* [LARTC] tcpdump not working with imq0 devices
@ 2005-11-25 11:17 Michal Kustosik
2005-11-25 11:45 ` Michal Kustosik
` (2 more replies)
0 siblings, 3 replies; 8+ messages in thread
From: Michal Kustosik @ 2005-11-25 11:17 UTC (permalink / raw)
To: lartc
On my debian woody (kernel 2.4.31) the tcpdump
doesn't work with imq0 devices. If I try to tcpdump
imq devices there is no packet seen:
[...]
rt1:~# tcpdump -n -i imq0
Warning: arptype 65535 not supported by libpcap - falling back to cooked socket
tcpdump: WARNING: imq0: no IPv4 address assigned
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on imq0, link-type LINUX_SLL (Linux cooked), capture size 68 bytes
[...]
and there is no packet seen. I have sent the packet to imq0 by:
rt1:~# iptables -I PREROUTING -t mangle -j IMQ --todev 0
and there is no other entry in mangle table. There is also
no firewall entry and no entry in nat table.
The ifconfig command show, that the packet goes by imq0:
[...]
rt1:~# ifconfig imq0
imq0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00
UP RUNNING NOARP MTU:1500 Metric:1
RX packets:3268292 errors:0 dropped:0 overruns:0 frame:0
TX packets:3248999 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:30
RX bytes:1987844908 (1.8 GiB) TX bytes:1981674079 (1.8 GiB)
[...]
Everything but iptables is installing from packages deb.
I tried to complile TCPDUMP 3.9.4 from http://www.tcpdump.org/
but it is the same reason.
I have other router, with similar configuration (vlan, imq, htb, the
same kernel version 2.4.31, the same distribution debian woody)
and there is no problem with debuging interfaces by tcpdump command.
Have anybody solved the same problem?
Below some information about the strange router:
kernel - 2.4.31 with patch-o-matic-ng, imq-nat.diff,
linux-2.4.28-imq2.diff,
iptables - v1.3.3 with iptables-1.3.0-imq1.diff
vlan - iANS-3.4.3a, e100-3.4.14
lsmod:
[...]
Module Size Used by Tainted: P
imq 1752 1
ipt_IMQ 800 0
ipt_REDIRECT 960 0 (autoclean)
cls_fw 2368 0 (autoclean)
cls_u32 4548 0 (autoclean)
sch_sfq 3456 0 (autoclean)
sch_htb 19040 0 (autoclean)
ipt_ttl 640 0 (autoclean)
ipt_state 608 0 (autoclean)
ipt_REJECT 3072 0 (autoclean)
ipt_connlimit 1504 0 (autoclean)
ipt_LOG 3648 0 (autoclean)
ipt_limit 960 0 (autoclean)
iptable_filter 1728 0 (autoclean)
ipt_mac 672 15 (autoclean)
ipt_helper 992 22 (autoclean)
ipt_multiport 640 132 (autoclean)
ipt_MARK 800 255 (autoclean)
iptable_mangle 2208 1 (autoclean)
ians 113220 3 (autoclean)
reiserfs 167392 1 (autoclean)
e100 36292 4
ip_nat_ftp 2848 0 (unused)
iptable_nat 22420 2 [ipt_REDIRECT ip_nat_ftp]
ip_tables 13664 17 [ipt_IMQ ipt_REDIRECT ipt_ttl ipt_state ipt_REJECT ipt_connlimit ipt_LOG ipt_limit iptable_filter ipt_mac ipt_helper ipt_multiport ipt_MARK iptable_mangle iptable_nat]
ip_conntrack_ftp 3872 1
ip_conntrack 28544 1 [ipt_REDIRECT ipt_state ipt_connlimit ipt_helper ip_nat_ftp iptable_nat ip_conntrack_ftp]
rtc 6012 0 (autoclean)
[...]
