List Info

Thread: problem with postrouting chain
problem with postrouting chain
country flaguser name
Cuba		 2007-07-27 05:14:12 
Hi:

I'm running pre compilied 2.6.18-4 kernel on debian etch.

I=B4ve load this modules:

ip_nat_irc
ip_conntrack_irc
iptable_nat
ip_tables
ip_nat_ftp
ip_nat
ip_conntrack_ftp
ip_conntrack

When I try to run this rules:

/sbin/iptables -A POSTROUTING -s 192.168.1.0/24 -d
XXX.XXX.XXX.XXX -o=20
YYY.YYY.YYY.YYY -p tcp -m tcp --dport 110 -j SNAT
--to-source=20
YYY.YYY.YYY.YYY

I get this error.

iptables: No chain/target/match by that name

If I insert chain type: INPUT, OUTPUT or FORWARD they run
without problem.

What's happen exactly???? There's a problem in kernel?

Thanks

Zng
Re: problem with postrouting chain
country flaguser name
Sweden		 2007-07-27 11:16:20 
Add "-t nat" before -A POSTROUTING

jose a. zúñiga <zunigabaibrama.cult.cu>
kirjoitti Fri, 27 Jul 2007  
13:14:12 +0300:

> Hi:
>
> I'm running pre compilied 2.6.18-4 kernel on debian
etch.
>
> I=B4ve load this modules:
>
> ip_nat_irc
> ip_conntrack_irc
> iptable_nat
> ip_tables
> ip_nat_ftp
> ip_nat
> ip_conntrack_ftp
> ip_conntrack
>
> When I try to run this rules:
>
> /sbin/iptables -A POSTROUTING -s 192.168.1.0/24 -d
XXX.XXX.XXX.XXX -o=20
> YYY.YYY.YYY.YYY -p tcp -m tcp --dport 110 -j SNAT
--to-source=20
> YYY.YYY.YYY.YYY
>
> I get this error.
>
> iptables: No chain/target/match by that name
>
> If I insert chain type: INPUT, OUTPUT or FORWARD they
run without  
> problem.
>
> What's happen exactly???? There's a problem in kernel?
>
> Thanks
>
> Zng
>
>
Re: problem with postrouting chain
country flaguser name
France		 2007-07-28 05:36:50 
Hello

Eljas Alakulppi a écrit :
> jose a. zúñiga <zunigabaibrama.cult.cu>
kirjoitti Fri, 27 Jul 2007  
> 13:14:12 +0300:
>>
>> When I try to run this rules:
>>
>> /sbin/iptables -A POSTROUTING -s 192.168.1.0/24 -d
XXX.XXX.XXX.XXX -o=20
>> YYY.YYY.YYY.YYY -p tcp -m tcp --dport 110 -j SNAT
--to-source=20
>> YYY.YYY.YYY.YYY

I suppose that the =20 are not really part of the rule but
probably the 
trace of some quoted-printable encoding.

>> I get this error.
>>
>> iptables: No chain/target/match by that name
>>
> Add "-t nat" before -A POSTROUTING

Also, the -o option takes an interface name (eth0, ppp0...),
not an IP 
address. However iptables does not check that the specified
interface 
name actually exists. So this rule is not likely to match
anything.
[1-3]

about | contact  Other archives ( Real Estate discussion Medical topics )