2004-04-14, sze keltezéssel 21:19-kor Phil Moors ezt írta:
Okay, I changed the entries in iptables.conf.in to use the --on-port. Running iptabes-gen exits silently and leaves an iptables.conf.new file. Running iptables-test now shows:
iptables-restore v1.2.9: Unknown arg `--on-port' Error occurred at line: 15 Try `iptables-restore -h' or 'iptables-restore --help' for more information.
The iptables.conf.in was taken right from the Zorp tutorial. Is the documentation in the tutorial applicable to iptables or is it ipchains based? I'm running a 2.4 kernel
Assuming you have the tutorial from zorp 2.0, I attach a diff which contains a couple of fixes.
.
Alternatively, I ran iptables -F and iptabels -X and grabbed the 2nd article from Linux Journal about Zorp. I attempted to type in the commands from listing one in the article and got these results:
[root@fw1 etc]# iptables -t tproxy -P PREROUTING ACCEPT [root@fw1 etc]# iptables -t tproxy -A PREROUTING -i eth0 -j PRintra iptables v1.2.9: Couldn't load target `PRintra':/lib/iptables/libipt_PRintra.so: cannot open shared object file: No such file or directory
PRintra is a user-defined chain, you have to create it by entering iptables -t tproxy -N PRintra (or use iptables-restore to load your configuration) -- Bazsi PGP info: KeyID 9AF8D0A9 Fingerprint CD27 CFB0 802C 0944 9CFD 804E C82C 8EB1