I had a working nat-rule with iptables-1.3.7 and kernel-2.6.19-r4. After upgrading do kernel 2.6.20 i get the following message while trying to start iptables: * Loading iptables state and starting firewall ... iptables-restore v1.3.7: iptables-restore: unable to initializetable 'nat' Error occurred at line: 2 Try `iptables-restore -h' or 'iptables-restore --help' for more informat [ !! ] Reproducible: Always Steps to Reproduce: 1.boot with kernel-2.6.20 and /etc/init.d/iptables start 2. 3. Actual Results: no NAT with kernel 2.6.20 Expected Results: working NAT support emerge --info: Portage 2.1.2-r12 (default-linux/x86/2006.1/desktop, gcc-4.1.2, glibc-2.5-r0, 2.6.20-gentoo i686) ================================================================= System uname: 2.6.20-gentoo i686 Intel(R) Pentium(R) 4 CPU 3.00GHz Gentoo Base System release 1.12.9 Timestamp of tree: Thu, 01 Mar 2007 04:50:01 +0000 distcc 2.18.3 i686-pc-linux-gnu (protocols 1 and 2) (default port 3632) [enabled] dev-java/java-config: 1.3.7, 2.0.31-r3 dev-lang/python: 2.3.6, 2.4.4 dev-python/pycrypto: 2.0.1-r5 sys-apps/sandbox: 1.2.18.1 sys-devel/autoconf: 2.13, 2.61 sys-devel/automake: 1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2, 1.10 sys-devel/binutils: 2.17 sys-devel/gcc-config: 1.3.14 sys-devel/libtool: 1.5.23b virtual/os-headers: 2.6.20-r1 ACCEPT_KEYWORDS="x86 ~x86" AUTOCLEAN="yes" CBUILD="i686-pc-linux-gnu" CFLAGS="-march=pentium4 -O2 -pipe -g" CHOST="i686-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/kde/3.5/env /usr/kde/3.5/share/config /usr/kde/3.5/shutdown /usr/share/X11/xkb /usr/share/config" CONFIG_PROTECT_MASK="/etc/env.d /etc/env.d/java/ /etc/gconf /etc/java-config/vms/ /etc/revdep-rebuild /etc/terminfo" CXXFLAGS="-march=pentium4 -O2 -pipe -g" DISTDIR="/usr/portage/distfiles" FEATURES="autoconfig collision-protect distcc distlocks fixpackages metadata-transfer nostrip parallel-fetch sandbox sfperms strict usersandbox" GENTOO_MIRRORS="ftp://ftp.tu-clausthal.de/pub/linux/gentoo/ http://gentoo.inode.at ftp://ftp.gentoo.mesh-solutions.com/gentoo/ ftp://ftp.uni-erlangen.de/pub/mirrors/gentoo http://distfiles.gentoo.org http://www.ibiblio.org/pub/Linux/distributions/gentoo" LANG="de_DE.ISO-8859-1@euro" LC_ALL="de_DE.ISO-8859-1@euro" LINGUAS="de" MAKEOPTS="-j5" PKGDIR="/usr/portage/packages" PORTAGE_RSYNC_EXTRA_OPTS="--timeout=180 --bwlimit=1024" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --delete-after --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages --filter=H_**/files/digest-* --prune-empty-dirs" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/usr/portage/local/layman/voip /usr/portage/local/layman/enlightenment /usr/local/portage" SYNC="rsync://rsync.europe.gentoo.org/gentoo-portage" USE="3dfx 3dnow X alsa bitmap-fonts bzip2 cairo cdr cli cracklib crypt cups curl dbus dlloader dri dvd dvdr encode fam firefox flac fortran gdbm gif gpm gstreamer gtk hal iconv isdnlog jack jpeg mad midi mikmod mmx mp3 mpeg ncurses nls nptl nptlonly nsplugin nvidia ogg opengl oss pam pcre pdf perl png ppds pppd python quicktime readline reflection sdl session spell spl sse sse2 ssl truetype truetype-fonts type1-fonts unicode vorbis win32codecs x86 xml xorg xprint xv zlib" ALSA_CARDS="intel8x0" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mulaw multi null plug rate route share shm softvol" ELIBC="glibc" INPUT_DEVICES="keyboard mouse" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="de" USERLAND="GNU" VIDEO_CARDS="nvidia vesa" Unset: CTARGET, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LDFLAGS
really sounds like kernel misconfiguration
Attach your kernel .config and reopen then.
Created attachment 111960 [details] kernel .config
kernel .config attached
# CONFIG_NF_CONNTRACK_ENABLED is not set The above is *required* for NAT. Also check Full NAT support in menuconfig after you've enabled the above.
