On Fri, 2005-07-08 at 15:53 -0300, Rafael Dreher wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Hi, > > I'm trying do add a rule on a user-defined chain, on the NAT table, with 28 characters. > > The chain have bee added without any problem, but when I add the rule, iptables says that it's unable do find the chain. > > If I reduce the chain to 25 characters, it works. I'm trying to migrate a set of rules form iptables-1.2.11 to 1.3.1, > and I don't want to rewrite the rules. > > Someone can help me? <snip> > I don't have a direct solution for you. From what I recall, the chain name length is hard-coded at 32 characters. That bit us on the ISCS network security management project (http://iscs.sourceforge.net) where we had very long names due to the hierarchical structure of groups and the inheritance model. We switched to automatically generating chain names based upon incrementing numbers. I do not know if the size of the name field has changed with subsequent iptables versions. Wish I could be of more help - John -- John A. Sullivan III Open Source Development Corporation +1 207-985-7880 jsullivan@xxxxxxxxxxxxxxxxxxx Financially sustainable open source development http://www.opensourcedevel.com
