One thing I've noted whilst playing with moving to 2.6.0 with iptables 1.2.9 -- for some reason iptables -A POSTROUTING -t nat -o ppp0 -j SNAT --to-source xx.yy.zz.qq (my outside ip address) just plain doesn't work. -- in my iptables-restore startup function it is the only rule that fails. (if I comment the SNAT line out of my source file it works) the above command produces bad option xx.yy.zz.qq if I change --to-source to -to-source , i get you must specify --to-source it rather looks like iptables command is trying to parse what to do with --to-source rather than passing it to libipt_SNAT.so .... Am I just in need of some patching here ... or do I need to rebuilt userspace stuff with the new kernel? I have yet to get pom-ng to work on my 2.6.0 kernel (although I am working my way through the directory finding things that DO patch successfully -- like mport) Alistair Tonner
