[Shorewall-users] PPTP

Tom Eastep teastep at shorewall.net
Fri, 11 Oct 2002 19:20:39 -0700


Eric E. Bowles wrote:
> Hi there,
> 
> 
>>Rickard Eriksson wrote:
>>
>>+ run_iptables -t nat -A eth0_masq -s 192.168.0.1/24 -d 0.0.0.0/0 -j 
>>MASQUERADE
>>++ echo -t nat -A eth0_masq -s 192.168.0.1/24 -d 0.0.0.0/0 -j MASQUERADE
>>++ sed 's/!/! /g'
>>+ iptables -t nat -A eth0_masq -s 192.168.0.1/24 -d 0.0.0.0/0 -j MASQUERADE
>>iptables: Invalid argument
> 
> 
> I've seen the same thing before: the iptables command fails with
> "Invalid argument" when passed the "-j MASQUERADE" option.  Would
> you by any chance have PPTP connection tracking enabled?
> 
> I'm not sure if this applies to your case, but my similar problems went 
> away after I removed the extra/pptp-conntrack-nat.patch (from iptables 
> patch-o-matic).
> 
> Also you might be able to find some information by checking the netfilter 
> mailing lists.
> 

Thanks Eric -- as the thread title indicates, I believe that Rickard is 
trying to implement the PPTP nat/conntrack patches.

-Tom
-- 
Tom Eastep    \ Shorewall - iptables made easy
AIM: tmeastep  \ http://www.shorewall.net
ICQ: #60745924  \ teastep@shorewall.net