MASQUERADE Target not found (IPTABLES)

bksmart · 07-23-2005, 05:44 AM

Hi all,

My appolagize if make any mistakes in this forum.

I was actually doing cross compilation for the snapgear 3.1.1 version and making compilation on LInux 9.0 kernel 2.4.x, b4 compiling snapgear 3.1.1, need to follow make menuconfig for setup iptables and NAT stuff and also others. Once all done successfully, able to run with comand "iptables -A POSTROUTING -t nat -j MASQUERADE -o ixp1" its giving error "iptables v1.2.8 Couldn't find target MASQUERADE". Eventhough selected FULL NAT in configuration, but able to figure out how come target not able to find. Even tried loading kernel modules like ipt_MASQUERADE explicitly b4 try the iptables command, but giving same error.

Somoeone Pls help me

Rgds
bk

Matir · 07-23-2005, 11:25 PM

The target is named 'MASQ', not 'MASQUERADE'.

mpeg4codec · 07-23-2005, 11:41 PM

Quote:

Originally posted by Matir
The target is named 'MASQ', not 'MASQUERADE'.

MASQUERADE generally works just as well, in my experience.

Quote:

Originally posted by bksmart
iptables -A POSTROUTING -t nat -j MASQUERADE -o ixp1

I may be way off on this one, but I think the problem comes in the ordering of your command line options. iptables is known to be picky about that sort of thing. I would suggest running it like this:

iptables -t nat -A POSTROUTING -o ixp1 -j MASQUERADE

Also, if you can't load ipt_MASQUERADE, make sure you did excplicitly select it as a part of the kernel. You may have to go into a submenu or two to see all the various options available. Additionally, I have always had better luck when I compile netfilters stuff as modules. YMMV on that one.

Matir · 07-24-2005, 12:30 AM

Ah, I always thought only MASQ worked. My bad.

You are correct, his reversal of syntax could also cause the problem.

bksmart · 07-24-2005, 07:33 PM

Hi all,

Tks all for your response. I tried as the way you informed: but still couldn't find target

MASQ is short form for MASQUERADE. -- eventhough not worked
iptables -t nat -A POSTROUTING -o ixp1 -j MASQUERADE -- eventhough not worked.

Still mistery how it will show couldnt find target MASQUERADE.

Tks
bksmart

Matir · 07-24-2005, 08:22 PM

Did you compile in masquerade support as a module, or built in to the kernel? If a module, please post the output of 'lsmod'.

bksmart · 07-24-2005, 08:36 PM

Hi

Tks for your reply.

I tried with kernel and also as kernel module. If kernel then wont see the module even list out using with lsmod, if compiled as module will see ipt_MASQUERADE

This file loaded as kernel module ipt_MASQUERADE.o in /lib/module/.../netfilter/ location. Command running correctly when "insmod ipt_MASQUERADE" and when i type command lsmod i can see the module loaded in kernel. But the target still not find.

Tks
bksmart

Matir · 07-24-2005, 08:39 PM

If it were built in to the kernel, there would be no reason to see it in lsmod, as it's not a module.

My iptables-related modules are:

Code:

ipt_MASQUERADE          2752  1
ipt_REJECT              5408  3
ipt_LOG                 5632  6
ipt_state               1504  2
iptable_nat            19980  2 ipt_MASQUERADE
ip_conntrack           28744  3 ipt_MASQUERADE,ipt_state,iptable_nat
iptable_filter          2144  1
ip_tables              14944  6 ipt_MASQUERADE,ipt_REJECT,ipt_LOG,ipt_state,iptable_nat,iptable_filter

bksmart · 07-24-2005, 08:44 PM

let me check and get back you. Thank you

Matir · 07-24-2005, 09:36 PM

No problem. Let me know what you find out.

bksmart · 07-24-2005, 09:44 PM

Hi,

I compiled MASQUERADE features as kernel modules and loaded using with insmod command, if i type lsmod i see below:

Code:

Module                  Size  Used by    Tainted: P ipt_MASQUERADE          1264   0 (unused) ipt_REJECT              3444   0 (unused) ipt_LOG                 3140   0 (unused) ipt_state                484   0 (unused) iptable_nat            16772   0 [ipt_MASQUERADE] ipt_conntrack           1100   0 (unused) iptable_filter          1548   0 (unused) ip_tables              13504   9 [ipt_MASQUERADE ipt_REJECT ipt_LOG ipt_state iptable_nat ipt_conntrack iptable_filter] ixp425_eth             17132   0 ixp400               5137608   0 [ixp425_eth]

I loaded those modules which i see as per you log. I think there is difference in ip_conntrack and ipt_conntrack. WILL IT BE MAKE ANYTHING NOT WORK MQSQUERADE TARGET?

The following error when making MASQUERADE:

Code:

# iptables -t nat -A POSTROUTING -o ixp0 -j MASQUERADE iptables v1.2.8: Couldn't find target `MASQUERADE'  Try `iptables -h' or 'iptables --help' for more information.

Tks for you support.

bksmart

bksmart · 07-24-2005, 09:47 PM

Sorry the above lsmod list might not clear, herewith below the modules i can see when i type lsmod

Module Size Used by Tainted: P
ipt_MASQUERADE 1264 0 (unused)
ipt_REJECT 3444 0 (unused)
ipt_LOG 3140 0 (unused)
ipt_state 484 0 (unused)
iptable_nat 16772 0 [ipt_MASQUERADE]
ipt_conntrack 1100 0 (unused)
iptable_filter 1548 0 (unused)
ip_tables 13504 9 [ipt_MASQUERADE ipt_REJECT ipt_LOG ipt_state iptable_nat ipt_conntrack iptable_filter]
ixp425_eth 17132 0
ixp400 5137608 0 [ixp425_eth]

mpeg4codec · 07-25-2005, 12:21 AM

Try running the command with the verbose switch turned on and tell us what happens. Here is the command to run:

iptables -v -t nat -A POSTROUTING -o ixp1 -j MASQUERADE

bksmart · 07-25-2005, 01:22 AM

command: iptables -v -t nat -A POSTROUTING -o ixp1 -j MASQUERADE

message:

iptables v1.2.8: couldn't find target 'MASQUERADE'

peter_robb · 07-25-2005, 02:25 AM

If you have recompiled a kernel, you will need to recompile iptables to match..
I looks like there have been enough changes done your the kernel for the module to stop working.