On Tuesday 23 December 2003 12:31 pm, Jan Kaastrup wrote: > What do you want to do with this rule? Presumably the intention is to catch packets which are not part of an existing connection, but which are not SYN packets - eg FIN scans? Antony. > -----Original Message----- > From: netfilter-admin@xxxxxxxxxxxxxxxxxxx > [mailto:netfilter-admin@xxxxxxxxxxxxxxxxxxx] On Behalf Of ads nat > Sent: 23. december 2003 12:47 > To: netfilter@xxxxxxxxxxxxxxxxxxx > Subject: IPTABLES syntax problem. > > > Hi, > I am trying to setup IPTABLES rules. I am newbe to > this. > > One of the rule in filter table is > ####### > -A INPUT -p tcp ! --syn -m state --state NEW -j LOG > --log-prefix "New not syn:" > ############# > > I am getting following error : > > > [root@allweb root]# /etc/init.d/iptables restart > Flushing all current rules and user defined chains: > [ OK ] > Clearing all current rules and user defined chains: > [ OK ] > Applying iptables firewall rules: iptables-restore > v1.2.6a: Unknown arg `--syn' > Try `iptables-restore -h' or 'iptables-restore --help' > for more information. > > I am using /etc/init.d/iptables restart to apply > iptables rules. > > I think I have used proper syntax "--syn" from Oskar > Anderson IPTABLES tutorials. > > Looking for support. > Thanks > > __________________________________ > Do you Yahoo!? > Protect your identity with Yahoo! Mail AddressGuard > http://antispam.yahoo.com/whatsnewfree -- This email was created using 100% recycled electrons. Please reply to the list; please don't CC me.
