IPTables Error Debian 6.01 Squeeze

G'Day all,

I'm running the new version of blockhosts and all installed fine apart from the IPtables as it shows an error after a while with 'ERROR: BHOptionParser: no such option: --iptables'

I have searched all over for an answer and no luck.

Is anyone else having the same issue?

------- writing final blocked/watched list ---
Collecting watched_hosts counts info for block-file
Collecting log file offset info for block-file
... final counts: blocked 9, watched 10
Running:  iptables --new blockhosts
   returned waitstatus:  32512
   output:  sh: iptables: not found
... user-defined chain blockhosts already exists, or error occurred
   pattern to search for INPUT/FORWARD chain jump:  <_sre.SRE_Pattern object at 0xb7356cd0>
Running:  iptables --list INPUT --numeric
   returned waitstatus:  32512
   output:  sh: iptables: not found
ERROR:  Failed command: iptables --list INPUT --numeric (127)
sh: iptables: not found
				

Any ideas or help accepted.

Use --ipblock and check iptables install.

Looks like there may be two problems:
1) --iptables is wrong option, the 2.5.0 version of blockhosts uses --ipblock=iptables. Run blockhosts.py --help to see syntax.
2) Is iptables installed? If yes, it may not be in $PATH, in which case, use the full path in running blockhosts.py, for example: --ipblock=/sbin/iptables

iptables error

iptables is installed and when blockhosts is first installed its fine and works well. After a few hours then the error appears:

ERROR:  BHOptionParser:  no such option: --iptables

I'm updating now to 2.5.0 and I'll let you know how I get on.

Thanks,
Azz

Look for some config file

Maybe there is an old config file, or crontab command that is also running blockhosts.py and using the obsolete --iptables option.

iptables error

Ok I installed the new version and still had the same error. I then removed iptables and reinstalled them incase there was an issue with them.

I ran Blockhosts with the following:

blockhosts.py --ipblock=/sbin/iptables --verbose
#-----------------------------------------------------------------------
[ipblock]
# ipblock section for enabling protection using TCP/IP level blocking -
# by using null routes, or iptables filtering, all network communication
# is stopped from a particular IP address
# Values that can be assigned to IPBLOCK - can be iptables or iproute,
# or full path to iptables or ip commands.

#IPBLOCK = "" # (default)
#IPBLOCK = "ip route" # or use full path "/sbin/ip route"
IPBLOCK = "iptables" # or use full path "/sbin/iptables"
# "ip route": Do TCP/IP blocking using route commands to setup null-routes.
#    ip route add  via 127.0.0.1
# "iptables": Do TCP/IP blocking, using iptables packet filtering.
#    iptables --append blockhosts --source  -j DROP

#-----------------------------------------------------------------------

Not sure

It is not iptables, it has to be a blockhosts.py problem.

From command line, does one of these work and other one fail?

blockhosts.py --ipblock=/sbin/iptables --verbose
vs
blockhosts.py --ipblock=iptables --verbose

If the second one fails, then change your posted config file - make it also use /sbin/iptables:

IPBLOCK = "/sbin/iptables" # or use full path "/sbin/iptables"

iptables error

The command runs without issue and adds the IP's:

azzaka@desere:~/BlockHosts-2.5.0$ sudo blockhosts.py --ipblock=/sbin/iptables --verbose
blockhosts 2.5.0 started: 2011-03-13 21:00:00 GMT
 ... loaded /etc/hosts.allow, starting counts: blocked 10, watched 11
 ... loading log file /var/log/auth.log, offset: 145734
 ... loading log file /var/log/exim4/mainlog, offset: 21161
 ... loading log file /var/log/proftpd/proftpd.log, offset: 73792
 ... discarding all host entries older than  2011-03-06 21:00:00 GMT
 ... final counts: blocked 10, watched 11
 ... no email to send.

Its every 5mins the cron runs and then the error is outputed to the log file.

iptables error

Could is be the cron job:

*/5 * * * *  /usr/local/bin/blockhosts.py &> /dev/null

You can email me at: blockhosts (add mydomain here)

~Azz

Add /sbin/iptables to blockhosts.cfg

If cron job is reporting error, then try the suggestion in the previous comment. It will likely fix it. When running without --ipblock option, it will use the config IPBLOCK value, which is probably failing because PATH is not set for cronjobs.

Same error

I have added the sbin:

#-----------------------------------------------------------------------
[ipblock]
# ipblock section for enabling protection using TCP/IP level blocking -
# by using null routes, or iptables filtering, all network communication
# is stopped from a particular IP address
# Values that can be assigned to IPBLOCK - can be iptables or iproute,
# or full path to iptables or ip commands.

#IPBLOCK = "" # (default)
#IPBLOCK = "ip route" # or use full path "/sbin/ip route"
IPBLOCK = "/sbin/iptables" # or use full path "/sbin/iptables"
# "ip route": Do TCP/IP blocking using route commands to setup null-routes.
#    ip route add  via 127.0.0.1
# "iptables": Do TCP/IP blocking, using iptables packet filtering.
#    iptables --append blockhosts --source  -j DROP

#-----------------------------------------------------------------------

and added it to the cronjob:

*/5 * * * *  blockhosts.py --ipblock=/sbin/iptables --verbose &> /dev/null

You can find the full config here: Config File

Its not Cron

I removed the cron Jobs and have been running it manually.

Still the same issue. When run the script works and IP's are added. However the log shows: ERROR: BHOptionParser: no such option: --iptables

Any idea's?

Issue is with Blockhosts and Debian Squeeze 6.1

Over the past I have been testing the script. When you run the script manually using blockhosts.py --ipblock=iptables --verbose the script runs and the IP's are blocked . The issue is only with the logging feature. The key is that it says BHOption Parser etc. BHOption parser is the script, not Cron, not IPtables. I cannot find the issue with the coding as I have never coded python before.

More people I know have removed the script as it had the same error, not realising it was still blocking the IP's using IPtables. Search google and others say they have had the issue. Can someone please either look into this or teach me how to try and find it.

~Azz

Send email to author

I am not sure what is going on - there has to a invocation somewhere that is using the wrong argument. Send email to author, easier to debug that way. Basic thing will be to match the time in the log with the hosts.allow entries, and manual tests, to see what is working.

Author has been contacted

The email has already been sent, however still no resolution so I'm running it manually.

~Azz

Resolved

The issue belongs to the version of perl being run by Debian. The version is 5.0* and this has caused issues in some calling features for other perl scripts.

My advise if running Blockhosts on Debian: manually update your perl version to 5.1.

-Azz