When trying to run iptables-restore on my iptables policies, 1.2.7 dies on the following line complaining about "unknown arg 113". -A INPUT -p tcp -m tcp --dport 113 -j REJECT --reject-with tcp-reset If I comment out the line.. then it dies on: -A INPUT -p icmp -m icmp --icmp-type 3 -j ACCEPT (which is the following line) with a message about "unknown arg 3".
iptables 1.2.7 is acting similar here also. the file ipt.tmp was generated by iptables-save > ipt.tmp tnt root # /sbin/iptables-restore < ipt.tmp iptables-restore v1.2.7: Unknown arg `80' Try `iptables-restore -h' or 'iptables-restore --help' for more information. line with "80" in it is this: -A INPUT -i eth0 -p tcp -m tcp --dport 80 -j ACCEPT similarily, the following fails with the same message tnt root # iptables-save|iptables-restore downgrading back to 1.2.6a-r1 solved this problem.
*** Bug 6907 has been marked as a duplicate of this bug. ***
I have masked iptables-1.2.7 as it contains bugs confirmed by the authors of iptables. A new version, 1.2.7a, is to be released ASAP. I will repoen these bugs and make sure the errors reported doesn't exist in the new version before unmasking 1.2.7a.
I've just commited iptables 1.2.7a. Please test this version and see if upstream has fixed your problems. It's currently masked, I need to know if this version works as expected before I can unmask.
I've just merged and tested (saved/restored/listed ruleset) iptables-1.2.7a and it seems to work just fine again.
