From: "John A. Sullivan III" <jsullivan@opensourcedevel.com>
To: Rafael Dreher <rafael@interage.com.br>
Cc: netfilter@lists.netfilter.org
Subject: Re: Unable to add rule on Chain with 28 characters
Date: Mon, 11 Jul 2005 06:57:38 -0400 [thread overview]
Message-ID: <1121079458.3045.6.camel@localhost> (raw)
In-Reply-To: <42CECBA1.7090306@interage.com.br>
On Fri, 2005-07-08 at 15:53 -0300, Rafael Dreher wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hi,
>
> I'm trying do add a rule on a user-defined chain, on the NAT table, with 28 characters.
>
> The chain have bee added without any problem, but when I add the rule, iptables says that it's unable do find the chain.
>
> If I reduce the chain to 25 characters, it works. I'm trying to migrate a set of rules form iptables-1.2.11 to 1.3.1,
> and I don't want to rewrite the rules.
>
> Someone can help me?
<snip>
>
I don't have a direct solution for you. From what I recall, the chain
name length is hard-coded at 32 characters. That bit us on the ISCS
network security management project (http://iscs.sourceforge.net) where
we had very long names due to the hierarchical structure of groups and
the inheritance model. We switched to automatically generating chain
names based upon incrementing numbers.
I do not know if the size of the name field has changed with subsequent
iptables versions. Wish I could be of more help - John
--
John A. Sullivan III
Open Source Development Corporation
+1 207-985-7880
jsullivan@opensourcedevel.com
Financially sustainable open source development
http://www.opensourcedevel.com
next prev parent reply other threads:[~2005-07-11 10:57 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-07-08 18:53 Unable to add rule on Chain with 28 characters Rafael Dreher
2005-07-11 10:57 ` John A. Sullivan III [this message]
-- strict thread matches above, loose matches on Subject: below --
2005-07-08 19:00 Rafael Dreher
2005-07-08 19:50 ` Jason Opperisano
2005-07-08 20:01 ` Rafael Dreher
2005-07-08 20:09 ` Jason Opperisano
2005-07-08 20:11 ` Jason Opperisano
2005-07-09 10:23 ` Jan Engelhardt
2005-07-08 20:10 ` Royce Kemp
2005-07-11 13:11 ` Rafael Dreher
2005-07-11 13:15 ` Jan Engelhardt
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1121079458.3045.6.camel@localhost \
--to=jsullivan@opensourcedevel.com \
--cc=netfilter@lists.netfilter.org \
--cc=rafael@interage.com.br \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.