(Forwarded from Mark Grimshaw) Hi Gun, It may be something as simple as the 'ACCEPT' being on a different line to the main body of the command and therefore being treated as a command itself which will obviously lead to an error (although that could be word wrap in email clients). Try putting it on the same line. Mark G. On 24 Apr 2004 at 9:21, Gun Caundle wrote:

I am a newbie trying to create a firewall on RH9. I am using a script from the RH9 bible (p507). I am running a section at a time. What I have so far:

# (1) Policies (default) iptables _P INPUT DROP iptables -P OUTPUT DROP iptables -P FORWARD DROP

# (2) user-defined chain for ACCEPTED TCP packets iptables -N okay iptables -A okay -p TCP --syn -j ACCEPT iptables -A okay -p TCP -m state ESTABLISHED,RELATED -j ACCEPT iptables -A okay -p TCP -j DROP

This line is giving me some grief: 'iptables -A okay -p TCP -m state ESTABLISHED,RELATED -j ACCEPT' Because I get this error when I run it. 'firescript: line 23: ESTABLISHED,RELATED: command not found'

The author says this line "allows through packets associated with an ESTABLISHED connection (one that has already had traffic pass through the interface) or a RELATED connection (one that is starting a new connection related to an already-established connection)

Are there other commands I could use or another line of script that would do the same job? Any help would be appreciated.

Gun Caundle