Op maandag 18 oktober 2010 18:32:33 schreef Bob Miller: > > loaded, I created the following rules for my > > > > networks: > > > > gatelian:/usr/lib# iptables-save | grep tname > > -A POSTROUTING -j ACCOUNT --addr 0.0.0.0/0 --tname wan > > -A POSTROUTING -j ACCOUNT --addr 192.168.25.0/24 --tname computerisms > > -A POSTROUTING -j ACCOUNT --addr 192.168.24.0/24 --tname > > computerisms-public > > This is in the mangle table... hmm. i used iptables and iptables-dev from squeeze on a lenny; and libnfnetfilter from backports to get good versions as i looked at the distro compatibility chart. Then, i compiled xtables-addons from source with: ./configure --prefix=/usr --sbindir=/sbin --with-xtdirlib=/lib this way the stuff is in the correct debian dir. The module loaded automatically and pretty ok. i tried: iptables -A INPUT -j ACCOUNT --addr 10.66.6.0/24 --tname storagenet iptables -A FORWARD -j ACCOUNT --addr 194.0.234.0/24 --tname publicnet iptables -A FORWARD -j ACCOUNT --addr 0.0.0.0/0 --tname self and stuff. in any case, i can't do this now, because i always get the same error now. I think i'll need to reboot to get a fresh start. this was all in the main table. where exactly should i use the ACCOUNT module? does that matter? the error message: "iptables: Invalid argument. Run `dmesg' for more information." in dmesg nothing is there. error message when trying to use it now: ACCOUNT: Table publicnet found, but IP/netmask mismatch. IP/netmask found: 194.0.234.0/255.255.255.0 ACCOUNT: Table insert problem. Aborting when trying to remove the rule with iptables: ACCOUNT: Table publicnet not found for destroy "iptaccount -a" does show the nets fine; but the -l publicnet always gives: Showing table: publicnet Run #0 - 0 items found Finished. -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
