From: Maarten Vanraes <maarten@ba.be>
To: netfilter@vger.kernel.org
Cc: Bob Miller <bob@computerisms.ca>
Subject: Re: xtables-addons ACCOUNT
Date: Tue, 19 Oct 2010 10:09:32 +0200 [thread overview]
Message-ID: <201010191009.32841.maarten@ba.be> (raw)
In-Reply-To: <1287419553.13167.237.camel@laplaplian>
Op maandag 18 oktober 2010 18:32:33 schreef Bob Miller:
> > loaded, I created the following rules for my
> >
> > networks:
> >
> > gatelian:/usr/lib# iptables-save | grep tname
> > -A POSTROUTING -j ACCOUNT --addr 0.0.0.0/0 --tname wan
> > -A POSTROUTING -j ACCOUNT --addr 192.168.25.0/24 --tname computerisms
> > -A POSTROUTING -j ACCOUNT --addr 192.168.24.0/24 --tname
> > computerisms-public
>
> This is in the mangle table...
hmm.
i used iptables and iptables-dev from squeeze on a lenny; and libnfnetfilter
from backports to get good versions as i looked at the distro compatibility
chart. Then, i compiled xtables-addons from source with:
./configure --prefix=/usr --sbindir=/sbin --with-xtdirlib=/lib
this way the stuff is in the correct debian dir. The module loaded
automatically and pretty ok.
i tried:
iptables -A INPUT -j ACCOUNT --addr 10.66.6.0/24 --tname storagenet
iptables -A FORWARD -j ACCOUNT --addr 194.0.234.0/24 --tname publicnet
iptables -A FORWARD -j ACCOUNT --addr 0.0.0.0/0 --tname self
and stuff. in any case, i can't do this now, because i always get the same
error now. I think i'll need to reboot to get a fresh start.
this was all in the main table.
where exactly should i use the ACCOUNT module? does that matter?
the error message:
"iptables: Invalid argument. Run `dmesg' for more information."
in dmesg nothing is there.
error message when trying to use it now:
ACCOUNT: Table publicnet found, but IP/netmask mismatch. IP/netmask found:
194.0.234.0/255.255.255.0
ACCOUNT: Table insert problem. Aborting
when trying to remove the rule with iptables:
ACCOUNT: Table publicnet not found for destroy
"iptaccount -a" does show the nets fine; but the -l publicnet always gives:
Showing table: publicnet
Run #0 - 0 items found
Finished.
next prev parent reply other threads:[~2010-10-19 8:09 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-10-18 15:12 xtables-addons ACCOUNT Maarten Vanraes
2010-10-18 16:18 ` Bob Miller
2010-10-18 16:32 ` Bob Miller
2010-10-19 8:09 ` Maarten Vanraes [this message]
2010-10-19 9:38 ` Jan Engelhardt
2010-10-19 10:00 ` Maarten Vanraes
2010-10-19 16:45 ` Bob Miller
2010-10-20 8:25 ` Maarten Vanraes
2010-10-20 9:16 ` Jan Engelhardt
2010-10-20 13:03 ` Maarten Vanraes
2010-10-20 17:36 ` Jan Engelhardt
2010-10-21 11:31 ` Maarten Vanraes
2010-10-27 20:28 ` Jan Engelhardt
2010-10-28 7:32 ` Maarten Vanraes
2010-10-28 22:20 ` Jan Engelhardt
2010-10-29 7:31 ` Maarten Vanraes
-- strict thread matches above, loose matches on Subject: below --
2010-10-25 7:35 Maarten Vanraes
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=201010191009.32841.maarten@ba.be \
--to=maarten@ba.be \
--cc=bob@computerisms.ca \
--cc=netfilter@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.