Score:1

IPTables -m set unknown option

cn flag

I'm having trouble seting-up iptables on Ubuntu 20.04.

Does anyone know why this doesn't work?

# iptables -A INPUT -m set -–match-set cf src -p tcp -m multiport –dports http,https -j ACCEPT
iptables v1.8.4 (legacy): unknown option "set"
Try `iptables -h' or 'iptables --help' for more information.

My cf has the cloudflare ip's:

for x in $(curl https://www.cloudflare.com/ips-v4); do ipset add cf $x; done
Michael Hampton avatar
cz flag
Please post the output of `uname -a`
cn flag
@MichaelHampton `Linux server.example.com 5.4.0-80-generic #90-Ubuntu SMP Fri Jul 9 22:49:44 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux`
Score:2
cl flag
A.B

Incorrect syntax:

# iptables -A INPUT -m set -–match-set cf src -p tcp -m multiport –dports http,https -j ACCEPT

Correct syntax:

# iptables -A INPUT -m set --match-set cf src -p tcp -m multiport --dports http,https -j ACCEPT

At two places, one or two (hyphen: u002d) were replaced with a (en dash: u2013). Be careful when using word processors not designed for programming when copying scripts through them: they can alter what looks like punctuation to them but is a syntax that must not be altered. Same goes when retrieving this from some web sites not handling things correctly or even some PDF documents.

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.