Regards,
--
Michal Kustosik
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [LARTC] tcpdump not working with imq0 devices
@ 2005-11-25 11:26 Andreas Unterkircher
2005-11-25 11:54 ` Andreas Unterkircher
` (2 more replies)
0 siblings, 3 replies; 8+ messages in thread
From: Andreas Unterkircher @ 2005-11-25 11:26 UTC (permalink / raw)
To: lartc
As far as I know it's simply not possible. Also you can't use iptables on a
imq device.
Cheers,
Andreas
Michal Kustosik (kustosz@veb.pl) schrieb:
>
>
> On my debian woody (kernel 2.4.31) the tcpdump
> doesn't work with imq0 devices. If I try to tcpdump
> imq devices there is no packet seen:
> [...]
> rt1:~# tcpdump -n -i imq0
> Warning: arptype 65535 not supported by libpcap - falling back to cooked socket
> tcpdump: WARNING: imq0: no IPv4 address assigned
> tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
> listening on imq0, link-type LINUX_SLL (Linux cooked), capture size 68 bytes
>
> [...]
> and there is no packet seen. I have sent the packet to imq0 by:
> rt1:~# iptables -I PREROUTING -t mangle -j IMQ --todev 0
> and there is no other entry in mangle table. There is also
> no firewall entry and no entry in nat table.
>
> The ifconfig command show, that the packet goes by imq0:
> [...]
> rt1:~# ifconfig imq0
> imq0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00
> UP RUNNING NOARP MTU:1500 Metric:1
> RX packets:3268292 errors:0 dropped:0 overruns:0 frame:0
> TX packets:3248999 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:30
> RX bytes:1987844908 (1.8 GiB) TX bytes:1981674079 (1.8 GiB)
> [...]
>
> Everything but iptables is installing from packages deb.
> I tried to complile TCPDUMP 3.9.4 from http://www.tcpdump.org/
> but it is the same reason.
>
> I have other router, with similar configuration (vlan, imq, htb, the
> same kernel version 2.4.31, the same distribution debian woody)
> and there is no problem with debuging interfaces by tcpdump command.
>
> Have anybody solved the same problem?
>
>
> Below some information about the strange router:
> kernel - 2.4.31 with patch-o-matic-ng, imq-nat.diff,
> linux-2.4.28-imq2.diff,
> iptables - v1.3.3 with iptables-1.3.0-imq1.diff
> vlan - iANS-3.4.3a, e100-3.4.14
> lsmod:
> [...]
> Module Size Used by Tainted: P
> imq 1752 1
> ipt_IMQ 800 0
> ipt_REDIRECT 960 0 (autoclean)
> cls_fw 2368 0 (autoclean)
> cls_u32 4548 0 (autoclean)
> sch_sfq 3456 0 (autoclean)
> sch_htb 19040 0 (autoclean)
> ipt_ttl 640 0 (autoclean)
> ipt_state 608 0 (autoclean)
> ipt_REJECT 3072 0 (autoclean)
> ipt_connlimit 1504 0 (autoclean)
> ipt_LOG 3648 0 (autoclean)
> ipt_limit 960 0 (autoclean)
> iptable_filter 1728 0 (autoclean)
> ipt_mac 672 15 (autoclean)
> ipt_helper 992 22 (autoclean)
> ipt_multiport 640 132 (autoclean)
> ipt_MARK 800 255 (autoclean)
> iptable_mangle 2208 1 (autoclean)
> ians 113220 3 (autoclean)
> reiserfs 167392 1 (autoclean)
> e100 36292 4
> ip_nat_ftp 2848 0 (unused)
> iptable_nat 22420 2 [ipt_REDIRECT ip_nat_ftp]
> ip_tables 13664 17 [ipt_IMQ ipt_REDIRECT ipt_ttl ipt_state ipt_REJECT
> ipt_connlimit ipt_LOG ipt_limit iptable_filter ipt_mac ipt_helper ipt_multiport ipt_MARK
> iptable_mangle iptable_nat]
> ip_conntrack_ftp 3872 1
> ip_conntrack 28544 1 [ipt_REDIRECT ipt_state ipt_connlimit ipt_helper
> ip_nat_ftp iptable_nat ip_conntrack_ftp]
> rtc 6012 0 (autoclean)
> [...]
