Thus spake Daniel De Graaf on Mon, Sep 25, 2006 at 07:37:13PM CDT > The (unsigned)(-1) is a known bug (#460 in bugzilla), fixed in > subversion versions of iptables. > However, it is only an invalid reporting of the error; the fixed > version would output "iptables: Invalid Argument". > > The error is because SNAT must be in POSTROUTING, not PREROUTING. Thanks. I had just discovered this. I'm trying to wrangle a VPN into shape and feeling my way. Sorry for the noise! -- Lindsay Haisley | "Fighting against human | PGP public key FMP Computer Services | creativity is like | available at 512-259-1190 | trying to eradicate | <http://pubkeys.fmp.com> http://www.fmp.com | dandelions" | | (Pamela Jones) |
