Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in

  FAQ | Search | Memberlist | Usergroups | Statistics | Profile | Log in to check your private messages | Log in | Register

iptables error for nat/masq
 View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Duplicate Threads
View previous topic :: View next topic  
Author Message
id10t
Tux's lil' helper
Tux's lil' helper


Joined: 18 May 2002
Posts: 100
PostPosted: Fri Aug 22, 2003 2:12 pm    Post subject: iptables error for nat/masq Reply with quote
Hi all...

When I tried setting up my old firewall script (I use gShield from muse.linuxmafia.org), the iptable command to start masq/nat results in a "iptables - invalid argument" output to my console. The exact same script works fine in my Slack 8.1 install (dual boot between slack and gentoo), and I'm using the exact same kernel .config (vanilla 2.4.21 sources) as my Slack install.

Any ideas? My wife is getting kinda perturbed about not being able to get online :)
_________________
---
this space for rent
Back to top
View user's profile Send private message
neilhwatson
l33t
l33t


Joined: 06 Feb 2003
Posts: 719
Location: Canada
PostPosted: Fri Aug 22, 2003 3:19 pm    Post subject: Reply with quote
You need to determine which is the offending rule. Try entering the rules manually and/or use the -v option to increase verbosity.
_________________
The true guru is a teacher.
Neil Watson
Back to top
View user's profile Send private message
Decibels
Veteran
Veteran


Joined: 16 Aug 2002
Posts: 1623
Location: U.S.A.
PostPosted: Fri Aug 22, 2003 11:20 pm    Post subject: Reply with quote
I made some changes recently in my firewall script (hadn't for awhile and that is why hadn't noticed the change), but I was re-enabling masq for my other box and kept getting the same thing.
Little fuzzy on the details now. But in my script I had to add this line:

Code:
/etc/init.d/iptables save


Before that I would just 'restart' it would save the rules, then restart. That apparently stopped working with the new /etc/init.d/iptables script. Before doing that I was having "iptables - invalid argument" lines pop up for masq.

So added the above line, then the restart and working fine now.
Back to top
View user's profile Send private message
id10t
Tux's lil' helper
Tux's lil' helper


Joined: 18 May 2002
Posts: 100
PostPosted: Sat Aug 23, 2003 1:52 am    Post subject: Reply with quote
OK, I did a iptables-save > working on my Slack install, chrooted over to my gentoo install, and when I try to do a iptables-restore < working, I get

iptables-restore: line 7 failed

Line 7 is: -A POSTROUTING -s 192.168.0.0/255.255.255.0 -o ppp0 -j MASQUERADE


Just for grins I also emerged firestarter, and I get the same error from my original post, again on the line that sets up nat/masq.
:cry:

Any ideas as to why ?
_________________
---
this space for rent
Back to top
View user's profile Send private message
asterism
n00b
n00b


Joined: 19 Aug 2003
Posts: 5
PostPosted: Sat Aug 23, 2003 2:29 am    Post subject: Reply with quote
Try going back to iptables-1.2.7a-r4 if you are not already using that version.

I had a similar problem as you did with 1.2.8-r1. It didn't grok my NAT commands. (Also wouldn't compile against the 2.6 sources.)

Hope this Helps
Back to top
View user's profile Send private message
Decibels
Veteran
Veteran


Joined: 16 Aug 2002
Posts: 1623
Location: U.S.A.
PostPosted: Sat Aug 23, 2003 2:30 am    Post subject: Reply with quote
id10t wrote:
OK, I did a iptables-save > working on my Slack install, chrooted over to my gentoo install, and when I try to do a iptables-restore < working, I get

iptables-restore: line 7 failed


I couldn't get iptables-save to work either. I thought maybe because of the new section in /etc/init.d/iptables that it might work now, but that isn't the case. Only
Code:
/etc/init.d/iptables  save

worked.
Back to top
View user's profile Send private message
id10t
Tux's lil' helper
Tux's lil' helper


Joined: 18 May 2002
Posts: 100
PostPosted: Sat Aug 23, 2003 3:50 am    Post subject: Reply with quote
Fixed. Removing and re-emerging the iptables-1.2.7a-r4 ebuild specifically did it.
_________________
---
this space for rent
Back to top
View user's profile Send private message
masseya
Bodhisattva
Bodhisattva


Joined: 17 Apr 2002
Posts: 2602
Location: Baltimore, MD
PostPosted: Mon Feb 09, 2004 5:38 pm    Post subject: Reply with quote
Moving from Networking and Security.

Please follow up to iptables invalid argument..

There are a great number of threads that are essentially dupes of this topic, so if you feel that something in this thread should go in the sticky thread, please re-post it there or provide a link back here. As always, please PM a moderator if you feel this thread is significantly different than any other thread and was inadvertently locked.

Thanks to nephros for pointing out the dupes.

nephros wrote:
These are a couple of dupes regarding the recent (and past) breakage of iptables with newer gentoo-sources (fix is to recompile iptables with correct "linux" symlink):

https://forums.gentoo.org/viewtopic.php?t=128430&highlight=iptables+invalid+argument
https://forums.gentoo.org/viewtopic.php?t=123929&highlight=iptables+invalid+argument
https://forums.gentoo.org/viewtopic.php?t=123385&highlight=iptables+invalid+argument
https://forums.gentoo.org/viewtopic.php?t=121406&highlight=iptables+invalid+argument
https://forums.gentoo.org/viewtopic.php?t=113410&highlight=iptables+invalid+argument
https://forums.gentoo.org/viewtopic.php?t=101524&highlight=iptables+invalid+argument
https://forums.gentoo.org/viewtopic.php?t=117746&highlight=iptables+invalid+argument
https://forums.gentoo.org/viewtopic.php?t=110470&highlight=iptables+invalid+argument
https://forums.gentoo.org/viewtopic.php?t=88111&highlight=iptables+invalid+argument
https://forums.gentoo.org/viewtopic.php?t=79633&highlight=iptables+invalid+argument
https://forums.gentoo.org/viewtopic.php?t=77221&highlight=iptables+invalid+argument
https://forums.gentoo.org/viewtopic.php?t=74567&highlight=iptables+invalid+argument
https://forums.gentoo.org/viewtopic.php?t=70546&highlight=iptables+invalid+argument
https://forums.gentoo.org/viewtopic.php?t=52931&highlight=iptables+invalid+argument
https://forums.gentoo.org/viewtopic.php?t=52020&highlight=iptables+invalid+argument
https://forums.gentoo.org/viewtopic.php?t=47553&highlight=iptables+invalid+argument
https://forums.gentoo.org/viewtopic.php?t=41032&highlight=iptables+invalid+argument
https://forums.gentoo.org/viewtopic.php?t=107331&highlight=iptables+invalid+argument

I am pretty sure there are even more. Oh when will they ever search... :roll:

_________________
if i never try anything, i never learn anything..
if i never take a risk, i stay where i am..
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Duplicate Threads All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



 Links: forums.gentoo.org | www.gentoo.org | bugs.gentoo.org | wiki.gentoo.org | forum-mods@gentoo.org

Copyright 2001-2024 Gentoo Foundation, Inc. Designed by Kyle Manna © 2003; Style derived from original subSilver theme. | Hosting by Gossamer Threads Inc. © | Powered by phpBB 2.0.23-gentoo-p11 © 2001, 2002 phpBB Group
Privacy Policy