* iptables: invalid arguement with kernel 2.6.5
@ 2004-05-04 11:00 Det Buaklee
2004-05-04 11:31 ` Angel
` (3 more replies)
0 siblings, 4 replies; 6+ messages in thread
From: Det Buaklee @ 2004-05-04 11:00 UTC (permalink / raw)
To: netfilter
[-- Attachment #1: Type: text/plain, Size: 711 bytes --]
Hi
I am very new in configuring iptables with bridge software. I want to do
a transparent proxy with iptables and squid and running a firewall
bridge on the squid box. I have upgraded my kernel to 2.6.5 (to get the
firewall-bridge) and I have already tried compiled iptables 1.2.9 with
the kernel src directory. My problem is when I tried something like
/sbin/iptables -A PREROUTING -t mangle -i eth0 -p tcp --dport 80 -j
REDIRECT --to-port 8080
or
/sbin/iptables -t mangle -A PREROUTING -m physdev --physdev-in eth0 -p
tcp --dport 80 -j REDIRECT --to-port 8080
and iptables just return
iptables: invalid argument
Any help or pointer to some documents would be much appreciated.
Det Buaklee
[-- Attachment #2: Type: text/html, Size: 7981 bytes --]
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: iptables: invalid arguement with kernel 2.6.5
2004-05-04 11:00 iptables: invalid arguement with kernel 2.6.5 Det Buaklee
@ 2004-05-04 11:31 ` Angel
2004-05-04 11:33 ` Antony Stone
` (2 subsequent siblings)
3 siblings, 0 replies; 6+ messages in thread
From: Angel @ 2004-05-04 11:31 UTC (permalink / raw)
To: netfilter
on the mangle table?
i think it should be on the nat table?
El Martes, 4 de Mayo de 2004 13:00, Det Buaklee escribi칩:
> Hi
>
> I am very new in configuring iptables with bridge software. I want to do
> a transparent proxy with iptables and squid and running a firewall
> bridge on the squid box. I have upgraded my kernel to 2.6.5 (to get the
> firewall-bridge) and I have already tried compiled iptables 1.2.9 with
> the kernel src directory. My problem is when I tried something like
>
> /sbin/iptables -A PREROUTING -t mangle -i eth0 -p tcp --dport 80 -j
> REDIRECT --to-port 8080
>
> or
>
> /sbin/iptables -t mangle -A PREROUTING -m physdev --physdev-in eth0 -p
> tcp --dport 80 -j REDIRECT --to-port 8080
>
> and iptables just return
>
> iptables: invalid argument
>
> Any help or pointer to some documents would be much appreciated.
>
> Det Buaklee
--
--------------------------------------------------------
Angel J. Alvarez Miguel
Secci칩n de Sistemas, Servicio de Explotaci칩n
Servicios Informaticos, Universidad de Alcal치
Tfno: +34 91 885 47 04, Fax: +34 91 885 51 11
--------------------------------------------------------
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: iptables: invalid arguement with kernel 2.6.5
2004-05-04 11:00 iptables: invalid arguement with kernel 2.6.5 Det Buaklee
2004-05-04 11:31 ` Angel
@ 2004-05-04 11:33 ` Antony Stone
2004-05-04 12:13 ` Det Buaklee
2004-05-04 11:43 ` Krystian
2004-05-04 11:58 ` Sven Schuster
3 siblings, 1 reply; 6+ messages in thread
From: Antony Stone @ 2004-05-04 11:33 UTC (permalink / raw)
To: netfilter
On Tuesday 04 May 2004 12:00 pm, Det Buaklee wrote:
> /sbin/iptables -A PREROUTING -t mangle -i eth0 -p tcp --dport 80 -j
> REDIRECT --to-port 8080
>
> or
>
> /sbin/iptables -t mangle -A PREROUTING -m physdev --physdev-in eth0 -p
> tcp --dport 80 -j REDIRECT --to-port 8080
>
> and iptables just return
>
> iptables: invalid argument
REDIRECT should be done in the nat table, not the mangle table.
Antony.
--
Software development can be quick, high quality, or low cost.
The customer gets to pick any two out of three.
Please reply to the list;
please don't CC me.
