python-iptables: Cryptic error when allowing incoming TCP traffic on port 1234

Posted by Lucas Kauffman on Stack Overflow See other posts from Stack Overflow or by Lucas Kauffman
Published on 2012-12-09T17:00:24Z Indexed on 2012/12/09 17:03 UTC
Read the original article Hit count: 324

Filed under:
|

I wanted to write an iptables script in Python. Rather than calling iptables itself I wanted to use the python-iptables package. However I'm having a hard time getting some basic rules setup. I wanted to use the filter chain to accept incoming TCP traffic on port 1234. So I wrote this:

import iptc
chain = iptc.Chain(iptc.TABLE_FILTER,"INPUT")
rule = iptc.Rule()
target =  iptc.Target(rule,"ACCEPT")
match = iptc.Match(rule,'tcp')
match.dport='1234'
rule.add_match(match)
rule.target = target
chain.insert_rule(rule)

However when I run this I get this thrown back at me:

Traceback (most recent call last):
  File "testing.py", line 9, in <module>
    chain.insert_rule(rule)
  File "/usr/local/lib/python2.6/dist-packages/iptc/__init__.py", line 1133, in insert_rule
    self.table.insert_entry(self.name, rbuf, position)
  File "/usr/local/lib/python2.6/dist-packages/iptc/__init__.py", line 1166, in new
    obj.refresh()
  File "/usr/local/lib/python2.6/dist-packages/iptc/__init__.py", line 1230, in refresh
    self._free()
  File "/usr/local/lib/python2.6/dist-packages/iptc/__init__.py", line 1224, in _free
    self.commit()
  File "/usr/local/lib/python2.6/dist-packages/iptc/__init__.py", line 1219, in commit
    raise IPTCError("can't commit: %s" % (self.strerror()))
iptc.IPTCError: can't commit: Invalid argument
Exception AttributeError: "'NoneType' object has no attribute 'get_errno'" in <bound method Table.__del__ of <iptc.Table object at 0x7fcad56cc550>> ignored

Does anyone have experience with python-iptables that could enlighten on what I did wrong?

© Stack Overflow or respective owner

Related posts about python

Related posts about iptables