[Shorewall-users] Problem with Masquerading

Pab pab at albanysux.com
Sun Aug 17 13:44:40 PDT 2003


Tom Eastep wrote:
> On Sun, 17 Aug 2003, Pab wrote:
> 
> 
>>Here is part of the trace if tht helps.
>>
>>MASQUERADE
>>+ iptables -t nat -A eth0_masq -s 255.255.255.255/32 -d 0.0.0.0/0 -j
>>MASQUERADE
>>iptables: Invalid argument
>>+ '[' -z '' ']'
>>+ stop_firewall
>>+ set +x
>>
> 
> 
> Ok -- the above is the first MASQ rule begin added and it is valid:
> 
> [root at gateway root]# iptables -t nat -A eth0_masq -s 255.255.255.255 -d
> 0.0.0.0/0 -j MASQUERADE
> [root at gateway root]#
> 
> If you used a recent P-O-M snapshot, you must also rebuild your iptables
> utility using the updated kernel source. Otherwise, all commands
> associated with NAT fail.
> 
> -Tom
> 
> Tom Eastep    \ Shorewall - iptables made easy
> Shoreline,     \ http://shorewall.net
> Washington USA  \ teastep at shorewall.net
> 

That was it. I made a rookie mistake and the new iptable I had built was 
being installed into /usr/local/sbin and not overwriting the older 
verion in /sbin. Everything is working now and thanks for the help!



More information about the Shorewall-users mailing list