I am using iptables for my project but facing some problem as follow.
1.in iptables 1.4.7
iptables -A INPUT -s 10.0.4.247 -m time --datestart 2013-5-16T12 --datestop 2013-5-16T16 -j DROP
or
iptables -A INPUT -s 10.0.4.247 -m time --localtz --datestart 2013-5-16T12 --datestop 2013-5-16T16 -j DROP
output of date
command
Thu May 16 15:52:11 IST 2013
both the commands above is not working. As i can able to ping form 10.0.4.247 to the machine.
why this is not working as default it should be --localtz
.(man page of iptables v 1.4.7)
2.in iptables v 1.4.12
iptables -A INPUT -s 10.0.4.247 -m time --kerneltz --datestart 2013-5-16T12 --datestop 2013-5-16T16 -j DROP
This is working as I am not able to ping from the ip 10.0.4.247
iptables -A INPUT -s 10.0.4.247 -m time --datestart 2013-5-16T12 --datestop 2013-5-16T16 -j DROP
This rule bydefault set to follow UTC timezone but in man page it showing,the default is --kerneltz
.[man of iptables v1.4.12]
can any one tell me what is problem with the iptables ,I need to block some ip/port for a specified time duration,but unable find what to do.
what is actually meaning of --kerneltz
and is it safe to use this.
kindly tell some answer
Thanks
Best Answer
--kerneltz
is explained in full in the man page:I see nothing in the man page to indicate that
--kerneltz
is the default. Rather it specified that times given in--datestart
and--datestop
will be interpreted as UTC.What you really should do is to set the system clock to UTC. This should resolve this problem, as well as a variety of other problems you don't yet know you have.