apparently iptables was upgraded in my last 'emerge -u world' or something. anyway, something has changed and a command that used to work doesn't now. the command was :
# iptables -t nat -A POSTROUTING -j SNAT -o eth0 --to 10.1.0.27 now it says "iptables: Invalid argument" so i discovered that '--to' is no longer valid (it's not in the man page if it is). when i remove '--to 10.1.0.27' iptables says "iptables v1.2.8: You must specify --to-source". i modified the command to be : # iptables -vv -t nat -A POSTROUTING -j SNAT -o eth0 --to-source 10.1.0.27 i don't know what i'm doing wrong, but iptables replies with : SNAT all opt -- in * out eth0 0.0.0.0/0 -> 0.0.0.0/0 to:10.1.0.27 libiptc v1.2.8. 5 entries, 784 bytes. Table `nat' Hooks: pre/in/fwd/out/post = 0/0/0/460/148 Underflows: pre/in/fwd/out/post = 0/0/0/460/312 Entry 0 (0): SRC IP: 0.0.0.0/0.0.0.0 DST IP: 0.0.0.0/0.0.0.0 Interface: `'/................to `'/................ Protocol: 0 Flags: 00 Invflags: 00 Counters: 2735 packets, 356607 bytes Cache: 00000000 Target name: `' [36] verdict=NF_ACCEPT Entry 1 (148): SRC IP: 0.0.0.0/0.0.0.0 DST IP: 0.0.0.0/0.0.0.0 Interface: `'/................to `eth0'/XXXXX........... Protocol: 0 Flags: 00 Invflags: 00 Counters: 0 packets, 0 bytes Cache: 00004008 UNKNOWN IP_IF_OUT Target name: `SNAT' [52] Entry 2 (312): SRC IP: 0.0.0.0/0.0.0.0 DST IP: 0.0.0.0/0.0.0.0 Interface: `'/................to `'/................ Protocol: 0 Flags: 00 Invflags: 00 Counters: 5650 packets, 364518 bytes Cache: 00000000 Target name: `' [36] verdict=NF_ACCEPT Entry 3 (460): SRC IP: 0.0.0.0/0.0.0.0 DST IP: 0.0.0.0/0.0.0.0 Interface: `'/................to `'/................ Protocol: 0 Flags: 00 Invflags: 00 Counters: 5646 packets, 364237 bytes Cache: 00000000 Target name: `' [36] verdict=NF_ACCEPT Entry 4 (608): SRC IP: 0.0.0.0/0.0.0.0 DST IP: 0.0.0.0/0.0.0.0 Interface: `'/................to `'/................ Protocol: 0 Flags: 00 Invflags: 00 Counters: 0 packets, 0 bytes Cache: 00000000 Target name: `ERROR' [64] error=`ERROR' iptables: Invalid argument -- [EMAIL PROTECTED] mailing list
