Hi, I would like to compile my own kernel which provides NAT/masquerading support. Therefore I have configured my 2.4.20 (original gentoo) kernel like this:
CONFIG_PACKET=y CONFIG_PACKET_MMAP=y CONFIG_NETFILTER=y CONFIG_NETFILTER_DEBUG=y CONFIG_FILTER=y CONFIG_UNIX=y CONFIG_INET=y CONFIG_IP_MULTICAST=y CONFIG_IP_ADVANCED_ROUTER=y CONFIG_IP_MULTIPLE_TABLES=y CONFIG_IP_ROUTE_NAT=y CONFIG_NET_IPIP=y CONFIG_IP_NF_CONNTRACK=y CONFIG_IP_NF_FTP=y CONFIG_IP_NF_CONNTRACK_MARK=y CONFIG_IP_NF_IRC=y CONFIG_IP_NF_IPTABLES=y CONFIG_IP_NF_MATCH_STATE=y CONFIG_IP_NF_FILTER=y CONFIG_IP_NF_TARGET_REJECT=y CONFIG_IP_NF_NAT=y CONFIG_IP_NF_NAT_NEEDED=y CONFIG_IP_NF_TARGET_MASQUERADE=y CONFIG_IP_NF_TARGET_REDIRECT=y CONFIG_IP_NF_NAT_IRC=y CONFIG_IP_NF_NAT_FTP=y CONFIG_IP_NF_MANGLE=y CONFIG_IP_NF_TARGET_LOG=y After compiling the kernel I was able to boot my system without any problems. Now when I try to create a rule which should log all disallowed network traffic I get the following error message: iptables v1.2.8: Unknown arg `--log-prefix' Try `iptables -h' or 'iptables --help' for more information. I was used to use the rule for almost two years now and it worked out fine on many system. What's messed up here? The rule is: iptables -A nirvana -p ICMP -j LOG --log-prefix "dropped ICMP packet " --log-level info The chain nirvana was created manually by me. I have already emerged iptables again but that did not change anything. Any ideas/hints would be greatly appreciated. Bye and thanks, Werner. -- [EMAIL PROTECTED] mailing list
