iptables permission problem in perl scripts

Gavin Henry ghenry at suretecsystems.com
Sun Aug 14 10:27:51 CEST 2005


On Sunday 14 Aug 2005 08:34, afshin lamei wrote:
> Dear all,
> I have a cgi script, which uses some perl scripts in which i'm running
> iptables command using "system" function, like this:
> myfile.pl:
> ......
> system("iptables -F FORWARD")
> ......
>
> the cgi file is owned by root/root and is run by user nobody.
> myfile.pl is owned by root/root, and I've it setuid (chmod u+s
> myfile.pl ; chown root:nobody myfile.pl) to be able to run iptable
> commands, but it returns this error:
> /////
> modprobe: Can't locate module ip_tables.
> iptables v1.2.11: can't initialize iptables table `nat': Permission
> denied (you must be root) perhaps iptables or your kernel needs to be
> upgraded.
> /////
> what's the solution?

Use "sudo"

You can grant apache permission or another user etc.


-- 
Kind Regards,

Gavin Henry.
Open Source. Open Solutions(tm).

http://www.suretecsystems.com/



More information about the netfilter mailing list