Active Topics
-
Is there a section to talk about Java ME? Apps, etc. (6)
to General by Kalatti - 4 days, 3 hrs ago -
Full linux distros on Sailfish OS (253)
to SailfishOS by qoh - 6 days, 21 hrs ago - more...
|
2008-06-07
, 17:04
|
|
Posts: 302 |
Thanked: 254 times |
Joined on Oct 2007
|
#2
|
Have you specified the protocol?
Fished from the intarweb:
"The --to-ports option specifies the destination port, or port range, to use. Without the --to-ports option, the destination port is never altered. This is specified, as above, --to-ports 8080 in case we only want to specify one port. If we would want to specify a port range, we would do it like --to-ports 8080-8090, which tells the REDIRECT target to redirect the packets to the ports 8080 through 8090. Note that this option is only available in rules specifying the TCP or UDP protocol with the --protocol matcher, since it wouldn't make any sense anywhere else."
Fished from the intarweb:
"The --to-ports option specifies the destination port, or port range, to use. Without the --to-ports option, the destination port is never altered. This is specified, as above, --to-ports 8080 in case we only want to specify one port. If we would want to specify a port range, we would do it like --to-ports 8080-8090, which tells the REDIRECT target to redirect the packets to the ports 8080 through 8090. Note that this option is only available in rules specifying the TCP or UDP protocol with the --protocol matcher, since it wouldn't make any sense anywhere else."
|
|
2008-06-09
, 00:17
|
|
Posts: 10 |
Thanked: 2 times |
Joined on Jun 2008
|
#3
|
Yes, I have. I suppose I should have given the complete command. Also, note that I have tried this on other debian distros with absolutely no problem
The command is
iptables -t nat -A PREROUTING -i %iface -p tcp --dport %port -j REDIRECT --to-ports %rport
The %iface, %port, and %rport are being replace by a script, but as you can see, the tcp is being specified by "-p tcp". For some reason it just doesn't seem to be able to handle or recognize the "--to-ports".
Has anyone found a way to get iptables to recognize the --to-ports variable or have found a fix. Any hints would be greatly appreciated!
The command is
iptables -t nat -A PREROUTING -i %iface -p tcp --dport %port -j REDIRECT --to-ports %rport
The %iface, %port, and %rport are being replace by a script, but as you can see, the tcp is being specified by "-p tcp". For some reason it just doesn't seem to be able to handle or recognize the "--to-ports".
Has anyone found a way to get iptables to recognize the --to-ports variable or have found a fix. Any hints would be greatly appreciated!
|
|
2008-06-10
, 00:14
|
|
Posts: 10 |
Thanked: 2 times |
Joined on Jun 2008
|
#4
|
UPDATE:
It appears that what I really need is an iptables and kernal modual that supports NAT. Apparently they are located
here:
https://garage.maemo.org/projects/ipt-nat/
Has anyone got these to work?
It appears that what I really need is an iptables and kernal modual that supports NAT. Apparently they are located
here:
https://garage.maemo.org/projects/ipt-nat/
Has anyone got these to work?
 |
|
2008-06-10
, 02:47
|
|
Posts: 201 |
Thanked: 88 times |
Joined on Aug 2007
@ San Francisco, CA
|
#5
|
Those are for a different kernel, unfortunately. 
|
|
2008-06-10
, 03:01
|
|
Posts: 10 |
Thanked: 2 times |
Joined on Jun 2008
|
#6
|
yeah, i guess that would explain why insmod is hating me...
So i guess the only thing to do now is for me to recompile those moduals for the current kernal. Does anyone have any pointers on getting started. I must admit that i have never compiled a kernal modual before. Would I use scratchbox? Is this so difficult that I should not attempt it without 20 years of experience with (L/U)nix? Wheres the best place to get the source?
So i guess the only thing to do now is for me to recompile those moduals for the current kernal. Does anyone have any pointers on getting started. I must admit that i have never compiled a kernal modual before. Would I use scratchbox? Is this so difficult that I should not attempt it without 20 years of experience with (L/U)nix? Wheres the best place to get the source?
|
|
2008-06-10
, 03:06
|
|
Posts: 10 |
Thanked: 2 times |
Joined on Jun 2008
|
#7
|
UPDATE:
Ok, did a simple search and came up with a nice detailed guide:
http://www.koltsoff.com/pub/hello-n800/
If anyone has already done this for iptables and all of iptables kernal moduals, please spare me and post it. Otherwise, if by some strange accident I get this working, ill post it if anyone wants it.
Ok, did a simple search and came up with a nice detailed guide:
http://www.koltsoff.com/pub/hello-n800/
If anyone has already done this for iptables and all of iptables kernal moduals, please spare me and post it. Otherwise, if by some strange accident I get this working, ill post it if anyone wants it.
it responds with
iptables v1.2.11: Unknown arg `--to-ports'
I KNOW this is the correct syntax (by the way, I also tried the --to-port)
Is there a bugfix for this or a workaround that anyone knows of. Any help would be greatly appriciated. Thanks!
-DavidJH