search

jawj / IKEv2-setup

Set up Ubuntu Server 20.04 (or 18.04) as an IKEv2 VPN server
1.35k stars 338 forks source link

Iptables: invalid argument #135

Closed Velrous closed 2 years ago

Velrous commented 2 years ago

Hello, I tried to run the script on a clean installed ubuntu 20.04 and 18.04 and every time I get the error:

--- Configuring firewall ---

iptables: Invalid argument. Run 'dmesg' for more information.

I found that there was already a similar problem https://github.com/jawj/IKEv2-setup/issues/132

Command execution ip route get 1.1.1.1 returns:

1.1.1.1 dev venet0 src /*server ip*/
    cache

I also modified the file setup.sh and changed the line #!/bin/bash -e to #!/bin/bash -ex After re-execution setup.sh I got this:


--- Configuring firewall ---
+ echo

+ iptables -P INPUT ACCEPT
+ iptables -P FORWARD ACCEPT
+ iptables -P OUTPUT ACCEPT
+ iptables -F
+ iptables -t nat -F
+ iptables -t mangle -F
+ iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
+ iptables -A INPUT -i lo -j ACCEPT
+ iptables -A INPUT -m state --state INVALID -j DROP
+ iptables -I INPUT -i venet0 -m state --state NEW -m recent --set
+ iptables -I INPUT -i venet0 -m state --state NEW -m recent --update --seconds 300 --hitcount 60 -j DROP
iptables: Invalid argument. Run `dmesg' for more information.
jawj commented 2 years ago

Looks like it would be useful to follow the advice in the error message and run dmesg straight after the script fails. See here, for example: https://stackoverflow.com/questions/26936653/ratelimiting-with-iptables-recent-gives-error