RE: iptables -t nat -A OUTPUT - j DNAT

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



this usually means you did not compile the patch-o-matic patch to fix the OUTPUT bug. Can you check this and make sure it's done as it's not default (for some weird resason)..

-----Original Message-----
From: Leszek Zur [mailto:lzur@xxxxxxxxxxxxx]
Sent: Saturday, May 24, 2003 12:41 AM
To: netfilter@xxxxxxxxxxxxxxxxxxx
Subject: iptables -t nat -A OUTPUT - j DNAT 


Hello all.

Slackware 9.0
kernel 2.4.20
iptables 1.2.7a

iptables -t nat -A OUTPUT -d 1.1.1.1 -j DNAT --to-destination 2.2.2.2
iptables: Invalid argument

>From iptables manual:
   DNAT
       This  target  is  only valid in the nat table, in the PREROUTING and
OUTPUT chains,
       and user-defined chains which are only called from those chains.  It
specifies that
       the destination address of the packet should be modified (and all
future packets in
       this connection will also be mangled), and rules should cease being
examined.   It
       takes one type of option:

       --to-destination ipaddr[-ipaddr][:port-port]
              which can specify a single new destination IP address, an
inclusive range of
              IP addresses, and optionally, a port range (which is only
valid if the  rule
              also  specifies  -p tcp or -p udp).  If no port range is
specified, then the
              destination port will never be modified.



anybody can help me ??





[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux