maillog: 01/04/2008-11:40:14(+0200): Noino types > Eljas Alakulppi wrote : >> 1. Are you trying to redirect traffic directed to port 53 to port 10053? >> Use REDIRECT target. > > This is overwhelming :-( would you (collective) be so kind as to write out > the needed rule(s) so I can leave you to rest at last ? >>> iptables -t nat -A OUTPUT -o lo -p udp --dport 53 -j DNAT >>> --to-destination :10053 >>> iptables: Invalid argument >> 2. DNAT requires destination IP as well. > > OK, if I replace an explicit --to-destination 127.0.0.1:10053 , still I'm > getting "Invalid argument" ! > Is that diag what you would get ? I suspect my iptables may be out of sync > with my kernel, which is why I dare reiterate my question... > TYVM Maybe it is the "-p udp" that is causing the message. Does -j LOG (instead of -j DNAT --to-destination) work? If it does not, then you need to add "-m udp" in front of "-p udp". -- (* Georgi Georgiev (* "If anything can go wrong, it will." -- (* *) chutz@xxxxxxx *) Edsel Murphy *) (* http://www.gg3.net/ (* (* -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
