我在用iptables 做防火墙时遇到一些问题，请大家帮忙了

bulebell2222

我在用iptables 做防火墙时遇到一些问题
我是这样做iptables  -A INPUT -i eth1 -s <address/mask> -j DROP
错误是这样的：address mask :no such file or directory
iptables -A INPUT -i eth1 -p icmp -s 0.0.0.0 --sport 4 -d 192.168.19.41 -j ACCEPT
错误是这样的：unknown arg '--sport'
我是这样做:iptables -A OUPUT -i eth1 -p icmp -s 192.168.19.41 --dport 3 -d 0.0.0.0 -j ACCEPT fragmentation-needed -d 0.0.0.0 -j ACCEPT
错误是这样的:bad argument fragmentation-needed

yongjian

I am not sure the first problem. the second might becuase of icmp does not have --sport or --dport options. It is only for tcp protocol. see man iptables

yongjian

the last one is because of the --icmp-type option not present.