can't parse match extension tcp

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Normal
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: firewall
    • Labels:
      None
    • Template:

      Description

      This rule isn't recognized by firewall: /sbin/iptables -t mangle -A PREROUTING -d 1.2.3.4 -p tcp -m tcp -m multiport --dports 80,443,8140 -j MARK --set-mark 42

      The error is: Error: Could not run: Invalid address from IPAddr.new: -m

      This is due to the presence of -m tcp which was required on older iptables versions.

      I'm not sure about the ordering of -p tcp -m tcp or -m tcp -p tcp from iptables -t mangle -S

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                ashley.penney Ashley Penney
                Reporter:
                hunter Hunter (Hunner) Haugen
              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:

                  Zendesk Support