As some people already mentioned, the protocol need to be specified. Simply
add "-p tcp" f.ex. before the -d and it works.
Stephan
-----Ursprüngliche Nachricht-----
Von: James Bliss [mailto:bliss@attbi.com]
Gesendet: Mittwoch, 9. Januar 2002 16:41
An: OKDesign oHG Security Administrator; Bjoern Engels
Cc: suse-security@suse.com
Betreff: Re: [suse-security] Re: Masquerading unter Kernel 2.4
This looks like it would work for my problem as well. But, when I try to
use this command
I get a message that --dport is incorrect. When I look at iptables --help
there is no entry
for --dport. (I also added the -p tcp as indicated necessary in a
subsequent email
message).
Thanks for any help.
Jim
01/09/02 07:02:32 AM, Bjoern Engels
On Wednesday, 9. January 2002 13:53, OKDesign oHG Security Administrator wrote:
"iptables -t nat -A PREROUTING -i
-d --dport -j DNAT --to-destination " Thank you for your hint, but the command-line you told doesn't work. The system keeps complaining (unknowg arg --dport). I also tried out the long version --destination-port with the same result. I looked at the manpage and found that iptables should know this argument, so there seems to be a syntax error. Anyone has an idea what is wrong and how the correct syntax is ?
The protocol is missing. No [TCP|UDP], no ports.
HTH
Bjoern
-- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com