From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.5) Gecko/20041107 Firefox/1.0 Description of problem: If you try to use the ROUTE target (quoted in the manual) it does not work, as the relative extension is not present: iptables -t mangle -A PREROUTING --proto tcp --destination-port ! 21 -j ROUTE iptables v1.2.11: Couldn't load target `ROUTE':/lib/iptables/libipt_ROUTE.so: cannot open shared object file: No such file or directory Version-Release number of selected component (if applicable): v1.2.11 How reproducible: Always Steps to Reproduce: Do as above. Additional info:
There is no ipt_ROUTE support in the kernel, therefore there is no extensin module in iptables for it. Assigning to kernel.
True, but the manual contains the full section about ROUTE.
By the looks of things, this never got merged upstream, in either 2.4 or 2.6. Googling around shows patches against a net/ipv4/netfilter/ipt_ROUTE.c, but there's no sign of that file in any of the bitkeeper repositories. In fact.. I just grabbed the patch-o-matic from http://www.netfilter.org, and it's an add-on there. Your best bet is to ask the netfilter folks directly, as they know the full story about whats happening with it. If it reappears in a future update, we can consider turning it on in an errata kernel, but right now, there's nothing to turn on. Thomas, you may want to remove that part of the manpage in an update, as its very misleading to document something that doesn't seem to have any chance of working without additional patches.