Portál AbcLinuxu, 12. května 2025 06:14
root@45:~# echo $INTERNAL_NETWORK $INTERNAL_MASK $INTERNAL_INTERFACE
192.168.1.0 255.255.255.0 eth0
root@45:~# iptables -A FORWARD -s ! "$INTERNAL_NETWORK/$INTERNAL_MASK" -o "$INTERNAL_INTERFACE" -m state --state ESTABLISHED -j ACCEPT;
Bad argument `192.168.1.0/255.255.255.0'
Try `iptables -h' or 'iptables --help' for more information.
[!] -s, --source address[/mask][,...]
Source specification. Address can be either a network name, a hostname, a network IP address (with
/mask), or a plain IP address. Hostnames will be resolved once only, before the rule is
submitted to the kernel. Please note that specifying any name to be resolved with a remote query such as
DNS is a really bad idea. The mask can be either a network mask or a plain num‐
ber, specifying the number of 1's at the left side of the network mask. Thus, a mask of 24 is
equivalent to 255.255.255.0. A "!" argument before the address specification inverts the
sense of the address. The flag --src is an alias for this option. Multiple addresses can be specified,
but this will expand to multiple rules (when adding with -A), or will cause multiple
rules to be deleted (with -D).
Řešení dotazu:
29.8.2011 18:53
H0ax | skóre: 36
| blog: Odnikud_nikam
to me napadlo taky
root@45:~# iptables -A FORWARD -s ! "$INTERNAL_NETWORK/24" -o "$INTERNAL_INTERFACE" -m state --state ESTABLISHED -j ACCEPT;
Bad argument `192.168.1.0/24'
Try `iptables -h' or 'iptables --help' for more information.
29.8.2011 20:06
H0ax | skóre: 36
| blog: Odnikud_nikam
29.8.2011 19:00
michich | skóre: 51
| blog: ohrivane_parky
root@45:~# iptables -V
iptables v1.4.12
29.8.2011 20:26
michich | skóre: 51
| blog: ohrivane_parky
option: remove last traces of intrapositional negation
Tiskni
Sdílej:
ISSN 1214-1267, (c) 1999-2007 Stickfish s.r.o.