"bad argument" trouble with iptables-restore (ipt v.1.3.4 +
gentoo 2.6.16)
Patrick McHardy
kaber at trash.net
Thu May 25 19:50:48 CEST 2006
Eric White wrote:
> With a little more experimentation, I see that manually poking a new
> chain definition (e.g., "iptables -t filter -N :A:Svc:ABD ") and then
> issuing iptables-save generates a
>
> ::A:Svc:ABD - [0:0]
>
> line in the output. So, I modified the ruleset, replacing all -N
> occurrences with the corresponding ":" prefix and added the "- [0:0]'
> suffix, with the same result; i.e., the COMMIT line generates a "bad
> argument" error.
This usually means that a previously used match/target didn't
ignore unknown arguments as it ought to do. I suggest to
try the latest iptables version (there are a couple of these
fixes in each release), if that doesn't help please try to
find out which match or target is responsible by removing
individual lines until the error goes away.
More information about the netfilter-devel
mailing list