arptables in kernel produces "invalid argument" from iptables 1.2.7a

All of lore.kernel.org
 help / color / mirror / Atom feed

From: netfilter@interlinx.bc.ca
To: Netfilter-devel <netfilter-devel@lists.netfilter.org>
Subject: arptables in kernel produces "invalid argument" from iptables 1.2.7a
Date: Fri, 25 Oct 2002 20:50:00 -0400	[thread overview]
Message-ID: <20021026004959.GL23228@pc.ilinx> (raw)

[-- Attachment #1: Type: text/plain, Size: 5655 bytes --]

I found this problem while I was building my last production kernel
and just worked around it by removing the arptables POM patches from
the kernel.  But here I am building a new production kernel and
running into the same problem.

If I include the arptables stuff from POM in my kernel tree and set
the:

CONFIG_IP_NF_ARPTABLES
CONFIG_IP_NF_ARPFILTER

config variables, the iptables command from 1.2.7a (current CVS) fails
to operate on any of the nat table hooks.  I keep getting an "invalid
argument" error:

# iptables -t nat -A POSTROUTING -o ppp0 -s 10.75.22.0/24 -j MASQUERADE
iptables: Invalid argument

An strace from the iptables command:

execve("/sbin/iptables", ["iptables", "-t", "nat", "-A", "PREROUTING", "-i", "ppp0", "-p", "udp", "--dport", "6346", "-j", "DNAT", "--to-destination", "10.75.22.1"], [/* 35 vars */]) = 0
uname({sys="Linux", node="gw.ilinx", ...}) = 0
brk(0)                                  = 0x805577c
open("/etc/ld.so.preload", O_RDONLY)    = 3
fstat64(3, {st_mode=S_IFREG|0600, st_size=0, ...}) = 0
close(3)                                = 0
open("/etc/ld.so.cache", O_RDONLY)      = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=9284, ...}) = 0
old_mmap(NULL, 9284, PROT_READ, MAP_PRIVATE, 3, 0) = 0x40012000
close(3)                                = 0
open("/lib/libdl.so.2", O_RDONLY)       = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0P\30\0\000"..., 1024) = 1024
fstat64(3, {st_mode=S_IFREG|0755, st_size=8220, ...}) = 0
old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x40015000
old_mmap(NULL, 11152, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) = 0x40016000
mprotect(0x40018000, 2960, PROT_NONE)   = 0
old_mmap(0x40018000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3, 0x1000) = 0x40018000
close(3)                                = 0
open("/lib/libc.so.6", O_RDONLY)        = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0P\202\1"..., 1024) = 1024
fstat64(3, {st_mode=S_IFREG|0755, st_size=1147848, ...}) = 0
old_mmap(NULL, 1160224, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) = 0x40019000
mprotect(0x4012b000, 37920, PROT_NONE)  = 0
old_mmap(0x4012b000, 24576, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3, 0x112000) = 0x4012b000
old_mmap(0x40131000, 13344, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x40131000
close(3)                                = 0
munmap(0x40012000, 9284)                = 0
brk(0)                                  = 0x805577c
brk(0x8055b94)                          = 0x8055b94
brk(0x8056000)                          = 0x8056000
open("/etc/nsswitch.conf", O_RDONLY)    = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=1888, ...}) = 0
old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x40012000
read(3, "#\n# /etc/nsswitch.conf\n#\n# An ex"..., 4096) = 1888
brk(0x8057000)                          = 0x8057000
read(3, "", 4096)                       = 0
close(3)                                = 0
munmap(0x40012000, 4096)                = 0
open("/etc/ld.so.cache", O_RDONLY)      = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=9284, ...}) = 0
old_mmap(NULL, 9284, PROT_READ, MAP_PRIVATE, 3, 0) = 0x40012000
close(3)                                = 0
open("/lib/libnss_files.so.2", O_RDONLY) = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0P\35\0\000"..., 1024) = 1024
fstat64(3, {st_mode=S_IFREG|0755, st_size=36296, ...}) = 0
old_mmap(NULL, 39676, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) = 0x40135000
mprotect(0x4013e000, 2812, PROT_NONE)   = 0
old_mmap(0x4013e000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3, 0x8000) = 0x4013e000
close(3)                                = 0
munmap(0x40012000, 9284)                = 0
open("/etc/protocols", O_RDONLY)        = 3
fcntl64(3, F_GETFD)                     = 0
fcntl64(3, F_SETFD, FD_CLOEXEC)         = 0
fstat64(3, {st_mode=S_IFREG|0644, st_size=5809, ...}) = 0
old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x40012000
read(3, "# /etc/protocols:\n# $Id: protoco"..., 4096) = 4096
close(3)                                = 0
munmap(0x40012000, 4096)                = 0
open("/lib/iptables/libipt_udp.so", O_RDONLY) = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\320\5\0"..., 1024) = 1024
fstat64(3, {st_mode=S_IFREG|0755, st_size=5344, ...}) = 0
old_mmap(NULL, 8788, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) = 0x40012000
mprotect(0x40014000, 596, PROT_NONE)    = 0
old_mmap(0x40014000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3, 0x1000) = 0x40014000
close(3)                                = 0
open("/lib/iptables/libipt_DNAT.so", O_RDONLY) = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0`\5\0\000"..., 1024) = 1024
fstat64(3, {st_mode=S_IFREG|0755, st_size=4376, ...}) = 0
old_mmap(NULL, 7820, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) = 0x4013f000
mprotect(0x40140000, 3724, PROT_NONE)   = 0
old_mmap(0x40140000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3, 0) = 0x40140000
close(3)                                = 0
socket(PF_INET, SOCK_RAW, IPPROTO_RAW)  = 3
getsockopt(3, SOL_IP, 0x40 /* IP_??? */, [7627118], [84]) = 0
getsockopt(3, SOL_IP, 0x41 /* IP_??? */, [7627118], [656]) = 0
brk(0x8058000)                          = 0x8058000
setsockopt(3, SOL_IP, 0x40 /* IP_??? */, [7627118], 920) = -1 EINVAL (Invalid argument)
write(2, "iptables: Invalid argument\n", 27iptables: Invalid argument
) = 27
_exit(1)                                = ?

Any thots other than disabling arptables?

b.

-- 
Brian J. Murrell

[-- Attachment #2: Type: application/pgp-signature, Size: 189 bytes --]

                 reply	other threads:[~2002-10-26  0:50 UTC|newest]

Thread overview: [no followups] expand[flat|nested]  mbox.gz  Atom feed

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20021026004959.GL23228@pc.ilinx \
    --to=netfilter@interlinx.bc.ca \
    --cc=netfilter-devel@lists.netfilter.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.