[mdlug] iptables question

Thu Mar 22 08:14:25 EDT 2007

David,

I haven't used iptables(8) directly for several years,
and no longer have it installed.
I have been using YAST firewall.

<HINT>
After reading the man page, I believe it is complaining that:
      1. It can't find the nat table. -or-
      2. It can't find the masq_eth1 chain. -or-
      3. It can't find output device eth1. -or-
      4. It can't find rule MASQUERADE.

You can list the chains and their rules (2 and 4) with

    bash> iptables -L

The nat table (1) is a product of your kernel,
so if the nat table was there,
it should still be there until you change your kernel.

  "MASQUERADE
       This target is  only  valid  in  the  nat  table,  in  the
       POSTROUTING  chain.   It  should only be used with dynami
       cally assigned IP (dialup)  connections:  if  you  have  a
       static  IP  address, you should use the SNAT target.  Mas
       querading is equivalent to specifying a mapping to the  IP
       address of the interface the packet is going out, but also
       has the effect that connections  are  forgotten  when  the
       interface  goes  down.   This is the correct behavior when
       the next dialup is unlikely to  have  the  same  interface
       address  (and  hence  any established connections are lost
       anyway).  ..."
		 -- iptable(8)
See iptable(8) for further details.
</HINT>

Hopefully helpful,
-- 
Dr. Robert J. Meier