Iptables -C (--check) doesn't work

networking linux firewall iptables linux-networking

I have the following Iptables version:

sh# iptables --version
iptables v1.4.21

The help page contains this line:

--check   -C chain      Check for the existence of a rule

I have such a rule in iptables-save:

-A PREROUTING -p udp -m udp --dport 5060 -j CT --helper sip

But when I'm trying to check (-C) it I see such output:

sh# iptables -C PREROUTING -p udp -m udp --dport 5060 -j CT --helper sip
iptables: Bad rule (does a matching rule exist in that chain?).

What is the reason? Could some bug be in Iptables?


Try adding a -t nat so you select the NAT table, or maybe -t mangle. Pretty sure it will default to looking at the filter table, which won't have a PREROUTING chain. You need to specify which table you are looking at.

sh# iptables -C PREROUTING -t nat -p udp -m udp --dport 5060 -j CT --helper sip

Related

There may be no DNS name server shards remaining for the name. Google cloud
Companion affinity change notification
Do multiple hits from the same Simon/Richter boomerang add multiple hits to the staleness queue?
How many berries can I feed to a Pokémon?
Place a complete bed using /setblock
Is there a combat log in Diablo 3?
What is the advantage of playing non-lethally?
What is a Blocked mission?
How does being addicted affect you?
What TF2 items can I sell to the Steam Community Market?
How to enqueue techs on Endless Space?
Does the Wii U use HDCP copy protection on on games via its HDMI output?