iptables script

Hello;
Maybe somebody could point what's is wrong with my iptables script.
I used this for years with RedHat and Mandrake 7.x and 8.x but it won't work
with Mandrake 9.x or 10.x
This is used forward my LAN boxes through my Linux box ppp0 interface to the
internet:

iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE
echo 1 > /proc/sys/net/ipv4/ip_forward

I get an error:
iptables: Invalid argument

I have been through the iptables man page, but can't figure out what has
changed. I can accomplish the same thing using Shorewall, but find it slow
and too complicated for this purpose.

Thanks for your help,
Hannu

On Sat, 02 Oct 2004 13:33:35 -0400, Hannu wrote:

> iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE echo 1 >
> /proc/sys/net/ipv4/ip_forward

This should be two seperate commands. eg,

iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE
echo 1 > /proc/sys/net/ipv4/ip_forward


--
printk(KERN_CRIT PFX "Reboot didn't ?????\n");
linux-2.6.6/drivers/char/watchdog/softdog.c

On Sat, 02 Oct 2004 13:33:35 -0400, Hannu wrote:
> Hello;
> Maybe somebody could point what's is wrong with my iptables script.
> I used this for years with RedHat and Mandrake 7.x and 8.x but it won't work
> with Mandrake 9.x or 10.x
> This is used forward my LAN boxes through my Linux box ppp0 interface to the
> internet:
>
> iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE

Try something like
iptables -A POSTROUTING -t nat -s 192.168.1.0/255.255.255.0 -o ppp0 -j MASQUERADE


> echo 1 > /proc/sys/net/ipv4/ip_forward

you might want to set
net.ipv4.ip_forward = 1
in /etc/sysctl.conf instead of the echo.

On Sat, 02 Oct 2004 17:37:54 +0000, Geoffrey King wrote:

> On Sat, 02 Oct 2004 13:33:35 -0400, Hannu wrote:
>
>> iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE echo 1 >
>> /proc/sys/net/ipv4/ip_forward
>
> This should be two seperate commands. eg,
>
> iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE
> echo 1 > /proc/sys/net/ipv4/ip_forward

my mistake, my newsreaders auto line-wrapping was getting over
enthusiastic.

--
BOFH Excuse #144:

Too few computrons available.

Geoffrey King wrote:

> On Sat, 02 Oct 2004 13:33:35 -0400, Hannu wrote:
>
>> iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE echo 1 >
>> /proc/sys/net/ipv4/ip_forward
>
> This should be two seperate commands. eg,
>
> iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE
> echo 1 > /proc/sys/net/ipv4/ip_forward
>
>
Thanks for your reply, it is two separate commands, somehow I guess the
editor lined it up wrong in the posting.
The script errors in the first line, which is the iptables command. The
script in the box is ported from a previous MDK installation, where it
worked just fine.
The version of the iptables is 1.2.9 ...
Hannu

Hannu wrote:
> Hello;
> Maybe somebody could point what's is wrong with my iptables script.
> I used this for years with RedHat and Mandrake 7.x and 8.x but it won't work
> with Mandrake 9.x or 10.x
> This is used forward my LAN boxes through my Linux box ppp0 interface to the
> internet:
>
> iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE
> echo 1 > /proc/sys/net/ipv4/ip_forward
>
> I get an error:
> iptables: Invalid argument
>
> I have been through the iptables man page, but can't figure out what has
> changed. I can accomplish the same thing using Shorewall, but find it slow
> and too complicated for this purpose.
>
> Thanks for your help,
> Hannu

Check that your kernel has support for iptables and the
MASQUERADE target. They may both be either compiled-in
or built as modules. Maybe just some suitable modprobe's
will do the trick.

Tauno Voipio
tauno voipio (at) iki fi