Is my iptables broken? or my brain broken?

Nanja

New Member
Feb 6, 2023
17
0
1
I am so confused, how do I unlock my iptables? I don't know how to make sense! For some reason when I put an iptables rules it's supposed to show up in my iptables list right? I am not seeing any changes.

For example I type this

Code:
iptables -A POSTROUTING -t nat -s 10.10.10.0/24 -j MASQUERADE

I end up getting this

Code:
iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination


&&& A guide I am following says to add this


Code:
iptables -A POSTROUTING -t nat -s ‘10.10.10.0/24’ -o vmbr0 -j MASQUERADE

But I am getting this in return!!

Code:
iptables v1.8.7 (legacy): invalid mask `24’' specified
Try `iptables -h' or 'iptables --help' for more information.

The guide I am following on youtube is called "How to setup Proxmox with Single Public IP and share with VMs | Proxmox Tutorial"

I am supposed to enter this for my network to work? How do I do that when iptables won't even show the first entry.

Code:
iptables -A POSTROUTING -t nat -s 10.10.10.0/24 -j MASQUERADE
iptables -A POSTROUTING -t nat -s ‘10.10.10.0/24’ -o vmbr0 -j MASQUERADE
iptables -D POSTROUTING -t nat -s ‘10.10.10.0/24’ -o vmbr0 -j MASQUERADE

Please help, thanks.
 
You need just second line:
iptables -A POSTROUTING -t nat -s 10.10.10.0/24 -o vmbr0 -j MASQUERADE

But before, list iptables rules in the nat table:
iptables -L -t nat

What is ip address and netmask of your vmbr0 interface?
 
You need just second line:
iptables -A POSTROUTING -t nat -s 10.10.10.0/24 -o vmbr0 -j MASQUERADE

But before, list iptables rules in the nat table:
iptables -L -t nat

What is ip address and netmask of your vmbr0 interface?
Code:
iptables -L -t nat
Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination         

Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         

Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination         
MASQUERADE  all  --  10.10.10.0/24        anywhere           
MASQUERADE  all  --  10.10.10.0/24        anywhere           
MASQUERADE  all  --  10.10.10.0/24        anywhere           
MASQUERADE  all  --  10.10.10.0/24        anywhere           
MASQUERADE  all  --  10.10.10.0/24        anywhere           
MASQUERADE  all  --  10.10.10.0/24        anywhere           
MASQUERADE  all  --  10.10.10.0/24        anywhere

Screenshot 2023-04-21 105411.png
 
You have a lot of MASQUERADE rules you created with your experiments. Clear the nat table with "iptables -X -t nat" command.
Then, you do not have slave port for vmbr1. Is it right?
 
You have a lot of MASQUERADE rules you created with your experiments. Clear nat table with "iptables -X -t nat" command.
Then, you do not have slave port for vmbr1. Is it right?
well.. I thought I would need a slave port, but the person in youtube video that I am following didn't seem to need one... & that he replied to someone saying they just needed to add a line in iptables. I cleared the iptables.

Also, how do I fix this problem? Is my version of iptables wrong or something?
Code:
iptables -A POSTROUTING -t nat -s ‘10.10.10.0/24’ -o vmbr0 -j MASQUERADE
iptables v1.8.7 (legacy): invalid mask `24’' specified
Try `iptables -h' or 'iptables --help' for more information.
 
Try to type 10.10.10.0/24 without any quotes.
If you have spaces in ipaddress and mask, remove it!
 
Last edited:
pls note that iptables deprecated. Please prefer nftables, whose one is included with proxmox 8xx +
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!