I am using a 2.4.20 kernel with pom-20030107 and iptables v1.2.7a. From pom-20030107, I have installed all the pending patches and all the base patches. In addition, I have installed the following extra patches: ipt-amanda-conntrack-nat ipt-eggdrop-conntrack-nat ipt-proc ipt-mms-conntrack-net ipt-pptp-conntrack-net ipt-quake3-conntrack-net ipt-rsh-conntrack-net ipt-tftp-conntrack-net The patch names are not official or anything. I just split them up and called them that. Hopefully, the name is clear enough to you to recognize an "extra" patch. Please let me know if this is confusing. The problem is, when I compile the kernel statically and enable all the iptables options, I cannot do NAT. Any iptables line that specifies a chain in the nat table causes an Invalid Argument: # iptables -t nat -A POSTROUTING -o $EXTERNAL -s $INTERNAL_NETWORK -j SNAT --to-source $EXTERNAL_IP Invalid argument Another interesting thing to point out, is that I also compiled this kernel with modules and experienced the same problem. I was, however, able to fix it by disabling the IPv4 netfilter option for "NAT of local connections". For the module kernel, disabling this option fixes the problem. For the staticly compiled kernel, disabling this option has no effect-- the error persists. Anyone have any ideas? Please CC me directly if you respond to the list, since I am not subscribed (yet). Thank you, Cory Visi
