diff options
author | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org </C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org> | 2005-09-19 15:00:33 +0000 |
---|---|---|
committer | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org </C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org> | 2005-09-19 15:00:33 +0000 |
commit | 10163af3f4eb92a492fa99c95352bf8cd1a05e92 (patch) | |
tree | b77c8d881be4ec2a0e701e5bbd78ac6c6f0df111 /extensions/.ipv6header-test6 | |
parent | e5f68b21a1c944aaa434d7ecc87fb5e98a9ee83a (diff) |
Kernels higher than 2.6.10 don't support multiple --to arguments in
DNAT and SNAT targets. At present, the error is somewhat vague:
# iptables -t nat -A foo -j SNAT --to 1.2.3.4 --to 2.3.4.5
iptables: Invalid argument
But if we want current iptables to work with kernels <= 2.6.10, we
cannot simply disallow this in all cases.
So the below patch adds kernel version checking to iptables, and
utilizes it in [DS]NAT. Now, users will see a more informative error:
# iptables -t nat -A foo -j SNAT --to 1.2.3.4 --to 2.3.4.5
iptables v1.3.3: Multiple --to-source not supported
This generic infrastructure (shamelessly lifted from procps btw) may
come in handy in the future for other changes.
This fixes bugzilla #367. (Phil Oester)
Diffstat (limited to 'extensions/.ipv6header-test6')
0 files changed, 0 insertions, 0 deletions