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: iptables: invalid arguement with kernel 2.6.5
2004-05-04 11:00 iptables: invalid arguement with kernel 2.6.5 Det Buaklee
2004-05-04 11:31 ` Angel
2004-05-04 11:33 ` Antony Stone
@ 2004-05-04 11:43 ` Krystian
2004-05-04 11:58 ` Sven Schuster
3 siblings, 0 replies; 6+ messages in thread
From: Krystian @ 2004-05-04 11:43 UTC (permalink / raw)
To: Det Buaklee; +Cc: netfilter
Det Buaklee wrote:
> Hi
>
>
>
> I am very new in configuring iptables with bridge software. I want to
> do a transparent proxy with iptables and squid and running a firewall
> bridge on the squid box. I have upgraded my kernel to 2.6.5 (to get
> the firewall-bridge) and I have already tried compiled iptables 1.2.9
> with the kernel src directory. My problem is when I tried something like
>
>
>
> /sbin/iptables -A PREROUTING -t mangle -i eth0 -p tcp --dport 80 -j
> REDIRECT --to-port 8080
>
>
>
> or
>
>
>
> /sbin/iptables -t mangle -A PREROUTING -m physdev --physdev-in eth0 -p
> tcp --dport 80 -j REDIRECT --to-port 8080
>
>
>
> and iptables just return
>
>
>
> iptables: invalid argument
>
>
>
> Any help or pointer to some documents would be much appreciated.
>
>
>
> Det Buaklee
>
bad table "mangle". try using diffrent for example nat.
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: iptables: invalid arguement with kernel 2.6.5
2004-05-04 11:00 iptables: invalid arguement with kernel 2.6.5 Det Buaklee
` (2 preceding siblings ...)
2004-05-04 11:43 ` Krystian
@ 2004-05-04 11:58 ` Sven Schuster
3 siblings, 0 replies; 6+ messages in thread
From: Sven Schuster @ 2004-05-04 11:58 UTC (permalink / raw)
To: Det Buaklee; +Cc: netfilter
[-- Attachment #1: Type: text/plain, Size: 1095 bytes --]
Hi Det,
On Tue, May 04, 2004 at 06:00:40PM +0700, Det Buaklee told us:
> Hi
>
> I am very new in configuring iptables with bridge software. I want to do
> a transparent proxy with iptables and squid and running a firewall
> bridge on the squid box. I have upgraded my kernel to 2.6.5 (to get the
> firewall-bridge) and I have already tried compiled iptables 1.2.9 with
> the kernel src directory. My problem is when I tried something like
>
> /sbin/iptables -A PREROUTING -t mangle -i eth0 -p tcp --dport 80 -j
> REDIRECT --to-port 8080
>
> or
>
> /sbin/iptables -t mangle -A PREROUTING -m physdev --physdev-in eth0 -p
> tcp --dport 80 -j REDIRECT --to-port 8080
>
> and iptables just return
>
> iptables: invalid argument
>
> Any help or pointer to some documents would be much appreciated.
>
> Det Buaklee
REDIRECT ist only valid in the nat table, not in mangle.
HTH
Sven
--
Linux zion 2.6.6-rc1 #1 Sat Apr 17 11:50:12 CEST 2004 i686 athlon i386 GNU/Linux
13:57:45 up 13 days, 18:47, 1 user, load average: 0.03, 0.04, 0.06
[-- Attachment #2: Type: application/pgp-signature, Size: 189 bytes --]
^ permalink raw reply [flat|nested] 6+ messages in thread
* RE: iptables: invalid arguement with kernel 2.6.5
2004-05-04 11:33 ` Antony Stone
@ 2004-05-04 12:13 ` Det Buaklee
0 siblings, 0 replies; 6+ messages in thread
From: Det Buaklee @ 2004-05-04 12:13 UTC (permalink / raw)
To: netfilter
Thanks guys for pointing out, though I am still confused with the
different between -t nat and -t mangle (on the bridge, and I am not
doing NAT on my network what options should I use) .. I think am going
to read the man page more carefully..
DET
-----Original Message-----
From: netfilter-admin@lists.netfilter.org
[mailto:netfilter-admin@lists.netfilter.org] On Behalf Of Antony Stone
Sent: Tuesday, May 04, 2004 6:34 PM
To: netfilter@lists.netfilter.org
Subject: Re: iptables: invalid arguement with kernel 2.6.5
On Tuesday 04 May 2004 12:00 pm, Det Buaklee wrote:
> /sbin/iptables -A PREROUTING -t mangle -i eth0 -p tcp --dport 80 -j
> REDIRECT --to-port 8080
>
> or
>
> /sbin/iptables -t mangle -A PREROUTING -m physdev --physdev-in eth0 -p
> tcp --dport 80 -j REDIRECT --to-port 8080
>
> and iptables just return
>
> iptables: invalid argument
REDIRECT should be done in the nat table, not the mangle table.
Antony.
--
Software development can be quick, high quality, or low cost.
The customer gets to pick any two out of three.
Please reply to the
list;
please don't
CC me.
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2004-05-04 12:13 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2004-05-04 11:00 iptables: invalid arguement with kernel 2.6.5 Det Buaklee
2004-05-04 11:31 ` Angel
2004-05-04 11:33 ` Antony Stone
2004-05-04 12:13 ` Det Buaklee
2004-05-04 11:43 ` Krystian
2004-05-04 11:58 ` Sven Schuster
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.