logtest01:~# /usr/sbin/ferm --flush --shell /etc/ferm/ferm.conf /sbin/iptables-restore <<EOT # Generated by ferm 2.0.3 on Sun Feb 21 02:19:03 2010 *filter :FORWARD ACCEPT [0:0] :INPUT ACCEPT [0:0] :OUTPUT ACCEPT [0:0] :log_and_reject ACCEPT [0:0] :log_or_drop ACCEPT [0:0] :munin ACCEPT [0:0] :nagios ACCEPT [0:0] :ssh ACCEPT [0:0] COMMIT EOT iptables-restore v1.4.2: Can't set policy `log_and_reject' on `ACCEPT' line 6: Bad built-in chain name Failed to run /sbin/iptables-restore /sbin/ip6tables-restore <<EOT # Generated by ferm 2.0.3 on Sun Feb 21 02:19:03 2010 *filter :FORWARD ACCEPT [0:0] :INPUT ACCEPT [0:0] :OUTPUT ACCEPT [0:0] :log_and_reject ACCEPT [0:0] :log_or_drop ACCEPT [0:0] :ssh ACCEPT [0:0] COMMIT EOT ip6tables-restore v1.4.2: Can't set policy `log_and_reject' on `ACCEPT' line 6: Bad built-in chain name Failed to run /sbin/ip6tables-restore Firewall rules rolled back. Since stop calls --flush, this fails as it exits non-zero. Since dpkg -P ferm calls stop, this fails as well. Cheers,