LinuxQuestions.org
Support LQ: Use code LQ3 and save $3 on Domain Registration
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 04-24-2012, 12:50 AM   #1
dschuett
Member
 
Registered: Aug 2010
Posts: 40

Rep: Reputation: 1
IPTABLES "iptables: No chain/target/match by that name."


Hey everyone, I just installed squid on my linux gateway, and when I add the following rules to redirect web traffic to pass through the squid proxy I get the following error when running my firewall script:
"iptables: No chain/target/match by that name."

I actually get that error returned twice when running the script. Once for each of the following lines:

#Squid
$IPT -A PREROUTING -i eth1 -p tcp ! -d 192.168.0.0/24 --dport 80 -j DNAT --to-destination 192.168.0.1:3128
$IPT -A PREROUTING -i eth1 -p tcp ! -d 192.168.0.0/24 --dport 80 -j REDIRECT --to-port 3128

As soon as I comment out the two lines above and re-run my firewall script, I do not receive the two errors.

If needed, here are the kernal options I set within my script:

#Setup our kernel options
echo 1 > /proc/sys/net/ipv4/ip_forward
echo 1 > /proc/sys/net/ipv4/tcp_syncookies
echo 1 > /proc/sys/net/ipv4/conf/all/rp_filter
echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts
echo 1 > /proc/sys/net/ipv4/icmp_ignore_bogus_error_responses

Any ideas?
 
Click here to see the post LQ members have rated as the most helpful post in this thread.
Old 04-24-2012, 03:03 AM   #2
fukawi1
Member
 
Registered: Apr 2009
Location: Melbourne
Distribution: Fedora & CentOS
Posts: 854

Rep: Reputation: 189Reputation: 189
You haven't specified the nat table.
By default, if no table is specified, iptables assumes the filter table, and there is no PRE/POSTROUTING chains in the filter table.
So it should look like:
Code:
$IPT -t nat -A PREROUTING -i eth1 -p tcp ! -d 192.168.0.0/24 --dport 80 -j DNAT --to-destination 192.168.0.1:3128
 
2 members found this post helpful.
Old 04-24-2012, 05:17 PM   #3
dschuett
Member
 
Registered: Aug 2010
Posts: 40

Original Poster
Rep: Reputation: 1
Wow! I am embarrassed that I did not catch that. I appreciate you pointing that out though! I guess I will blame it on the fact that I have been staring at iptables for the past couple days.

Thanks again!
 
  


Reply

Tags
iptables, proxy, squid


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
iptables: No chain/target/match by that name amdy Linux - Networking 2 04-07-2010 11:59 PM
iptables: No chain/target/match by that name serpentor Linux - Server 4 02-05-2009 10:02 AM
iptables: No chain/target/match by that name schatoor Linux - Networking 6 01-04-2009 09:10 PM
kernel update and "iptables: No chain/target/match by that name" thewtex Linux - Networking 4 04-03-2007 06:10 AM
"iptables: No chain/target/match by that name" error PennyroyalFrog Linux - Security 2 11-28-2004 01:57 PM


All times are GMT -5. The time now is 01:38 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration