|
IPTABLES "iptables: No chain/target/match by that name."
Hey everyone, I just installed squid on my linux gateway, and when I add the following rules to redirect web traffic to pass through the squid proxy I get the following error when running my firewall script:
"iptables: No chain/target/match by that name." I actually get that error returned twice when running the script. Once for each of the following lines: #Squid $IPT -A PREROUTING -i eth1 -p tcp ! -d 192.168.0.0/24 --dport 80 -j DNAT --to-destination 192.168.0.1:3128 $IPT -A PREROUTING -i eth1 -p tcp ! -d 192.168.0.0/24 --dport 80 -j REDIRECT --to-port 3128 As soon as I comment out the two lines above and re-run my firewall script, I do not receive the two errors. If needed, here are the kernal options I set within my script: #Setup our kernel options echo 1 > /proc/sys/net/ipv4/ip_forward echo 1 > /proc/sys/net/ipv4/tcp_syncookies echo 1 > /proc/sys/net/ipv4/conf/all/rp_filter echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts echo 1 > /proc/sys/net/ipv4/icmp_ignore_bogus_error_responses Any ideas? |
You haven't specified the nat table.
By default, if no table is specified, iptables assumes the filter table, and there is no PRE/POSTROUTING chains in the filter table. So it should look like: Code:
$IPT -t nat -A PREROUTING -i eth1 -p tcp ! -d 192.168.0.0/24 --dport 80 -j DNAT --to-destination 192.168.0.1:3128 |
Wow! I am embarrassed that I did not catch that. I appreciate you pointing that out though! I guess I will blame it on the fact that I have been staring at iptables for the past couple days.
Thanks again! |
| All times are GMT -5. The time now is 02:13 PM. |