Please don't top-post your replies. It makes it very difficult to
follow, especially since the post you're replying to has not (yet?)
reached the list.
> > Jorge I. Davila L. wrote:
> > >I'm trying to use the iprange match, but every time when I want
> > > apply a rule I receives:
> > >
> > >iptables: No chain/target/match by that name
> > >
> > >I'm using a 2.4.30 kernel in a xen domainU
"xen domainU" is not familiar to me.
> > >The iptables that I'm using is 1.3.3
> > >
> > >The rule that I'm testing is:
> > >
> > >iptables -A OUTPUT -p tcp -m iprange --src-range
> > >192.168.223.1-192.168.223.2
> > >
> El mar, 11-10-2005 a las 22:09 +0300, Daniel Ivanov escribió:
> > Well, you should try applying a target to that rule , try -j ACCEPT
> > or -j DROP
And no, this is not important. You can have rules without targets.
On Tuesday 2005-October-11 13:36, Jorge I. Davila L. wrote:
> well .. the complete rule:
>
> iptables -A OUTPUT -p tcp -m iprange \
> --src-range 192.168.223.1-192.168.223.2 \
> -j ACCEPT
>
> iptables: No chain/target/match by that name
I guess this means that your kernel lacks support for the iprange
target. "CONFIG_IP_NF_MATCH_IPRANGE=m"
This is at most a minor inconvenience. You can always use CIDR
addressing and multiple rules. (I always try to keep logical breaks in
network space on CIDR boundaries, to facilitate this.)
--
mail to this address is discarded unless "/dev/rob0"
or "not-spam" is in Subject: header
