Changing iptable policy

11-12-2003, 10:13 PM

All,

I am trying to use set up a syslog server to capture syslog events
outside a firewall. So, I am using Redhat 9.0
(Linux version 2.4.20-8) and IPTABLES to prevent unwanted access. The
issue I am having is changing the policy.

I want to create a new chain and have the policy to changed to DROP.
Each time I enter the command iptables -P FIRE DROP, I get the
following error message: iptables: Bad built-in chain name

However, if I change one of the default chains of INPUT, FORWARD or
OUTPUT with the command iptables -P INPUT DROP, the command is
accepted. What am I missing?

(E-Mail Removed)

11-12-2003, 11:05 PM

tjcreek55 wrote:
> I want to create a new chain and have the policy to changed to DROP.
> Each time I enter the command iptables -P FIRE DROP, I get the
> following error message: iptables: Bad built-in chain name
>
> However, if I change one of the default chains of INPUT, FORWARD or
> OUTPUT with the command iptables -P INPUT DROP, the command is
> accepted. What am I missing?

User-defined chains cannot have policies.

See
man iptables

You should add a catch-all rule to the end of your chain.
iptables -A FIRE DROP

YAMABANA Kengou
Gifu, Japan

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
iptable rules not being hit	R C V	Linux Networking	4	04-15-2008 01:22 PM
Cant locate wireless network policy in group policy	Tom	Windows Networking	0	05-11-2005 02:28 PM
Help on NetMeeting over iptable	Eric	Linux Networking	0	10-03-2003 11:51 AM
RFE entries in IPTABLE	Rob Simac	Linux Networking	2	09-25-2003 05:27 PM
iptable question	Rob Simac	Linux Networking	1	09-11-2003 10:46 PM