Home » Linux OS and Software » Discussion » gentoo iptables masquerading
Wed, 29 April 2009 10:20 Go to next message
tomk  is currently offline tomk
Registered: April 2009
Messages: 2
Hi,

I'm trying to get iptables masquerading working on my gentoo vps in order to get openvpn to do 'redirect-gateway' properly.

When I run:

# iptables -t nat -A POSTROUTING -s 10.x.0.0/24 -o venet0 -j MASQUERADE


I get :
iptables: No chain/target/match by that name


A little googling seems to indicate that this is related to the masquerading iptables module not being loaded. If I try to modprobe it though i get:

 # modprobe iptable_nat
FATAL: Could not load /lib/modules/2.6.18-14-fza-amd64/modules.dep: No such file or directory


It seems like vpsville is allowing masquerading, as the openvpn template seems to have a similar POSTROUTING rule.

Anyone know what I need to do?
Wed, 29 April 2009 10:33 Go to previous messageGo to next message
tomk  is currently offline tomk
Registered: April 2009
Messages: 2
Ok. So I managed to do it using SNAT as follows:

iptables -t nat -A POSTROUTING -o venet0 -s 10.8.0.0/24 -j SNAT --to x.x.x.x


Where x.x.x.x is the IP of my VPS.
Fri, 17 July 2009 10:39 Go to previous messageGo to next message
Registered: November 2008
Messages: 18
Hi,

I am experiencing a similar problem using Ubuntu 9.04 (Jaunty). I already have OpenVPN set up and I want to enable NAT on my VPS.

Trying the iptables command suggested in the official OpenVPN how-to, I get the same error message you initially got:
+ iptables -A POSTROUTING -t nat -s 10.8.3.0/24 -o venet0 -j MASQUERADE
iptables: No chain/target/match by that name

But trying your suggestion doesn't seem to work either:
+ iptables -A POSTROUTING -t nat -s 10.8.3.0/24 -o venet0 -j Snat --to xxx.xxx.xxx.xxx
iptables v1.4.1.1: Unknown arg `--to'
Try `iptables -h' or 'iptables --help' for more information.

And if I take out the "unknown argument" then I find it can't load the libipt_Snat.so library!
+ iptables -A POSTROUTING -t nat -s 10.8.3.0/24 -o venet0 -j Snat
iptables v1.4.1.1: Couldn't load target `Snat':/lib/xtables/libipt_Snat.so: cannot open shared object file: No such file or directory
Try `iptables -h' or 'iptables --help' for more information.

Any help would be greatly appreciated Razz

[Updated on: Fri, 17 July 2009 13:57]

Fri, 17 July 2009 12:42 Go to previous messageGo to next message
Registered: November 2007
Messages: 512
I suggest you look at our OpenVPN template for examples. Its based on Debian and should be identical on Ubuntu:

http://forum.vpsville.ca/index.php?t=msg&th=145
Fri, 17 July 2009 13:56 Go to previous message
Registered: November 2008
Messages: 18
Figured it out...

in the above examples "Snat" *must* be all UPPERCASE, i.e.:
# iptables -A POSTROUTING -t nat -s 10.8.3.0/24 -o venet0 -j SNAT--to xxx.xxx.xxx.xxx

[Updated on: Fri, 17 July 2009 13:57]

Previous Topic:IP address per user?
Next Topic:clamav-daemon install poblem
Goto Forum:
  


Current Time: Sun May 19 11:34:48 EDT 2019
.:: Contact :: Home ::.

Powered by: FUDforum 2.7.7.
Copyright ©2001-2006 FUD Forum Bulletin Board Software