iptables-restore failing to load my rules
It's because that file is not in the expected format. You should add your rules manually the first time, then use iptables-save to get a file in the expected format.
However it's quite simple to "mimic" the format that iptables-restore expects.
Add a line with just *filter at the top of the file.
Add a line with just COMMIT at the bottom.
So you end up looking like this:
*filter
# Allows SMTP access
-A INPUT -p tcp --dport 25 -j ACCEPT
# Allows pop and pops connections
-A INPUT -p tcp --dport 110 -j ACCEPT
-A INPUT -p tcp --dport 995 -j ACCEPT
# Allows imap and imaps connections
-A INPUT -p tcp --dport 143 -j ACCEPT
-A INPUT -p tcp --dport 993 -j ACCEPT
COMMIT
There's a few other snippets it should have too but that should make it work. After doing this, you can use iptables-save >filename to get the fully correctly formatted save file into filename.
Note that if you do use iptables-save your comments in the file will be lost (it will replace the entire file with its own similar formatted one).
Related videos on Youtube
11 : 09
02 : 25
04 : 17
04 : 26
03 : 30
Søren Lorentzen
Updated on September 18, 2022Comments
-
Søren Lorentzen over 1 year
I've been searching around for some time now, but nothing solves my problem. I'm setting up a mail server, but when writing to the iptables, I get an error:
iptables-restore: line 2 failed.
I'm trying to use the following /etc/iptables.test.rules:
# Allows SMTP access -A INPUT -p tcp --dport 25 -j ACCEPT # Allows pop and pops connections -A INPUT -p tcp --dport 110 -j ACCEPT -A INPUT -p tcp --dport 995 -j ACCEPT # Allows imap and imaps connections -A INPUT -p tcp --dport 143 -j ACCEPT -A INPUT -p tcp --dport 993 -j ACCEPTAfter this, I'm issuing the following command:
sudo iptables-restore < /etc/iptables.test.rulesHowever I get returned this:
iptables-restore: line 2 failed.I don't know what the problem is. Can anyone clarify?
I'm using Ubuntu 10.10 LTS