On Thursday 19 December 2002 08:39 pm, Chip Upsal wrote: > I have a windows 2000 server running apache 2.0.43 with virtual hosts > behind an iptables firewall doing NAT. > I am running iptables v1.2.5 on a redhat 7.3 server. > # PWWEB > # > $IPTABLES -t nat -A PREROUTING -p TCP -i $INET_IFACE -d $PWWEB_IP > --dport 80 \ > -j DNAT --to-destination $DMZ_PWWEB_IP > > $IPTABLES -t nat -A PREROUTING -p ICMP -i $INET_IFACE -d $PWWEB_IP \ > -j DNAT --to-destination $DMZ_PWWEB_IP > The problem.... > When the server is connected directly to the internet all works well. > However, when it is behind the firewall the virtualhost are not > working (you can only access the default web site. > > Furthermore i am getting the following errors when starting iptables; > > [root@iptables init.d]# ./iptables restart > Flushing all current rules and user defined chains: [ OK ] > Clearing all current rules and user defined chains: [ OK ] > Applying iptables firewall rules: [ OK ] > iptables v1.2.5: Unknown arg `--to-destination' > Try `iptables -h' or 'iptables --help' for more information. My money is on a failure to load the nat module. Try "insmod iptable_nat" from a root console, then restart. If that's it, just put it somewhere at the top of your script. j
