hello. i have a problem with this rule at my shorewall configuration: DNAT fw fw:192.168.17.50:8080 tcp 80 - 0.0.0.0/0 - !squid i´m using shorewall 3.2.6 the error is: iptables v1.3.6: Bad OWNER UID value `squid'' Try `iptables -h'' or ''iptables --help'' for more information. ERROR: Command "/sbin/iptables -t nat -A OUTPUT -p tcp -m owner ! --uid-owner squid -d 0.0.0.0/0 --dport 80 -j DNAT --to-destination 192.168.17.50:8080" Failed Any idea to solve this? Thanks Wilson ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2005. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
Wilson Galafassi wrote:> > Any idea to solve this? >Is ''squid'' a valid user name on this system? (Hint: ''grep squid /etc/passwd'') -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2005. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
On Tue, Oct 02, 2007 at 10:47:11AM -0700, Tom Eastep wrote:> > > > Any idea to solve this? > > > > Is ''squid'' a valid user name on this system? (Hint: ''grep squid /etc/passwd'')The better way to check this is: getent passwd squid That''ll be accurate regardless of how NSS is configured (it''s the same libc call that iptables will be using). ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2005. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/