Purely reproduced, easy to find
When restarting the firewall of the Centos 6.4 system on the Linode VPS, I encountered the following error:
service iptables restart
Setting chains to policy ACCEPT: security raw nat[FAILED]filter
After searching, it is understood that Linode officially added a security rule chain to iptables, but Centos does not support it.
The solution found is to edit /etc/init.d/iptables and find:
for i in $tables; do
echo -n "$i "
case "$i" in
raw)
$IPTABLES -t raw -P PREROUTING $policy \
&& $IPTABLES -t raw -P OUTPUT $policy \
|| let ret+=1
;;
Add the following under " case "$i" in ":
security)
$IPTABLES -t filter -P INPUT $policy \
&& $IPTABLES -t filter -P OUTPUT $policy \
&& $IPTABLES -t filter -P FORWARD $policy \
|| let ret+=1
;;
The final version looks like:
for i in $tables; do
echo -n "$i "
case "$i" in
security)
$IPTABLES -t filter -P INPUT $policy \
&& $IPTABLES -t filter -P OUTPUT $policy \
&& $IPTABLES -t filter -P FORWARD $policy \
|| let ret+=1
;;
raw)
$IPTABLES -t raw -P PREROUTING $policy \
&& $IPTABLES -t raw -P OUTPUT $policy \
|| let ret+=1
;;
After saving, restart
service iptables restart
{{o.name}}
{{m.name}}