Can you REDIRECT in the FORWARD chain in the filter table?
On Mon, May 06, 2002 at 03:35:43PM -0600, [EMAIL PROTECTED] wrote: > I've just spent a couple hours looking via Google for others that have had > this problem, and it doesn't seem to come up much. > > I'm using a PLD compiled kernel, standard to the distro (netfilter 1.2.5, > utilities to match, and 1.2.6a's changelog doesn't mention my problem) > > When I try to execute this command: > > iptables -A FORWARD -p tcp -s 206.168.119.1 --dport 80 \ > -j REDIRECT --to-port 3128 > > I get: > > iptables: Invalid Argument > > If I use insert instead of append, I get: > > iptables: Target problem. > > In both cases, the call to setsockopt that iptables makes gets EINVAL > returned. The kernel log shows nothing at all, and the modules -are- > loading properly -- ip_tables, iptable_filter, ipt_REDIRECT. I'm also using > ipt_LOG, ipt_limit, and have played with NAT a bit, though it's not loaded > at the moment. > > The one thing I can think of that could cause problems is the (partially > closed source) SAND drivers (from imagestream.com) that we're using to run > the WAN cards (RISCom N2/CSU cards). > > Most frustrating, since using squid will probably save us nearly a T1s-worth > of bandwidth. > > Any help would be appreciated, > Rick Stewart
