| 1 |
In <20080114011831.5289a466@××××××××.com> daniel.iliev@×××××.com (Daniel Iliev) writes: |
| 2 |
|
| 3 |
>On Sun, 13 Jan 2008 20:01:04 +0000 (UTC) |
| 4 |
>Konstantinos Agouros <elwood@×××××××.de> wrote: |
| 5 |
|
| 6 |
>> Hi, |
| 7 |
>>=20 |
| 8 |
>> I have a box running vmware server where I need some DNAT rules to get |
| 9 |
>> traffic from a vm to where it belongs. Inserting the rule |
| 10 |
>> iptables -t nat -I PREROUTING -s ... -d ... -p tcp --dport ... -j |
| 11 |
>> DNAT --to-destination destaddr |
| 12 |
>>=20 |
| 13 |
>> gives me: |
| 14 |
>>=20 |
| 15 |
>> iptables: No chain/target/match by that name |
| 16 |
>>=20 |
| 17 |
>> Also I had to manually modprobe iptable_nat since iptables -L didn't |
| 18 |
>> initialize everything. I rebuilt iptables to match the current kernel |
| 19 |
>> (2.6.23-gentoo-r3) no luck. Strace on the command showed me |
| 20 |
>> setsockopt(3, SOL_IP, 0x40 /* IP_??? */, |
| 21 |
>> "nat\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., |
| 22 |
>> 920) =3D -1 ENOENT (No such file or directory) |
| 23 |
>>=20 |
| 24 |
>> Anybody got an idea what I am doing from? |
| 25 |
>>=20 |
| 26 |
>> Regards, |
| 27 |
>>=20 |
| 28 |
>> Konstantin |
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
>I believe you've forgotten to build support for NAT in your kernel: |
| 33 |
Nope that's not it |
| 34 |
|
| 35 |
grep IP_NF_IPTABLES .config |
| 36 |
|
| 37 |
CONFIG_IP_NF_IPTABLES=m |
| 38 |
|
| 39 |
And it's not that I can't insert anything in the chain. It's --dport |
| 40 |
that gets me the error message. I played around and started with inserting |
| 41 |
a blank rule. |
| 42 |
|
| 43 |
|
| 44 |
|
| 45 |
>=E2=94=82 Symbol: IP_NF_IPTABLES [=3Dm] |
| 46 |
>=E2=94=82 Prompt: IP tables support (required for filtering/masq/NAT) |
| 47 |
>=E2=94=82 Defined at net/ipv4/netfilter/Kconfig:45=20 |
| 48 |
>=E2=94=82 Depends on: NET && INET && NETFILTER=20 |
| 49 |
>=E2=94=82 Location: |
| 50 |
>=E2=94=82 -> Networking |
| 51 |
>=E2=94=82 -> Networking support (NET [=3Dy])=20 |
| 52 |
>=E2=94=82 -> Networking options |
| 53 |
>=E2=94=82 -> Network packet filtering framework (Netfilter) (NETFILTER [=3D= |
| 54 |
>y])=20 |
| 55 |
>=E2=94=82 -> IP: Netfilter Configuration=20 |
| 56 |
>=E2=94=82 Selects: NETFILTER_XTABLES |
| 57 |
|
| 58 |
|
| 59 |
>--=20 |
| 60 |
>Best regards, |
| 61 |
>Daniel |
| 62 |
>-- |
| 63 |
>gentoo-user@l.g.o mailing list |
| 64 |
|
| 65 |
-- |
| 66 |
Dipl-Inf. Konstantin Agouros aka Elwood Blues. Internet: elwood@×××××××.de |
| 67 |
Otkerstr. 28, 81547 Muenchen, Germany. Tel +49 89 69370185 |
| 68 |
---------------------------------------------------------------------------- |
| 69 |
"Captain, this ship will not survive the forming of the cosmos." B'Elana Torres |
| 70 |
-- |
| 71 |
gentoo-user@l.g.o mailing list |
Archives