Note that I have eth0 and eth1. eth0 is externl and eth1 is local net.
Hmmm... does a kernel have a set number of rules that can be used or a set number of chains etc?
+ '[' -n '' ']'
+ addnatrule eth0_masq -s 192.168.1.0/255.255.255.0 -d 0.0.0.0/0 -j MASQUERADE
+ ensurenatchain eth0_masq
+ havenatchain eth0_masq
+ eval test '"$eth0_masq_nat_exists"' = Yes
++ test '' = Yes
+ createnatchain eth0_masq
+ run_iptables -t nat -N eth0_masq
+ iptables -t nat -N eth0_masq
+ eval eth0_masq_nat_exists=Yes
++ eth0_masq_nat_exists=Yes
+ run_iptables2 -t nat -A eth0_masq -s 192.168.1.0/255.255.255.0 -d 0.0.0.0/0 -j MASQUERADE
+ '[' 'x-t nat -A eth0_masq -s 192.168.1.0/255.255.255.0 -d 0.0.0.0/0 -j MASQUERADE' = 'x-t nat -A eth0_masq -s 192.168.1.0/255.255.255.0 -d 0.0.0.0/0 -j MASQUERADE' ']'
+ run_iptables -t nat -A eth0_masq -s 192.168.1.0/255.255.255.0 -d 0.0.0.0/0 -j MASQUERADE
+ iptables -t nat -A eth0_masq -s 192.168.1.0/255.255.255.0 -d 0.0.0.0/0 -j MASQUERADE
iptables: Invalid argument
+ '[' -z '' ']'
+ stop_firewall
+ set +x
Jim C wrote:
Well I looked at that section of the .config file and this did not appear to be the case. Also it doesn't cause an error until it reaches the NAT section of the shorewall commands. Later, when I can restart the box with that kernel, I'll get a trace so we can see exactly what command it is canning on.
It probably doesn't have the firewalling modules compiled for it -- I know the -mm kernel doesn't. Try copying the lib/modules/[kernel-version]/kernel/net/ipv4/netfilter/ directory from another 2.4.20 mandrake kernel, then run depmod -a and see if you get lucky.
------------------------------------------------------------------------
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
