I'm having trouble with iptables after upgrading kernel, one of the rules in /etc/sysconfig/iptables is causing errors when restarting iptables, that is:
--------------------
:INPUT ACCEPT [51:14610]
--------------------
iptables: Applying firewall rules: iptables-restore v1.4.7: Can't set policy `INPUT' on `ACCEPT' line 10: Bad built-in chain name
when I try to ping some domains I get:
ping: sendmsg: Operation not permitted.
and my /etc/sysconfig/iptables is:
----------------------
Code: Select all
# Generated by iptables-save v1.4.7 on Mon Apr 22 12:03:49 2013
*raw
:PREROUTING ACCEPT [677581:1034642618]
:OUTPUT ACCEPT [395622:31477725]
COMMIT
# Completed on Mon Apr 22 12:03:49 2013
# Generated by iptables-save v1.4.7 on Mon Apr 22 12:03:49 2013
*nat
:PREROUTING ACCEPT [57:16626]
:INPUT ACCEPT [51:14610]
:OUTPUT ACCEPT [2201:142272]
:POSTROUTING ACCEPT [2201:142272]
COMMIT
# Completed on Mon Apr 22 12:03:49 2013
# Generated by iptables-save v1.4.7 on Mon Apr 22 12:03:49 2013
*mangle
:PREROUTING ACCEPT [677581:1034642618]
:INPUT ACCEPT [677575:1034640602]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [395622:31477725]
:POSTROUTING ACCEPT [395622:31477725]
COMMIT
# Completed on Mon Apr 22 12:03:49 2013
# Generated by iptables-save v1.4.7 on Mon Apr 22 12:03:49 2013
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [1:180]
:acctboth - [0:0]
:cP-Firewall-1-INPUT - [0:0]
-A INPUT -j cP-Firewall-1-INPUT
-A INPUT -j acctboth
-A FORWARD -j cP-Firewall-1-INPUT
-A OUTPUT -j acctboth
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 993 -j ACCEPT
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 2078 -j ACCEPT
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 53 -j ACCEPT
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 21 -j ACCEPT
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 2082 -j ACCEPT
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 2077 -j ACCEPT
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 26 -j ACCEPT
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 8080 -j ACCEPT
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 143 -j ACCEPT
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 995 -j ACCEPT
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 110 -j ACCEPT
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 25 -j ACCEPT
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 2086 -j ACCEPT
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 2087 -j ACCEPT
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 2095 -j ACCEPT
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 465 -j ACCEPT
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 2096 -j ACCEPT
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 3306 -j ACCEPT
-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 2083 -j ACCEPT
-A cP-Firewall-1-INPUT -p udp -m state --state NEW -m udp --dport 53 -j ACCEPT
COMMIT
# Completed on Mon Apr 22 12:03:49 2013
hope someone can help
TIA.