Mailing List Archive: Problem using -p udp

Problem using -p udp

Aug 19, 2007, 3:37 PM

Post #1 of 3 (2580 views)

Hi,

I have been using Iptables on linux 2.4.26 for several years. I am
running on an Axis platform (cris architecture). Recently I started
moving my application to 2.6.19 and am using iptables 1.3.7. When I try
to use the sample rules shown below from my old environment, they fail
with an invalid parameter. The parameter causing the issue is the "udp"
associated with the "-p". If I issue the same rule with a "-p tcp" they
work fine. Could someone explain why "-p udp" will not work?

/sbin/iptables -t nat -A PREROUTING -i ppp0 -p udp --dport 80 -j
REDIRECT --to-port 6383

/sbin/iptables -t nat -A PREROUTING -i ppp0 -p udp --dport 90 -j DNAT
--to 192.168.1.122:80

Thank you,

Phil

Re: Problem using -p udp [ In reply to ]

casper at meteor

Aug 20, 2007, 12:34 AM

Post #2 of 3 (2470 views)

Permalink

÷ ÷ÓË, 19/08/2007 × 15:37 -0700, Phil Sutter ÐÉÛÅÔ:
> Hi,
>
> I have been using Iptables on linux 2.4.26 for several years. I am
> running on an Axis platform (cris architecture). Recently I started
> moving my application to 2.6.19 and am using iptables 1.3.7. When I try
> to use the sample rules shown below from my old environment, they fail
> with an invalid parameter. The parameter causing the issue is the "udp"
> associated with the "-p". If I issue the same rule with a "-p tcp" they
> work fine. Could someone explain why "-p udp" will not work?
>
> /sbin/iptables -t nat -A PREROUTING -i ppp0 -p udp --dport 80 -j
> REDIRECT --to-port 6383
>
> /sbin/iptables -t nat -A PREROUTING -i ppp0 -p udp --dport 90 -j DNAT
> --to 192.168.1.122:80

I have just tryed your rules on my Debian Etch box with kernel 2.6.18
and iptables 1.3.6 and they worked out.

Did you built your kernel and iptables youself? This case you probably
have forgotten to enable something.

--
ðÏËÏÔÉÌÅÎËÏ ëÏÓÔÉË <casper@meteor.dp.ua>

Re: Re: Problem using -p udp [ In reply to ]

phil at ctekproducts

Aug 20, 2007, 7:20 AM

Post #3 of 3 (2476 views)

Permalink

The kernel comes with the Axis SDK but is 2.6.19. Through menu config, I define all available net filter options as built in (not modules).

I have tried two versions of ip tables: 1.2.7 which is the version that Axis packages in their SDK and 1.3.7 which I pulled down from netfilter.org. In both cases "-p udp" causes the same error.

>
> From: ??????????? ?????? <casper@meteor.dp.ua>
> Date: 2007/08/20 Mon AM 03:34:37 EDT
> To: Phil Sutter <phil@ctekproducts.com>
> CC: netfilter@lists.netfilter.org
> Subject: Re: Problem using -p udp
>
> ? ???, 19/08/2007 ? 15:37 -0700, Phil Sutter ?????:
> > Hi,
> >
> > I have been using Iptables on linux 2.4.26 for several years. I am
> > running on an Axis platform (cris architecture). Recently I started
> > moving my application to 2.6.19 and am using iptables 1.3.7. When I try
> > to use the sample rules shown below from my old environment, they fail
> > with an invalid parameter. The parameter causing the issue is the "udp"
> > associated with the "-p". If I issue the same rule with a "-p tcp" they
> > work fine. Could someone explain why "-p udp" will not work?
> >
> > /sbin/iptables -t nat -A PREROUTING -i ppp0 -p udp --dport 80 -j
> > REDIRECT --to-port 6383
> >
> > /sbin/iptables -t nat -A PREROUTING -i ppp0 -p udp --dport 90 -j DNAT
> > --to 192.168.1.122:80
>
> I have just tryed your rules on my Debian Etch box with kernel 2.6.18
> and iptables 1.3.6 and they worked out.
>
> Did you built your kernel and iptables youself? This case you probably
> have forgotten to enable something.
>
> --
> ??????????? ?????? <casper@meteor.dp.ua>
>
>