After creating a NAT for use with eDonkey/eMule I keep
getting messages like these when applying the settings:
NAT virtual( internet ) --> real( bambi ) on service(
edonkey )
iptables v1.2.5: invalid TCP port/service `-o' specified
Try `iptables -h' or 'iptables --help' for more information.
iptables v1.2.5: invalid TCP port/service `-m' specified
Try `iptables -h' or 'iptables --help' for more information.
iptables v1.2.5: invalid UDP port/service `-j' specified
Try `iptables -h' or 'iptables --help' for more information.
(bambi is my workstation belonging to the zone lan
(eth1) and internet is the zone assigned to eth0)
Something similar happens if I create a NAT for h323-
service (I thought the definition look a bit similar to that
of edonkey so I gave it a try), whereas a NAT like:
NAT virtual( internet ) --> real( bambi ) on service( aim-
icq )
doesnt give any problems at all.
I have used Turtle Firewall (currently v. 1.25) for
maintaining my firewall for about a year and havent
seen this behaviour until today and I dont recall
updating any packages or reconfiguring my server
except for adding rules to the firewall.
Also, I have tried removing the Turtle Firewall module
and reinstall it, creating all the settings from scratch. I
dont know much about iptables, and Im not sure where
to look to diagnose the problem, so any help will be
greatly appreciated.
Logged In: YES
user_id=776942
I have been investigating this problem a bit further. Here is
the code generated for my eDonkey/eMule NAT entry:
#NAT virtual( internet ) -to-> real( bambi ) on service( edonkey
() )
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 4661 -j
DNAT --to-destination 192.168.172.10
iptables -t nat -A POSTROUTING -s 192.168.172.10 -p tcp --
sport 4661 -o eth0 -j MASQUERADE
iptables -t nat -A POSTROUTING -s 192.168.172.10 -p tcp --
sport -o eth0 -j MASQUERADE
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport -m
state --state ESTABLISHED,RELATED -j DNAT --to-
destination 192.168.172.10
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 4662 -j
DNAT --to-destination 192.168.172.10
iptables -t nat -A POSTROUTING -s 192.168.172.10 -p tcp --
sport 4662 -o eth0 -j MASQUERADE
iptables -t nat -A POSTROUTING -s 192.168.172.10 -p tcp --
sport -o eth0 -j MASQUERADE
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport -m
state --state ESTABLISHED,RELATED -j DNAT --to-
destination 192.168.172.10
iptables -t nat -A PREROUTING -i eth0 -p udp --dport 4665 -j
DNAT --to-destination 192.168.172.10
iptables -t nat -A POSTROUTING -s 192.168.172.10 -p udp --
sport 4665 -o eth0 -j MASQUERADE
iptables -t nat -A POSTROUTING -s 192.168.172.10 -p udp --
sport -o eth0 -j MASQUERADE
iptables -t nat -A PREROUTING -i eth0 -p udp --dport -j
DNAT --to-destination 192.168.172.10
As indicated by iptables the source or destination ports are
in fact missing in some of the above rules. But why are they
missing? I havent been messing with the fwservices.xml and
the contents of the file looks fine to me. And Im positive I
had the eDonkey rule working for more than a day before this
error started occurring.
Logged In: NO
version 1.26 is coming soon!