From: Maarten Vanraes <maarten@ba.be>
To: netfilter@vger.kernel.org
Cc: Bob Miller <bob@computerisms.ca>
Subject: Re: xtables-addons ACCOUNT
Date: Tue, 19 Oct 2010 10:09:32 +0200 [thread overview]
Message-ID: <201010191009.32841.maarten@ba.be> (raw)
In-Reply-To: <1287419553.13167.237.camel@laplaplian>
Op maandag 18 oktober 2010 18:32:33 schreef Bob Miller:
> > loaded, I created the following rules for my
> >
> > networks:
> >
> > gatelian:/usr/lib# iptables-save | grep tname
> > -A POSTROUTING -j ACCOUNT --addr 0.0.0.0/0 --tname wan
> > -A POSTROUTING -j ACCOUNT --addr 192.168.25.0/24 --tname computerisms
> > -A POSTROUTING -j ACCOUNT --addr 192.168.24.0/24 --tname
> > computerisms-public
>
> This is in the mangle table...
hmm.
i used iptables and iptables-dev from squeeze on a lenny; and libnfnetfilter
from backports to get good versions as i looked at the distro compatibility
chart. Then, i compiled xtables-addons from source with:
./configure --prefix=/usr --sbindir=/sbin --with-xtdirlib=/lib
this way the stuff is in the correct debian dir. The module loaded
automatically and pretty ok.
i tried:
iptables -A INPUT -j ACCOUNT --addr 10.66.6.0/24 --tname storagenet
iptables -A FORWARD -j ACCOUNT --addr 194.0.234.0/24 --tname publicnet
iptables -A FORWARD -j ACCOUNT --addr 0.0.0.0/0 --tname self
and stuff. in any case, i can't do this now, because i always get the same
error now. I think i'll need to reboot to get a fresh start.
this was all in the main table.
where exactly should i use the ACCOUNT module? does that matter?
the error message:
"iptables: Invalid argument. Run `dmesg' for more information."
in dmesg nothing is there.
error message when trying to use it now:
ACCOUNT: Table publicnet found, but IP/netmask mismatch. IP/netmask found:
194.0.234.0/255.255.255.0
ACCOUNT: Table insert problem. Aborting
when trying to remove the rule with iptables:
ACCOUNT: Table publicnet not found for destroy
"iptaccount -a" does show the nets fine; but the -l publicnet always gives:
Showing table: publicnet
Run #0 - 0 items found
Finished.
next prev parent reply other threads:[~2010-10-19 8:09 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-10-18 15:12 xtables-addons ACCOUNT Maarten Vanraes
2010-10-18 16:18 ` Bob Miller
2010-10-18 16:32 ` Bob Miller
2010-10-19 8:09 ` Maarten Vanraes [this message]
2010-10-19 9:38 ` Jan Engelhardt
2010-10-19 10:00 ` Maarten Vanraes
2010-10-19 16:45 ` Bob Miller
2010-10-20 8:25 ` Maarten Vanraes
2010-10-20 9:16 ` Jan Engelhardt
2010-10-20 13:03 ` Maarten Vanraes
2010-10-20 17:36 ` Jan Engelhardt
2010-10-21 11:31 ` Maarten Vanraes
2010-10-27 20:28 ` Jan Engelhardt
2010-10-28 7:32 ` Maarten Vanraes
2010-10-28 22:20 ` Jan Engelhardt
2010-10-29 7:31 ` Maarten Vanraes
-- strict thread matches above, loose matches on Subject: below --
2010-10-25 7:35 Maarten Vanraes
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=201010191009.32841.maarten@ba.be \
--to=maarten@ba.be \
--cc=bob@computerisms.ca \
--cc=netfilter@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).