Mailinglist Archive: opensuse (3031 mails)
| < Previous | Next > |
Re: [opensuse] iptables problem after kernel upgrade.
- From: "Darragh" <lists@xxxxxxxxxxxxxxxxxx>
- Date: Mon, 4 Feb 2008 19:10:52 -0000 (UTC)
- Message-id: <54149.192.168.2.25.1202152252.squirrel@xxxxxxxxxxx>
On Mon, February 4, 2008 9:30 am, Darragh O'Heiligh wrote:
Now that I am at the machine, I am able to provide specific output. Here
is the command I am using to add the rule to IpTables.
iptables -t nat -A PREROUTING -p tcp -i eth1 -s $i 192.168.2.0/24 --dport
80 -d ! 192.168.2.5 -j DNAT --to 192.168.2.5:3128
Ok. and here are the iptables modules currently running.
obtained with lsmod | grep -i iptables
iptable_nat 24580 1
nf_nat 37420 1 iptable_nat
nf_conntrack_ipv4 28816 2 iptable_nat
nf_conntrack 84188 3 iptable_nat,nf_nat,nf_conntrack_ipv4
iptable_filter 19840 0
ip_tables 37848 2 iptable_nat,iptable_filter
x_tables 37000 4 xt_tcpudp,iptable_nat,ip_tables,ip6_tables
When I type iptables -L I get:
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
However, here is the output of iptables-save
# Generated by iptables-save v1.3.8 on Mon Feb 4 19:00:26 2008
*nat
:PREROUTING ACCEPT [142:12487]
:POSTROUTING ACCEPT [58:3921]
:OUTPUT ACCEPT [58:3921]
-A PREROUTING -s 192.168.2.0/255.255.255.0 -d ! 192.168.2.5 -i eth1 -p tcp
-m tcp --dport 80 -j DNAT --to-destination 192.168.2.5:3128
COMMIT
# Completed on Mon Feb 4 19:00:26 2008
# Generated by iptables-save v1.3.8 on Mon Feb 4 19:00:26 2008
*filter
:INPUT ACCEPT [13912:6205034]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [12125:4299905]
COMMIT
# Completed on Mon Feb 4 19:00:26 2008
Am I missing something here? Why is the rule I've just created not showing
up with iptables -L?
Thanks
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx
upgrade to 2.6.22.16?
"Darragh" <lists@xxxxxxxxxxxxxxxxxx> writes:Andreas Jaeger <aj@xxxxxxx> 01/02/2008 10:23:41 >>>
Is there any reason why my IpTables now do not work as a result of the
want to open a bugreport in our bugzilla,
I've even tried adding them again but still nothing!
Any suggestions?
Could you describe a bit better what exactly does not work? You might
type iptables -L like it would be normally.
Sorry for the late reply on this.
When I add a rule via iptables -A .............., it is not shown when I
however they've suddenly stopped.
I had a few rules saved and working very well before the kernel update
Now that I am at the machine, I am able to provide specific output. Here
is the command I am using to add the rule to IpTables.
iptables -t nat -A PREROUTING -p tcp -i eth1 -s $i 192.168.2.0/24 --dport
80 -d ! 192.168.2.5 -j DNAT --to 192.168.2.5:3128
Ok. and here are the iptables modules currently running.
obtained with lsmod | grep -i iptables
iptable_nat 24580 1
nf_nat 37420 1 iptable_nat
nf_conntrack_ipv4 28816 2 iptable_nat
nf_conntrack 84188 3 iptable_nat,nf_nat,nf_conntrack_ipv4
iptable_filter 19840 0
ip_tables 37848 2 iptable_nat,iptable_filter
x_tables 37000 4 xt_tcpudp,iptable_nat,ip_tables,ip6_tables
When I type iptables -L I get:
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
However, here is the output of iptables-save
# Generated by iptables-save v1.3.8 on Mon Feb 4 19:00:26 2008
*nat
:PREROUTING ACCEPT [142:12487]
:POSTROUTING ACCEPT [58:3921]
:OUTPUT ACCEPT [58:3921]
-A PREROUTING -s 192.168.2.0/255.255.255.0 -d ! 192.168.2.5 -i eth1 -p tcp
-m tcp --dport 80 -j DNAT --to-destination 192.168.2.5:3128
COMMIT
# Completed on Mon Feb 4 19:00:26 2008
# Generated by iptables-save v1.3.8 on Mon Feb 4 19:00:26 2008
*filter
:INPUT ACCEPT [13912:6205034]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [12125:4299905]
COMMIT
# Completed on Mon Feb 4 19:00:26 2008
Am I missing something here? Why is the rule I've just created not showing
up with iptables -L?
Thanks
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx
| < Previous | Next > |