On Tue, Jul 03, 2001 at 10:22:55AM +1000, George (DJ Tremors) Vieira
([EMAIL PROTECTED]) wrote:
> Hey all,
>
> Has anybody sucessfuly migrated their ipchains rules to iptables?
Yes and it rocks. It has so many more really good options that is useful
to spend the time to learn it and to re-write the rules. Re-writing
is not so much though, its minimal.
> I changed mine to suit the syntax and tried it out.... no go. it looked as
> though it didn't do the NAT properly.. anybody got some hints..??
>
> I have 2 NICS where eth0 is internal and eth1 is external.
^^^^^^
> |
> ANYWHERE="0/0" | Could this be your problem?
> EXTDEV="eth2" |
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^|
> INTSN="192.168.0.0/24"
>
> /sbin/iptables -A POSTROUTING -t nat -o $EXTDEV -s $INTSN -d
> $ANYWHERE -j MASQUERADE
There could be another problem too.
>From the MAN page:
--modprobe=<command>
When adding or inserting rules into a chain, use command to load any
necessary modules (targets, match
extensions, etc).
MATCH EXTENSIONS
col is specified, or with the -m or --match options, followed by the matching
module name; after these, various
extra command line options become available, depending on the specific module.
You can specify multiple extended
match modules in one line, and you can use the -h or --help options after the
module has been specified to receive
help specific to that module.
So you might need to explicitly LOAD the module (nat and masquerade).
I had to do this to use the MULTIPORT module.
jobst
--
Though the pen IS mightier than the sword, the sword is mightier at any given moment.
| __, Jobst Schmalenbach, [EMAIL PROTECTED], Technical Director|
| _ _.--'-n_/ Barrett Consulting Group P/L & The Meditation Room P/L |
|-(_)------(_)= +61 3 9532 7677, POBox 277, Caulfield South, 3162, Australia|
--
SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/
More Info: http://lists.slug.org.au/listinfo/slug
