* invalid argument
@ 2004-07-05 11:59 Luis GUSTAVO
2004-07-05 12:24 ` Patrick Leslie Polzer
0 siblings, 1 reply; 5+ messages in thread
From: Luis GUSTAVO @ 2004-07-05 11:59 UTC (permalink / raw)
To: netfilter
Hi people,
i´m using the follow rule:
iptables -t nat -A POSTROUTING -o eth0 -J MASQUERADE
invalid argument
what is this... my rule is ok.
thank you
=====
SlackWare Simply the Best
Luis GUSTAVO
+55 (21) 9891-3560
---------------------------------------------------------------------------------
_______________________________________________________
Yahoo! Mail agora com 100MB, anti-spam e antivírus grátis!
http://br.info.mail.yahoo.com/
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: invalid argument
2004-07-05 11:59 invalid argument Luis GUSTAVO
@ 2004-07-05 12:24 ` Patrick Leslie Polzer
0 siblings, 0 replies; 5+ messages in thread
From: Patrick Leslie Polzer @ 2004-07-05 12:24 UTC (permalink / raw)
To: netfilter
On Mon, 5 Jul 2004 08:59:54 -0300 (ART)
Luis GUSTAVO <lgpcf@yahoo.com.br> wrote:
> i´m using the follow rule:
> iptables -t nat -A POSTROUTING -o eth0 -J MASQUERADE
> invalid argument
>
> what is this... my rule is ok.
No. It has to be a lower-case 'j'.
Leslie
^ permalink raw reply [flat|nested] 5+ messages in thread
* Invalid Argument
@ 2004-09-06 12:48 João Carlos Garcia
2004-09-06 15:58 ` Jose Maria Lopez
2004-09-06 20:18 ` Jason Opperisano
0 siblings, 2 replies; 5+ messages in thread
From: João Carlos Garcia @ 2004-09-06 12:48 UTC (permalink / raw)
To: netfilter
Hi,
I´m trying to configure iptables rules, but ...
I´m testing the rules in a separeted environment, but the final topology will be the following
ADSL -- [ LINUX ] -- LOCAL NETWORK
The script look like this
#!/bin/sh
INTIF=eth0
EXTIF=eth1
INTIP=192.168.0.3
EXTIP=172.16.0.3
echo 1 > /proc/sys/net/ipv4/conf/eth0/proxy_arp
echo 1 > /proc/sys/net/ipv4/conf/eth1/proxy_arp
echo 1 > /proc/sys/net/ipv4/ip_forward
for f in /proc/sys/net/ipv4/conf/*/rp_filter;
do
echo 1 > $f;
done
iptables -F INPUT
iptables -F OUTPUT
iptables -F FORWARD
iptables -A INPUT -j DROP
iptables -A FORWARD -j DROP
iptables -A OUTPUT -j DROP
...
iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -o $EXTIF -j SNAT --to-source $EXTIP
When the script run the last rule ( NAT ), occurs an error : iptables invalid argument.
I want that the iptables change the source IP address ( 192.168 ) to his ip address ( 172.16.0.3 ) to all connection to Internet
Could anyone help me ?
Thanks in advanced
João Carlos
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.745 / Virus Database: 497 - Release Date: 27/8/2004
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: Invalid Argument
2004-09-06 12:48 Invalid Argument João Carlos Garcia
@ 2004-09-06 15:58 ` Jose Maria Lopez
2004-09-06 20:18 ` Jason Opperisano
1 sibling, 0 replies; 5+ messages in thread
From: Jose Maria Lopez @ 2004-09-06 15:58 UTC (permalink / raw)
To: netfilter@lists.netfilter.org
El lun, 06 de 09 de 2004 a las 14:48, João Carlos Garcia escribió:
> Hi,
>
> I´m trying to configure iptables rules, but ...
> I´m testing the rules in a separeted environment, but the final topology will be the following
> ADSL -- [ LINUX ] -- LOCAL NETWORK
>
> The script look like this
>
> #!/bin/sh
> INTIF=eth0
> EXTIF=eth1
> INTIP=192.168.0.3
> EXTIP=172.16.0.3
>
> echo 1 > /proc/sys/net/ipv4/conf/eth0/proxy_arp
> echo 1 > /proc/sys/net/ipv4/conf/eth1/proxy_arp
> echo 1 > /proc/sys/net/ipv4/ip_forward
> for f in /proc/sys/net/ipv4/conf/*/rp_filter;
> do
> echo 1 > $f;
> done
>
> iptables -F INPUT
> iptables -F OUTPUT
> iptables -F FORWARD
> iptables -A INPUT -j DROP
> iptables -A FORWARD -j DROP
> iptables -A OUTPUT -j DROP
> ...
>
> iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -o $EXTIF -j SNAT --to-source $EXTIP
>
> When the script run the last rule ( NAT ), occurs an error : iptables invalid argument.
> I want that the iptables change the source IP address ( 192.168 ) to his ip address ( 172.16.0.3 ) to all connection to Internet
>
> Could anyone help me ?
> Thanks in advanced
> João Carlos
The rule is correct, I write it in my system and it works, so you
probably have a problem of not having synced the iptables userspace
tools and the kernel space or something similar.
--
Jose Maria Lopez Hernandez
Director Tecnico de bgSEC
jkerouac@bgsec.com
bgSEC Seguridad y Consultoria de Sistemas Informaticos
http://www.bgsec.com
ESPAÑA
The only people for me are the mad ones -- the ones who are mad to live,
mad to talk, mad to be saved, desirous of everything at the same time,
the ones who never yawn or say a commonplace thing, but burn, burn, burn
like fabulous yellow Roman candles.
-- Jack Kerouac, "On the Road"
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: Invalid Argument
2004-09-06 12:48 Invalid Argument João Carlos Garcia
2004-09-06 15:58 ` Jose Maria Lopez
@ 2004-09-06 20:18 ` Jason Opperisano
1 sibling, 0 replies; 5+ messages in thread
From: Jason Opperisano @ 2004-09-06 20:18 UTC (permalink / raw)
To: netfilter
On Mon, 2004-09-06 at 08:48, João Carlos Garcia wrote:
> iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -o $EXTIF -j SNAT --to-source $EXTIP
>
> When the script run the last rule ( NAT ), occurs an error : iptables invalid argument.
> I want that the iptables change the source IP address ( 192.168 ) to his ip address ( 172.16.0.3 ) to all connection to Internet
>
> Could anyone help me ?
> Thanks in advanced
> João Carlos
my guess is you've compiled a custom kernel, possibly applied some POM
patches, and you have not recompiled the iptables userspace utilities.
-j
--
Jason Opperisano <opie@817west.com>
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2004-09-06 20:18 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2004-09-06 12:48 Invalid Argument João Carlos Garcia
2004-09-06 15:58 ` Jose Maria Lopez
2004-09-06 20:18 ` Jason Opperisano
-- strict thread matches above, loose matches on Subject: below --
2004-07-05 11:59 invalid argument Luis GUSTAVO
2004-07-05 12:24 ` Patrick Leslie Polzer
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.