Peter Rundle was once rumoured to have said: > Sluggers, > > I'm playing around with DNAT on iptables but whenever I try to put > the rule in I just get an error "Invalid argument". I've looked at a > number of examples on the net and they all seem to be doing the same > thing that I am. Does anyone know if there is a version problem? > I've got kernel 2.4.7-10 and iptables 1.2.3-1 > > Basically I want to have my firewall allow http traffic through from > the outside world to a linux box on the internal net but this is > what happens.. > > # iptables -t nat -A POSTROUTING -p tcp -s 0/0 --dport 80 -j DNAT --to > 192.168.1.99 > iptables: Invalid argument > > Cluesticks?
s/POSTROUTING/PREROUTING/ DNAT has to be applied before a routing decision is made so the packets can be routed correctly. C. -- --==============================================-- Crossfire | This email was brought to you [EMAIL PROTECTED] | on 100% Recycled Electrons --==============================================-- -- SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
