On Thu, 13 Nov 2003 22:40, John Allen wrote: > On Thursday 13 November 2003 01:50, [EMAIL PROTECTED] wrote: > > Hello > > > > I recently discovered that iptables 1.2.8 nat command does not work fully > > in 9.2 on i586 > > > > Something like this: > > Tried the following with stocck 9.2 > > /sbin/iptables -t nat -A PREROUTING -i eth0 -d 10.0.0.2 -p tcp -m tcp > --dport 80 -j REDIRECT --to-port 3128 OK > > /sbin/iptables -t nat -A PREROUTING -i eth0 -d 10.0.0.2 -p tcp -m tcp > --dport 80 -j DNAT --to-destination 192.120.145.123:80 OK > > > iptables -t nat -A PREROUTING -i eth0 -d xx.xx.xx.xx -p tcp -m tcp > > --dport 23 -j DNAT --to-destination yy.yy.yy.yy:23
Ok. Perhaps it has to do with using a custom kernel (2.6.0-test9 on two boxes and 2.4.23-pre5 on another). I have three boxes with mdk92 here and all give me this: iptables -t nat -A PREROUTING -i eth0 -d 10.0.0.2 -p tcp -m tcp --dport 80 -j REDIRECT --to-port 3128 iptables: Invalid argument and in each case installing the redhat binary rpms fix it. Recompiling the iptables srpms for mandrake 9.2 does not fix it, and compiling the redhat srpms doesn't either. Obviously there's a problem with having different kernel sources. I guess if it works for you then it works with the default kernel, and if you can compile your own kernel you can compile your own iptables. However the srpms do not cut it. I haven't tried with raw iptables sources. I don't know if this needs any real attention. Cheers, Con