* iptables -j ROUTE --gw xxxx not working?
@ 2008-04-08 18:38 Eric B.
2008-04-08 19:06 ` Jan Engelhardt
0 siblings, 1 reply; 3+ messages in thread
From: Eric B. @ 2008-04-08 18:38 UTC (permalink / raw)
To: netfilter
Hi,
I'm running RHEL4.2 with iptables iptables v1.2.11 from pkg
iptables-1.2.11-3.1.RHEL4.
I've tried the following command but been told that --gw argument is
unknown:
# iptables -t mangle -I POSTROUTING -j ROUTE --gw 192.168.104.251
iptables v1.2.11: Unknown arg `--gw'
Is this a syntax error (and error in the man pages), or just an option not
available in this version of iptables?
Thanks,
Eric
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: iptables -j ROUTE --gw xxxx not working?
2008-04-08 18:38 iptables -j ROUTE --gw xxxx not working? Eric B.
@ 2008-04-08 19:06 ` Jan Engelhardt
2008-04-08 19:20 ` Eric B.
0 siblings, 1 reply; 3+ messages in thread
From: Jan Engelhardt @ 2008-04-08 19:06 UTC (permalink / raw)
To: Eric B.; +Cc: netfilter
On Tuesday 2008-04-08 20:38, Eric B. wrote:
>Hi,
>
>I'm running RHEL4.2 with iptables iptables v1.2.11 from pkg
>iptables-1.2.11-3.1.RHEL4.
>
>I've tried the following command but been told that --gw argument is
>unknown:
>
># iptables -t mangle -I POSTROUTING -j ROUTE --gw 192.168.104.251
>iptables v1.2.11: Unknown arg `--gw'
Then you don't have(*) ROUTE. I would not even bother with this
ancient method of policy routing. Nowadays, MARK is used together
with iproute2 to select output routes.
(*) The reason it does not display an error is deeper design problem
in iptables. Reason being that it cannot tell beforehand if ROUTE is
a chain or an actual target, and as such, failure to load a target
extension is considered normal until the tables are actually going to
be committed.
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: iptables -j ROUTE --gw xxxx not working?
2008-04-08 19:06 ` Jan Engelhardt
@ 2008-04-08 19:20 ` Eric B.
0 siblings, 0 replies; 3+ messages in thread
From: Eric B. @ 2008-04-08 19:20 UTC (permalink / raw)
To: netfilter
"Jan Engelhardt" <jengelh@computergmbh.de> wrote in message
news:alpine.LNX.1.10.0804082104350.2229@fbirervta.pbzchgretzou.qr...
>
> On Tuesday 2008-04-08 20:38, Eric B. wrote:
>>Hi,
>>
>>I'm running RHEL4.2 with iptables iptables v1.2.11 from pkg
>>iptables-1.2.11-3.1.RHEL4.
>>
>>I've tried the following command but been told that --gw argument is
>>unknown:
>>
>># iptables -t mangle -I POSTROUTING -j ROUTE --gw 192.168.104.251
>>iptables v1.2.11: Unknown arg `--gw'
>
> Then you don't have(*) ROUTE. I would not even bother with this
> ancient method of policy routing. Nowadays, MARK is used together
> with iproute2 to select output routes.
I would be more than happy to avoid this ancient method of policy routing.
Indeed, I was trying to get MARK to work together with iproute2 to select my
output routes and wasn't working, hence I figured I would try something
different (see my msg titled Need help understanding how to debug packet
traversal) and see if my logic was at least right. I seem to be having a
lot of difficulty "seeing" what my packet is doing via iptables/iproute2.
Sure enough, I did a quick search for a *.ROUTE.so module and couldn't find
anything on my system.
Okay - back to the drawing board then....
Thanks for the clarification,
Eric
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2008-04-08 19:20 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2008-04-08 18:38 iptables -j ROUTE --gw xxxx not working? Eric B.
2008-04-08 19:06 ` Jan Engelhardt
2008-04-08 19:20 ` Eric B.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox