Yep. iptables -j ROUTE -h | grep -i ROUTE gives no output at all. So CentOS and/or RHEL must need rebuilding like you said. I was actually trying to ROUTE to an IP alias to get around an ipsec problem introduced by a Red Hat patch. If I have to rebuild something either way, I'll go straight to the source of the trouble and recompile openswan without the problem patch. On Mon, Jan 26, 2009 at 9:12 AM, Pascal Hambourg <pascal.mail@xxxxxxxxxxxxxxx> wrote: > Andy Theuninck a écrit : >> >> iptables -j ROUTE -h gives identical output to iptables -h. > > Even at the very end ? It should display help about the ROUTE target like > here : > >> ROUTE target v1.11 options: >> --oif ifname Route packet through `ifname' network >> interface >> --iif ifname Change packet's incoming interface to >> `ifname' >> --gw ip Route packet via this gateway `ip' >> --continue Route packet and continue traversing the >> rules. Not valid with --iif or --tee. >> --tee Duplicate packet, route the duplicate, >> continue traversing with original packet. >> Not valid with --iif or --continue. > > Else it means this target is not supported by your iptables build. > I remember that (by default ?) some versions built only shared libraries for > matches and target supported in the kernel, so you had to rebuild iptables > after enabling a new feature in the kernel. > -- > To unsubscribe from this list: send the line "unsubscribe netfilter" in > the body of a message to majordomo@xxxxxxxxxxxxxxx > More majordomo info at http://vger.kernel.org/majordomo-info.html > -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
