Re: [SLE] -l option in masquerade script
Bud Rogers
I just discovered the masquerade script in /sbin/init.d is failing for me. I suppose it has not worked since I upgraded 6.1->6.3 recently. I didn't need masquerading for a while, so I hadn't noticed.
It appears -l is no longer a valid option in ipchains. Is there another way to enable logging in ipchains?
Sorry to follow-up myself, but I found the answer. The masquerade I had in
/sbin/init.d used ipchains commands of the form
${IPCHAIN} -N -l user_msq
${IPCHAIN} -A -l user_msq -s 0/0 -d 0/0 -j MASQ
By experimenting with the ipchains command and reading the man page, I
figured out two things. Options like -l go after the chain name, not
before. The -l option is illegal with -N. I changed those lines in the
script to
${IPCHAIN} -N user_msq
${IPCHAIN} -A user_msq -s 0/0 -d 0/0 -j MASQ -l
${IPCHAIN} -A forward -s $i -d 0/0 -i ${MSQ_DEV} -j user_msq -l
Now I have masquerading again.
--
Bud Rogers
participants (1)
-
budr@sirinet.net