Posted
Filed under centos7

If you receive an error while restarting IPtables on your virtual machine that includes : raw nat mangle filter [FAILED] or similar, this is a known error with CentOS 5 / CentOS 6 on virtual architectures. You simply need to modify the : /etc/init.d/iptables file.

===참고
https://www.hostvirtual.com/kb/6383/IPtables-returns-an-error--security-raw-nat-mangle-filter-FAILED.html
===

Next, locate the below text, you can search for 'setting chains' Next add the lines labeled with + to the file, after the line with: case "$i"

vi /etc/init.d/iptables

echo -n $"${IPTABLES}: Setting chains to policy $policy: "
    ret=0
    for i in $tables; do
        echo -n "$i "
        case "$i" in

<!-- 추가된 부분 -->
+           security)

+               $IPTABLES -t filter -P INPUT $policy \
+                   && $IPTABLES -t filter -P OUTPUT $policy \
+                   && $IPTABLES -t filter -P FORWARD $policy \
+                   || let ret+=1
+               ;;


            raw)
                $IPTABLES -t raw -P PREROUTING $policy \
                    && $IPTABLES -t raw -P OUTPUT $policy \
                    || let ret+=1
                ;;

2015/11/02 16:33 2015/11/02 16:33