On Tuesday 03 June 2003 02:03, Werner Schalk wrote: > Hi, > > I would like to compile my own kernel which provides NAT/masquerading > support. Therefore I have configured my 2.4.20 (original gentoo) kernel > like this: > > CONFIG_PACKET=y > CONFIG_PACKET_MMAP=y > CONFIG_NETFILTER=y > CONFIG_NETFILTER_DEBUG=y > CONFIG_FILTER=y > CONFIG_UNIX=y > CONFIG_INET=y > CONFIG_IP_MULTICAST=y > CONFIG_IP_ADVANCED_ROUTER=y > CONFIG_IP_MULTIPLE_TABLES=y > CONFIG_IP_ROUTE_NAT=y > CONFIG_NET_IPIP=y > CONFIG_IP_NF_CONNTRACK=y > CONFIG_IP_NF_FTP=y > CONFIG_IP_NF_CONNTRACK_MARK=y > CONFIG_IP_NF_IRC=y > CONFIG_IP_NF_IPTABLES=y > CONFIG_IP_NF_MATCH_STATE=y > CONFIG_IP_NF_FILTER=y > CONFIG_IP_NF_TARGET_REJECT=y > CONFIG_IP_NF_NAT=y > CONFIG_IP_NF_NAT_NEEDED=y > CONFIG_IP_NF_TARGET_MASQUERADE=y > CONFIG_IP_NF_TARGET_REDIRECT=y > CONFIG_IP_NF_NAT_IRC=y > CONFIG_IP_NF_NAT_FTP=y > CONFIG_IP_NF_MANGLE=y > CONFIG_IP_NF_TARGET_LOG=y > > After compiling the kernel I was able to boot my system without any > problems. Now when I try to create a rule which should log all disallowed > network traffic I get the following error message: > > iptables v1.2.8: Unknown arg `--log-prefix' > Try `iptables -h' or 'iptables --help' for more information. > > I was used to use the rule for almost two years now and it worked out fine > on many system. What's messed up here? The rule is: > iptables -A nirvana -p ICMP -j LOG --log-prefix "dropped ICMP packet " > --log-level info > > The chain nirvana was created manually by me. I have already emerged > iptables again but that did not change anything. Any ideas/hints would be > greatly appreciated. > > Bye and thanks, > Werner. > > -- > [EMAIL PROTECTED] mailing list Looks to me like you don't have the proper logging stuff turned on in your kernel... I could have just misread a line, but that would be my guess. -- Zack Gilburd http://tehunlose.com
pgp00000.pgp
Description: signature
