Re: [gentoo-user] iptables 1.2.8 problem

Tue, 19 Aug 2003 11:08:33 -0700

downtime null wrote:

apparently iptables was upgraded in my last 'emerge -u world' or
something. anyway, something has changed and a command that used to
work doesn't now. the command was :

# iptables -t nat -A POSTROUTING -j SNAT -o eth0 --to 10.1.0.27

now it says "iptables: Invalid argument"

so i discovered that '--to' is no longer valid (it's not in the man
page if it is). when i remove '--to 10.1.0.27' iptables says "iptables
v1.2.8: You must specify --to-source". i modified the command to be :

# iptables -vv -t nat -A POSTROUTING -j SNAT -o eth0 --to-source 10.1.0.27

i don't know what i'm doing wrong, but iptables replies with :

SNAT  all opt -- in * out eth0  0.0.0.0/0  -> 0.0.0.0/0  to:10.1.0.27
libiptc v1.2.8.  5 entries, 784 bytes.
Table `nat'
Hooks: pre/in/fwd/out/post = 0/0/0/460/148
Underflows: pre/in/fwd/out/post = 0/0/0/460/312
Entry 0 (0):
SRC IP: 0.0.0.0/0.0.0.0
DST IP: 0.0.0.0/0.0.0.0
Interface: `'/................to `'/................
Protocol: 0
Flags: 00
Invflags: 00
Counters: 2735 packets, 356607 bytes
Cache: 00000000
Target name: `' [36]
verdict=NF_ACCEPT

Entry 1 (148):
SRC IP: 0.0.0.0/0.0.0.0
DST IP: 0.0.0.0/0.0.0.0
Interface: `'/................to `eth0'/XXXXX...........
Protocol: 0
Flags: 00
Invflags: 00
Counters: 0 packets, 0 bytes
Cache: 00004008 UNKNOWN IP_IF_OUT
Target name: `SNAT' [52]

Entry 2 (312):
SRC IP: 0.0.0.0/0.0.0.0
DST IP: 0.0.0.0/0.0.0.0
Interface: `'/................to `'/................
Protocol: 0
Flags: 00
Invflags: 00
Counters: 5650 packets, 364518 bytes
Cache: 00000000
Target name: `' [36]
verdict=NF_ACCEPT

Entry 3 (460):
SRC IP: 0.0.0.0/0.0.0.0
DST IP: 0.0.0.0/0.0.0.0
Interface: `'/................to `'/................
Protocol: 0
Flags: 00
Invflags: 00
Counters: 5646 packets, 364237 bytes
Cache: 00000000
Target name: `' [36]
verdict=NF_ACCEPT

Entry 4 (608):
SRC IP: 0.0.0.0/0.0.0.0
DST IP: 0.0.0.0/0.0.0.0
Interface: `'/................to `'/................
Protocol: 0
Flags: 00
Invflags: 00
Counters: 0 packets, 0 bytes
Cache: 00000000
Target name: `ERROR' [64]
error=`ERROR'

iptables: Invalid argument

--
[EMAIL PROTECTED] mailing list



I read this warning was a result of some patches placed on the 2.4.20-r6 kernel(saw this when I emerged the -r6 kernel), and the solution was to re-emerge iptables.

Fred Clausen


--
[EMAIL PROTECTED] mailing list

Reply via email to