These forums are read-only!
iptables config in ubuntu 9.10 karmic
  • digitalronin
    I'm setting up a new Ubuntu Karmic slice, and I'm getting the following warning when I configure iptables;

    --
    Using intrapositioned negation (`--option ! this`) is deprecated in favor of extrapositioned (`! --option this`).
    --

    I think the offending line is this;

    --
    -A INPUT -d 127.0.0.0/255.0.0.0 -i ! lo -j REJECT --reject-with icmp-port-unreachable
    --

    I think the command is still working, because iptables -L gives this as the first few lines;

    --
    Chain INPUT (policy ACCEPT)
    target prot opt source destination
    ACCEPT all -- anywhere anywhere
    REJECT all -- anywhere 127.0.0.0/8 reject-with icmp-port-unreachable
    --

    Does anyone know the correct syntax to use from now on? I don't want to keep using a form that's been deprecated.

    Thanks in advance

    David
  • jwilhelmjwilhelm

    If I'm reading it right, it's a pretty simple change, all you need is:

    -A INPUT -d 127.0.0.0/255.0.0.0 ! -i lo -j REJECT --reject-with icmp-port-unreachable

    (Moving the ! before -i rather than after it)

  • digitalronin
    D'oh! I tried 4 or five variants, and managed to miss that one.

    Many thanks for your help.

    David
  • iChaitanya
    "Using intrapositioned negation (`--option ! this`) is deprecated in favor of extrapositioned (`! --option this`)."

    ...that's what it said. :)
Add a Comment