解决iptables Setting chains to policy ACCEPT: security raw nat[FAILED]filter
<p> </p><div id="attachment_7780" class="wp-caption aligncenter"><img src="https://zhuji.jb51.net/uploads/img/20230517/74f2c416df4b93aec0003ab2969a0936.jpg" width="550" height="130"><p class="wp-caption-text">linode</p>
</div>
<p>在ttlsa迁移到靠谱云以前服务器用的是linode,目前还有一些站点依旧使用linode,算算看,我也是linode的忠实用户。有时候在重启iptables的时候总是会出现<strong>iptables: Setting chains to policy ACCEPT: security raw natfilter</strong> ,想想没什么影响就放着,但是终究是我终究是个强迫症患者,决定修复他。</p>
<h3>错误重现</h3>
<p></p><pre class="brush:bash;toolbar:false"># service iptables restart
iptables: Setting chains to policy ACCEPT: security raw natfilter
iptables: Flushing firewall rules: [ OK ]
iptables: Unloading modules: [ OK ]
iptables: Applying firewall rules: [ OK ]</pre><p></p>
<h3>错误原因</h3>
<p>Linode官方在iptables里加了一个security的规则链,但是centos不支持,既然不支持,我就做点手脚吧。</p>
<p> </p>
<h3>解决iptables: Setting chains to policy ACCEPT: security raw natfilter</h3>
<p>找到如下case段,在raw后面加上security)段,修改后如下。</p><pre class="brush:bash;toolbar:false"># vim /etc/init.d/iptables
for i in $tables; do
echo -n "$i "
case "$i" in
raw)
$IPTABLES -t raw -P PREROUTING $policy \
&& $IPTABLES -t raw -P OUTPUT $policy \
|| let ret+=1
;;
security)
$IPTABLES -t filter -P INPUT $policy \
&& $IPTABLES -t filter -P OUTPUT $policy \
&& $IPTABLES -t filter -P FORWARD $policy \
|| let ret+=1
;;</pre><p> </p>
<h3>重启iptables</h3>
<p></p><pre class="brush:bash;toolbar:false"># service iptables restart
iptables: Setting chains to policy ACCEPT: security raw nat[ OK ]filter
iptables: Flushing firewall rules: [ OK ]
iptables: Unloading modules: [ OK ]
iptables: Applying firewall rules: [ OK ]</pre><p> </p>
<p>呵呵,问题搞定了~</p>
頁:
[1]