[Firehol-support] error with firehol.conf processing.

Costa Tsaousis costa at tsaousis.gr
Sat Oct 30 22:20:33 BST 2004


> "dnat to inface eth0 dst 203.90.xxx.xxx proto tcp dport 23"

Please do:

firehol explain

at the prompt, enter the dnat line. Here is what mine says:


# FireHOL [:] > dnat to inface eth0 dst 203.90.xxx.xxx
proto tcp dport 23

# Cmd Line : 1
# Command  : dnat to inface eth0 dst 203.90.xxx.xxx proto
tcp dport 23

# Creating chain 'nat.1' under 'PREROUTING' in table 'nat'
/sbin/iptables -t nat -N nat.1
/sbin/iptables -t nat -A PREROUTING -i eth0 -p tcp -d 203.90.xxx.xxx
--dport 23 -j nat.1

# Taking the NAT action: 'dnat'
/sbin/iptables -t nat -A nat.1 -p tcp -j DNAT --to-destination

# > OK <


Which seems ok. What is your output?


> Hi All,
> I am using firehol-1.191 to configure my firewall and on parsing
> firehol.conf it says:
> ERROR: #1
> WHAT: A runtime command failed to execute(returned error 2).
> SOURCE: line 6 of /etc/firehol/firehol.conf
> COMMAND: /sbin/iptables -t nat -A nat.1 -p tcp -j DNAT
> iptables V1.2.8: You must specify --to-destination
> Try \iptables -h' for more information.
> ---------------------
> the line 6 is:
> "dnat to inface eth0 dst 203.90.xxx.xxx proto tcp dport 23"
> Kindly help,
> Best Regards,
> praveen.

More information about the Firehol-support mailing list