On Monday 10 June 2002 1:45 pm, Kellogg, Chris wrote: > iptables -A OUTPUT -s 192.168.0.0/24 -p tcp --dport 80 -t nat -j DNAT > --to-destination 192.168.4.4:80 > > When I attempt to put this rule in, I get the error message "iptables: > Invalid argument".
I should think it's the -s argument which netfilter is complaining about - it makes (almost) no sense to include this in a rule which only applies to packets coming from the local machine. I assume you really are trying to DNAT packets originating from the netfilter box, and not ones which are being routed by it (which you would do in the POSTROUTING chain) ? Antony.
