怪事-RH9启动时 rc.local 无法运行脚本
怪事-RH9启动时 rc.local 中 IPTABLES 的命令(附后面)不能运行,提示:
------------------------------------------------
# cd /etc/rc.d
# ./rc.local
: command not found:
iptables: No chain/target/match by that name
iptables: No chain/target/match by that name
: command not found:
'ptables v1.2.7a: Invalid target name `MASQUERADE
Try `iptables -h' or 'iptables --help' for more information.
: command not found:
'ptables v1.2.7a: Invalid target name `ACCEPT
Try `iptables -h' or 'iptables --help' for more information.
'ptables v1.2.7a: Invalid target name `ACCEPT
Try `iptables -h' or 'iptables --help' for more information.
'ptables v1.2.7a: Invalid target name `DROP
Try `iptables -h' or 'iptables --help' for more information.
: command not found:
'ptables v1.2.7a: Invalid target name `DROP
Try `iptables -h' or 'iptables --help' for more information.
'ptables v1.2.7a: Invalid target name `DROP
Try `iptables -h' or 'iptables --help' for more information.
: command not found:
: 娌℃湁閭d釜鏂囦欢鎴栫洰褰?/proc/sys/net/ipv4/ip_forward
# iptables -F
# iptables -t nat -F
#
------------------------------------------------
IPTABLES 的命令如下:
------------------------------------------------
# Then flush all rules
iptables -F
iptables -t nat -F
# Below means 'route 192.168.1.x'
iptables -t nat -A POSTROUTING -d ! 192.168.1.0/24 -j MASQUERADE
iptables -A FORWARD -s 192.168.1.0/24 -j ACCEPT
iptables -A FORWARD -d 192.168.1.0/24 -j ACCEPT
iptables -A FORWARD -s ! 192.168.1.0/24 -j DROP
# port 113 is evil ;)
iptables -A INPUT --protocol udp --source-port 113 -j DROP
iptables -A INPUT --protocol udp --destination-port 113 -j DROP
# Turn on IP forwarding
echo 1 > /proc/sys/net/ipv4/ip_forward
------------------------------------------------
受-微-软-压迫中
HELP!
先谢了! :oops:
help !!!
:?: 怪!!! 我用的是双网卡 没什么好怪的,rc.local内容写错了 命令行上一步步执行时没问题
放到脚本 firewall 中:
--------------------------------------------------------
#! /bin/bash
# Load required modules
#insmod ip_tables
#insmod ip_conntrack
#insmod iptable_nat
#insmod ipt_MASQUERADE
modprobe iptable_nat
modprobe ip_table
modprobe ip_nat_table
modprobe ip_conntrack
modprobe ip_conntrack_ftp
# Then flush all rules
/sbin/iptables -F
/sbin/iptables -t nat -F
# Below means 'route 192.168.1.x'
/sbin/iptables -t nat -A POSTROUTING -d ! 192.168.1.0/24 -j MASQUERADE
/sbin/iptables -A FORWARD -s 192.168.1.0/24 -j ACCEPT
/sbin/iptables -A FORWARD -d 192.168.1.0/24 -j ACCEPT
/sbin/iptables -A FORWARD -s ! 192.168.1.0/24 -j DROP
# port 113 is evil
/sbin/iptables -A INPUT --protocol udp --source-port 113 -j DROP
/sbin/iptables -A INPUT --protocol udp --destination-port 113 -j DROP
# Turn on IP forwarding
echo 1 > /proc/sys/net/ipv4/ip_forward
--------------------------------------------------------
单独执行这个脚本的情况如下:
--------------------------------------------------------
# ./firewall
: bad interpreter: 娌℃湁閭d釜鏂囦欢鎴栫洰褰?# firewall
bash: firewall: command not found
# bash firewall
modprobe: Can't locate module
modprobe: Can't locate module
: command not found
iptables: No chain/target/match by that name
iptables: No chain/target/match by that name
: command not found
'ptables v1.2.7a: Invalid target name `MASQUERADE
Try `iptables -h' or 'iptables --help' for more information.
: command not found
'ptables v1.2.7a: Invalid target name `ACCEPT
Try `iptables -h' or 'iptables --help' for more information.
'ptables v1.2.7a: Invalid target name `ACCEPT
Try `iptables -h' or 'iptables --help' for more information.
'ptables v1.2.7a: Invalid target name `DROP
Try `iptables -h' or 'iptables --help' for more information.
: command not found
'ptables v1.2.7a: Invalid target name `DROP
Try `iptables -h' or 'iptables --help' for more information.
'ptables v1.2.7a: Invalid target name `DROP
Try `iptables -h' or 'iptables --help' for more information.
: command not found
: 娌℃湁閭d釜鏂囦欢鎴栫洰褰昿roc/sys/net/ipv4/ip_forward
#
--------------------------------------------------------
我们原来用 I S A 作防火墙, (全-部-盗-板)
现被-微-软-查到,只好买了正版瘟酒吧,防火墙改用REDHAT9
我们用的是ADSL专线,有固定IP
先谢了! #! /bin/bash
# Load required modules
#insmod ip_tables
#insmod ip_conntrack
#insmod iptable_nat
#insmod ipt_MASQUERADE
modprobe ip_tables
modprobe iptable_nat
modprobe ip_conntrack
modprobe ip_conntrack_ftp
# Then flush all rules
/sbin/iptables -F
/sbin/iptables -t nat -F
# Below means 'route 192.168.1.x'
/sbin/iptables -t nat -A POSTROUTING -d ! 192.168.1.0/24 -j MASQUERADE
/sbin/iptables -A FORWARD -s 192.168.1.0/24 -j ACCEPT
/sbin/iptables -A FORWARD -d 192.168.1.0/24 -j ACCEPT
/sbin/iptables -A FORWARD -s ! 192.168.1.0/24 -j DROP
# port 113 is evil
/sbin/iptables -A INPUT --protocol udp --source-port 113 -j DROP
/sbin/iptables -A INPUT --protocol udp --destination-port 113 -j DROP
# Turn on IP forwarding
echo 1 > /proc/sys/net/ipv4/ip_forward
保存为firewall,加上可执行属性 保存为firewall,加上可执行属性后
还是一样
输出贴出如下:
_________________
# cd /etc/rc.d
# ./firewall
iptables: No chain/target/match by that name
iptables: No chain/target/match by that name
: command not found
'ptables v1.2.7a: Invalid target name `MASQUERADE
Try `iptables -h' or 'iptables --help' for more information.
: command not found
'ptables v1.2.7a: Invalid target name `ACCEPT
Try `iptables -h' or 'iptables --help' for more information.
'ptables v1.2.7a: Invalid target name `ACCEPT
Try `iptables -h' or 'iptables --help' for more information.
'ptables v1.2.7a: Invalid target name `DROP
Try `iptables -h' or 'iptables --help' for more information.
: command not found:
'ptables v1.2.7a: Invalid target name `DROP
Try `iptables -h' or 'iptables --help' for more information.
'ptables v1.2.7a: Invalid target name `DROP
Try `iptables -h' or 'iptables --help' for more information.
: command not found:
: 没有那个文件或目录?/proc/sys/net/ipv4/ip_forward
#
页:
[1]