Using Intrapositioned Negation Iptables Error Message
Question
I’am Trying to write a simple firewall rule using the iptables negation (not equal). Simply What I want is to allow any traffic which is not UDP.
iptables -A INPUT -p ! udp -j ACCEPT
But I get the error “Using intrapositioned negation” when I add the rule. Following is the complete error message.
Using intrapositioned negation (`–option ! this`) is deprecated in favor of extrapositioned (`! –option this`).
Is there any syntax error in my firewall rule. Because I am sure iptables allows to use not equal.
Answer
You have added not equal sign (negation) in the wrong place. Not Equal sign should be added before the -p option (–proto). The correct iptables rule is as follows.
iptables -A INPUT ! -p udp -j ACCEPT
I hope that this will solve your problem.