[+] Splicing fwsnort 11647 rules into the iptables policy...
iptables-restore v1.6.0: invalid port/service `[6789]' specified
Error occurred at line: 11464
Try `iptables-restore -h' or 'iptables-restore --help' for more information.
The issue seems triggered by an updated rule set which seems to be incompatible with Debian's version of fwsnort (1.6.5) as well with the current upstream fwsnort version 1.6.6.
Basically the issue is that all but one line in that rule set contain more than one port. And iptables seems to choke on single port numbers in square brackets.
Doing the following as root:
currently results in the following error:
The issue seems triggered by an updated rule set which seems to be incompatible with Debian's version of fwsnort (1.6.5) as well with the current upstream fwsnort version 1.6.6.
Basically the issue is that all but one line in that rule set contain more than one port. And iptables seems to choke on single port numbers in square brackets.
The offending line:
The resulting line(s) on which iptables-restore bails out:
Initially reported in Debian but also popped up on Superuser.com.
This is the same patch as I used to fix the bug in Debian for the upcoming Debian 9 release called Stretch.