ostridge
Guru
- Joined
- Jan 22, 2015
- Messages
- 1,628
- Reaction score
- 520
I got a little further, now it's just the rate limiting rules that won't add. Looks to me they are not written correctly for my version of iptables (v1.4.7).
Hi using the iptables command to add individual rules that you mention, will have thrown some shortcomings in the arguments used.
I found that the arguments as per the @jroper post ' -dport -state -rcheck -seconds -hitcount -set ' were typed with single '-' whereas double '--' worked for me;
It seems you need to substitute each of those arguments with one hyphen for two
' --dport --state --rcheck --seconds --hitcount --set' .
Having found that that worked I needed to do an edit of /etc/iptables/rules.v4 because the usual /sbin/iptables-save command was not much use according to @wardmundy where you have any added #comments and added with add-fqdn which include domain names and the like and which disappear during the save. The workaround being to edit /etc/iptables/rules.v4 where the same syntax seems to work but ommitting the preceding
Code:
iptables
So that was the reason for my post above.
When editing
Code:
nano /etc/iptables/rules.v4
Hope that works
Regards
Last edited: