iptables-restore v1.2.9: Line 13 seems to have a -t table option.
Alexander Dalloz
alexander.dalloz at uni-bielefeld.de
Mon Aug 30 20:18:42 UTC 2004
Am Mo, den 30.08.2004 schrieb Hans Christian Studt um 21:49:
Please don't change the reply address like you did. It is very
uncomfortable to always have to check that a reply will go to the list!
> >What is the content of /etc/sysconfig/iptables and especially line 13
in
> >this file? Seems you have wrong syntax in there.
>
> ========== /etc/sysconfig/iptables ==========
> 1 *filter
> 2 :INPUT ACCEPT [0:0]
> 3 :FORWARD ACCEPT [0:0]
> 4 :OUTPUT ACCEPT [0:0]
> 5 :RH-Firewall-1-INPUT - [0:0]
> 6 -A INPUT -j RH-Firewall-1-INPUT
> 7 -A FORWARD -j RH-Firewall-1-INPUT
> 8 -A RH-Firewall-1-INPUT -i lo -j ACCEPT
> 9 -A RH-Firewall-1-INPUT -i eth0 -j ACCEPT
> 10 -A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT
> 11 -A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j
ACCEPT
> 12 -A RH-Firewall-1-INPUT -j REJECT --reject-with
icmp-host-prohibited
> 13 -t nat -A POSTROUTING -o ppp0 -j MASQUERADE
> 14 COMMIT
> ========== /etc/sysconfig/iptables ==========
>
> Mvh Hans Christian Studt
Right, the error is abvious.
You have a wrong command line (line 13) in the filter section. Remove
line 13. Add to top of the iptables file following:
*nat
:PREROUTING ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A POSTROUTING -o ppp0 -j MASQUERADE
COMMIT
Run "service iptables restart" and all is fine.
Alexander
--
Alexander Dalloz | Enger, Germany | GPG key 1024D/ED695653 1999-07-13
Fedora GNU/Linux Core 2 (Tettnang) kernel 2.6.8-1.521smp
Serendipity 22:17:14 up 19:33, 12 users, 0.44, 0.22, 0.18
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20040830/6ce6eb1e/attachment-0001.sig>
More information about the fedora-list
mailing list