[CentOS] iptables
Tomas Ruprich
ruprich at uikt.mendelu.cz
Wed Sep 16 07:48:30 UTC 2009
Wed, Sep 16, 2009 ve 03:31:43PM +0800, CentOS List napsal:
> <snip>
>
> > *nat # Manipulate nat table
> >
> > :PREROUTING ACCEPT [0:0]
> > :POSTROUTING ACCEPT [0:0]
> > :OUTPUT ACCEPT [0:0]
> > -A PREROUTING -t nat -p tcp --dport 26 -j REDIRECT --to-port 25
> >
> > COMMIT
>
> Thanks Christopher,
>
> I had updated my rules to
>
> *nat
> :OUTPUT ACCEPT [0:0]
> :PREROUTING ACCEPT [0:0]
> :POSTROUTING ACCEPT [0:0]
> -A PREROUTING -t nat -p tcp --dport 26 -j REDIRECT --to-port 25
> COMMIT
> # Completed
>
> When I did a restart, there is an error.
>
> Flushing firewall rules: [ OK ]
> Setting chains to policy ACCEPT: nat mangle filter [ OK ]
> Unloading iptables modules: [ OK ]
> Applying iptables firewall rules: iptables-restore v1.3.5: Line 52 seems to
> have a -t table option.
>
> Error occurred at line: 52
> Try `iptables-restore -h' or 'iptables-restore --help' for more information.
> [FAILED]
>
> Line 52 is -A PREROUTING -t nat -p tcp --dport 26 -j REDIRECT --to-port 25
>
> Regards
>
Never (if you aren't guru) edit your iptables by directly editing your
config. Always use iptables binary.
It is said there... -t option shouldn't be on that line. The line should
be only
-A PREROUTING -p tcp --dport 26 -j REDIRECT --to-port 25
because you're already in the *nat section of the config.
But again, you should enter this command instead of editing the config:
iptables -A PREROUTING -t nat -p tcp --dport 26 -j REDIRECT --to-port 25
regards
Tomas
More information about the CentOS
mailing list