From: Whit Blauvelt <whit@transpect.com>
To: David Busby <busby@pnts.com>
Cc: netfilter@lists.netfilter.org
Subject: Re: SNAT "invalid argument"
Date: Mon, 4 Aug 2003 15:56:14 -0400 [thread overview]
Message-ID: <20030804195613.GA8638@free.transpect.com> (raw)
In-Reply-To: <06a001c35abb$cfcf0120$1100000a@busbydev>
Hi David,
Interesting, since in this document:
http://www.netfilter.org/documentation/HOWTO//NAT-HOWTO-6.html#ss6.1
I read (and directly paste from there):
## Change source addresses to 1.2.3.4.
# iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to 1.2.3.4
But anyway:
# iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to-source 207.136.236.68
iptables: Invalid argument
And also:
# iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables: Invalid argument
Now, that second failure has nothing to do with whether the current syntax
is --to (per the HOWTO I see) or --to-source (per the version you report).
The root of both problems is bound to be the same here.
How you're seeing different text in the same document on the official site
(and with Rusty's name on it) is curious. In any case the problem I'm seeing
has a different basis. ;(
Whit
On Mon, Aug 04, 2003 at 12:08:38PM -0700, David Busby wrote:
> In this doc
> http://www.netfilter.org/documentation/HOWTO//NAT-HOWTO-6.html#ss6.1 it says
> use --to-source, not --to
>
> /B
> ----- Original Message -----
> From: "Whit Blauvelt" <whit@transpect.com>
> To: <netfilter@lists.netfilter.org>
> Sent: Monday, August 04, 2003 11:56
> Subject: SNAT "invalid argument"
>
>
> > Hi,
> >
> > I've been using SNAT for some time on several systems. However on a system
> I
> > just built I get the following response:
> >
> > # iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to 1.2.3.4
> > iptables: Invalid argument
> >
> > That's with 1.2.3.4 replaced by a real IP (or not).
> >
> > This is driving me up the wall since "Full NAT" support is compiled into
> > the 2.4.21 kernel. The iptables version is 1.2.8. The only thing different
> > in the kernel options from what I've used before is that I also included
> > "NAT of local connections" - haven't tried to use that yet though.
> >
> > iptables is otherwise working fine. -j MASQUERADE (also compiled in) also
> > gives me an "Invalid argument" - so it does look like something's wrong in
> > the NAT section, but damned if I know what.
> >
> > Whit
> >
next prev parent reply other threads:[~2003-08-04 19:56 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2003-08-04 18:56 SNAT "invalid argument" Whit Blauvelt
2003-08-04 19:08 ` David Busby
2003-08-04 19:56 ` Whit Blauvelt [this message]
2003-08-04 21:45 ` Martin Josefsson
2003-08-04 23:45 ` Whit Blauvelt
2003-08-04 23:55 ` Whit Blauvelt
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20030804195613.GA8638@free.transpect.com \
--to=whit@transpect.com \
--cc=busby@pnts.com \
--cc=netfilter@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.