Question

iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 8080

当我尝试运行此命令时，我遇到错误：

iptables: No chain/target/match by that name

我的iptables版本是v1.4.14。在Linux内核3.8.11上运行debain。

iptables -L输出：

Chain INPUT (policy DROP)
target     prot opt source               destination         
ACCEPT     all  --  anywhere             anywhere             ctstate RELATED,ESTABLISHED
ACCEPT     all  --  anywhere             anywhere            
ACCEPT     icmp --  anywhere             anywhere            
ACCEPT     udp  --  anywhere             224.0.0.251          udp dpt:mdns
NFQUEUE    udp  --  anywhere             anywhere             NFQUEUE num 10000

Chain FORWARD (policy DROP)
target     prot opt source               destination         

Chain OUTPUT (policy DROP)
target     prot opt source               destination         
NFQUEUE    udp  --  anywhere             239.255.255.250      udp dpt:1900 NFQUEUE num 10001
ACCEPT     all  --  anywhere             anywhere             ctstate NEW,RELATED,ESTABLISHED
ACCEPT     all  --  anywhere             anywhere

iptables -t nat -L输出：

Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination         

Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         

Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination

我不知道问题是什么，我看了，没有其他人在这个设置中遇到这个错误。

Answer 1

错误意味着您缺少内核中的iptables REDIRECT模块。

也许你自己编译了内核？然后，您需要启用/设置选项

CONFIG_IP_NF_TARGET_REDIRECT=m

在你的内核配置中，然后

make modules
make modules_install
depmod -ae

IPTABLES错误“iptables：没有链/目标/匹配该名称”

1 个答案: