Hi.
Found the problem.
Apparently I needed the itp_tcp module.
Earlier kernels must have included it in some other module.
/Pär
Jan Engelhardt skrev:
My old firewall rules are not functioning anymore.
Try specifying -t nat before ALL options. ebtables for instance required
this for long, i.e.
iptables -t nat -A PREROUTING...
Target rules that are using -j DNAT such as this one:
$IPTABLES -A PREROUTING -t nat -i $EXT -p tcp --dport 3389 -j DNAT --to
192.168.x.x:3389
and j- ACCEPT
$IPTABLES -A INPUT -p tcp -i $EXT -d 0/0 --dport 3724 -j ACCEPT
Does not work.
For iptables 1.3.4 it does not work (returns an errorcode) and for
1.3.5_iptables-1.3.5-20060702 it returns
iptables: No chain/target/match by that name
I have all iptables dependent modules in the kernel set as loadable modules.
So I do this in the beginning of the firewall script:
modprobe ip_tables
modprobe ip_conntrack_irc
modprobe ip_conntrack
modprobe ip_nat_irc
modprobe iptable_filter
modprobe iptable_nat
modprobe iptable_mangle
modprobe ipt_conntrack
modprobe ipt_MASQUERADE
modprobe ipt_multiport
modprobe ipt_state
modprobe ipt_REDIRECT
modprobe ipt_REJECT
modprobe ipt_LOG
Anyone have any ideas on how to proceed on this ?
I really need 2.6.17.x in order to activate new wireless functions that has
been added into the 2.6.17.x kernel.
Cheers
/P
Jan Engelhardt
