Most iptables functions work with a 2.6.x kernel. Some (REDIRECT, MASQUERADE) do not. To fix this, 2.6.x kernels must have an iptables which was compiled against a 2.6.x kernel. Iptables 1.2.8 does not compile when /usr/src/linux points to a 2.6.x kernel. I've had to use iptables from CVS (20030813) to make it compile and had to remove the experimental stuff from the spec file.
Example: # uname -r 2.6.0-test3 # rpm -q iptables iptables-1.2.8-1mdk # /sbin/iptables -t nat -I PREROUTING -i eth0 -p tcp --dport 53 -j REDIRECT --to-ports 22 iptables: Target problem # rpm -Uvh ~src/RPMS/i586/iptables-1.2.8-1.1.kernel26.mdk.i586.rpm Preparing... ########################################### [100%] 1:iptables ########################################### [100%] # /sbin/iptables -t nat -I PREROUTING -i eth0 -p tcp --dport 53 -j REDIRECT --to-ports 22 # As this test shows, the iptables CVS version compiled against 2.6.x works ok. I've also recompiled the CVS version against the 2.4 mdk kernel source. This still generates an 'iptables: Target problem' error message. Note that most function of iptables for 2.4 do work under 2.6.x. -- Regards, Olav
