Le 05/08/2017 à 08:03, david...@freevolt.org a écrit :
On Fri, 4 Aug 2017, jakob notland wrote:
Hello dear Debian support
This is not the Debian support. This is a user mailing list.
iptables -t nat -A PREROUTING -i eth0 -d $external_ip -m conntrack
--ctstate NEW -j DNAT --to-destination 10.3.0.2
iptables -t nat -A PREROUTING -i lxc-nat-bridge -d $external_ip -m
conntrack --ctstate NEW -j DNAT --to-destination 10.3.0.2
iptables -t nat -A OUTPUT -d $external_ip -m conntrack --ctstate NEW
-j DNAT --to-destination 10.3.0.2
All the commands returns "Bad argument `conntrack'",
Is the variable $external_ip defined?
And does it contain a proper value ?
By the way, "-m conntrack --ctstate NEW" is totally useless in NAT rules
and can be removed. The "nat" chains see only packets in the state NEW,
so no need to check.