Red Hat Bugzilla – Bug 101140
iptables v1.2.6a: Unknown arg `--gid-owner'
Last modified: 2007-04-18 12:56:18 EDT
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.0.2)
Description of problem:
Trying to use:
iptables -A OUTPUT -m owner --gid-owner 513 -j REJECT
iptables: Invalid argument
Under iptables v1.2.5 (on Enterprise Edition of RH)the line above is
syntactically correct. I know because I typed the line out and the command was
accepted. Also, I can see the rule appear on the OUPUT chain (when I type
When typing "iptables -A OUTPUT -m owner --gid-owner" I get the error listed on
the summary line.
Something has changed the funtionallity of iptables. An seldom used version of
RedHat (Dual boot) yields the same error.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1.iptables -A OUTPUT -m owner --gid-owner 513 -j REJECT
2.<return and/or enter>
Actual Results: iptables: Invalid argument
Expected Results: No error.
iptables -L should list a new rule in the OUTPUT Chain.
When originally building this machine, the command in question worked. However,
suspect one of the updates (from up2date) has changed something in iptables.
Suspect a kernel update, or a changed to iptables.
I have a serious need to block members of a certain group from having
access outside the box.
The problem is that the iptables-1.2.5 does not work properly with newer kernels.
Please have a look at
Grabbed src rpm and built and installed new rpm for iptables v1.2.8
Replaced the iptables v1.2.6a with the new version. New version fixes the
problem with the iptables command indicated in the ticket.
However, the /etc/init.d/iptables script has a problem with the save portion. I
edited /etc/sysconfig/iptables by hand, but I usually use "service iptables save"
I currently get:
Saving firewall rules to /etc/sysconfig/iptables: /etc/init.d/iptables: line 1:
stat: command not found
I could fix the script, if I have time, however, the fix should come from RH.
Stanley V. Hornyak
RedHat Certified Engineer (RHCE)
I am sorry, there was a missing requires for stat. There are fixed packages: