Netfilter in kernel 2.6 and ipfilter
My pc is running a 2.6 kernel, so the latest version of netfilter is running in kernel space.
Iptables is a user-space tool to modify the routing table (which of course is kernel-space) right?
Well, i have successfully understood the basic commands, but a few special targets don't work yet. These are DNAT, SNAT and MASQUERADE (i haven't tried anything else except the former, ACCEPT and DROP). When i run iptables to add a rule with that target i get this error:
# iptables -t nat -A POSTROUTING -p tcp -o eth0 -j SNAT --to 194.236.50.155-194.236.50.160:1024-32000
iptables: Invalid argument
I even tried to compile everything related to netfilter statically into the kernel but i can't still execute the command? What's wrong here? Do i need a newer user-space tool for the new 2.6 firewall?
EDIT: my iptables version is 1.2.8
Last edited by Maranza; 02-04-2004 at 07:05 PM.
|