From: "Yossi Weihs" <yw@seafire.com>
To: "'Jan Engelhardt'" <jengelh@medozas.de>
Cc: <netfilter-devel@vger.kernel.org>
Subject: RE: newbie: writing custom target, need help with getting it to work
Date: Sun, 8 Aug 2010 17:09:07 -0400 [thread overview]
Message-ID: <011101cb373d$f0b6b6b0$d2242410$@com> (raw)
In-Reply-To: <alpine.LSU.2.01.1008082225540.14264@obet.zrqbmnf.qr>
Thanks Jan!
I have added the env variable, but saw no change. My libxt_TAP.so is getting found as it is checking my parameter. I have tried a different xtables_addons target such as TEE, and the rule gets inserted fine. I had SELinux block my libxt_TAP.so and had added it to the SELinux rules, so that shouldn't be a problem. Any other idea what might be going on? I know my module is calling xt_register_targets(), is there a way for me to check the contents of its tables?
Thanks for looking at my code! I'll switch my mutex to a spinlock - I'd be wasting a lot of time once I get running with this without your help.
Yossi Weihs
-----Original Message-----
From: Jan Engelhardt [mailto:jengelh@medozas.de]
Sent: Sunday, August 08, 2010 4:29 PM
To: Yossi Weihs
Cc: netfilter-devel@vger.kernel.org
Subject: Re: newbie: writing custom target, need help with getting it to work
On Sunday 2010-08-08 22:20, Yossi Weihs wrote:
>Hi List,
>
>I have been working on a custom netfilter target to help with some in-house
>testing. I?m running Fedora 13 and building within xtables-addons v 1.2.6 ;
>I have gotten both the kernel module and library to build correctly within
>the xtables-addons build enviroment, and am inserting the kernel module with
>no errors. When trying to create a rule with my target, I get the cryptic
>error:
>
>iptables --verbose --table filter --insert INPUT --protocol TCP -m state
>--state ESTABLISHED --jump TAP --device TAPPY
>TAP tcp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 state ESTABLISHED TAP
>dev:TAPPY
>iptables: No chain/target/match by that name.
When you want iptables to recognize (the user portion) of Xt-a's extra
modules, you need to point to it via the XTABLES_LIBDIR environment
variable.
XTABLES_LIBDIR=$HOME/xta/extensions:/usr/lib(64)/xtables iptables -S
Don't forget usr/lib/xtables otherwise it won't find the tcp match and
all the ones that already ship with iptables.
next prev parent reply other threads:[~2010-08-08 21:10 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-08-08 20:20 newbie: writing custom target, need help with getting it to work Yossi Weihs
2010-08-08 20:28 ` Jan Engelhardt
2010-08-08 21:09 ` Yossi Weihs [this message]
2010-08-08 21:13 ` Jan Engelhardt
2010-08-09 4:23 ` Yossi Weihs
2010-08-09 6:52 ` Jan Engelhardt
2010-08-08 20:34 ` Jan Engelhardt
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='011101cb373d$f0b6b6b0$d2242410$@com' \
--to=yw@seafire.com \
--cc=jengelh@medozas.de \
--cc=netfilter-devel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.