>
>
>
> Regards,
> --
> Michal Kustosik
>
> _______________________________________________
> LARTC mailing list
> LARTC@mailman.ds9a.nl
> http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
>
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [LARTC] tcpdump not working with imq0 devices
2005-11-25 11:17 [LARTC] tcpdump not working with imq0 devices Michal Kustosik
@ 2005-11-25 11:45 ` Michal Kustosik
2005-11-25 12:05 ` Michal Kustosik
2005-11-25 13:15 ` Michal Kustosik
2 siblings, 0 replies; 8+ messages in thread
From: Michal Kustosik @ 2005-11-25 11:45 UTC (permalink / raw)
To: lartc
On Fri, Nov 25, 2005 at 12:26:20PM +0100, Andreas Unterkircher wrote:
> As far as I know it's simply not possible. Also you can't use iptables on a
> imq device.
>
I read on http://www.linuximq.net/usage.html that it is nessesary to
use iptables to specify which packets should go through the imq device:
[... http://www.linuximq.net/usage.html ...]
After attaching a qdisc to the device you have to specify which packets
should go through the imq device. An iptables target (`IMQ') is provided
for using all the packet-selecting power of iptables.
...
/usr/sbin/iptables -t mangle -A PREROUTING -i ppp0 -j IMQ --todev 0
...
[...]
I have done the same.
Regards,
--
Michal Kustosik
> Cheers,
> Andreas
>
> Michal Kustosik (kustosz@veb.pl) schrieb:
> >
> >
> > On my debian woody (kernel 2.4.31) the tcpdump
> > doesn't work with imq0 devices. If I try to tcpdump
> > imq devices there is no packet seen:
> > [...]
> > rt1:~# tcpdump -n -i imq0
> > Warning: arptype 65535 not supported by libpcap - falling back to cooked socket
> > tcpdump: WARNING: imq0: no IPv4 address assigned
> > tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
> > listening on imq0, link-type LINUX_SLL (Linux cooked), capture size 68 bytes
> >
> > [...]
> > and there is no packet seen. I have sent the packet to imq0 by:
> > rt1:~# iptables -I PREROUTING -t mangle -j IMQ --todev 0
> > and there is no other entry in mangle table. There is also
> > no firewall entry and no entry in nat table.
> >
> > The ifconfig command show, that the packet goes by imq0:
> > [...]
> > rt1:~# ifconfig imq0
> > imq0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00
> > UP RUNNING NOARP MTU:1500 Metric:1
> > RX packets:3268292 errors:0 dropped:0 overruns:0 frame:0
> > TX packets:3248999 errors:0 dropped:0 overruns:0 carrier:0
> > collisions:0 txqueuelen:30
> > RX bytes:1987844908 (1.8 GiB) TX bytes:1981674079 (1.8 GiB)
> > [...]
> >
> > Everything but iptables is installing from packages deb.
> > I tried to complile TCPDUMP 3.9.4 from http://www.tcpdump.org/
> > but it is the same reason.
> >
> > I have other router, with similar configuration (vlan, imq, htb, the
> > same kernel version 2.4.31, the same distribution debian woody)
> > and there is no problem with debuging interfaces by tcpdump command.
> >
> > Have anybody solved the same problem?
> >
> >
> > Below some information about the strange router:
> > kernel - 2.4.31 with patch-o-matic-ng, imq-nat.diff,
> > linux-2.4.28-imq2.diff,
> > iptables - v1.3.3 with iptables-1.3.0-imq1.diff
> > vlan - iANS-3.4.3a, e100-3.4.14
> > lsmod:
> > [...]
> > Module Size Used by Tainted: P
> > imq 1752 1
> > ipt_IMQ 800 0
> > ipt_REDIRECT 960 0 (autoclean)
> > cls_fw 2368 0 (autoclean)
> > cls_u32 4548 0 (autoclean)
> > sch_sfq 3456 0 (autoclean)
> > sch_htb 19040 0 (autoclean)
> > ipt_ttl 640 0 (autoclean)
> > ipt_state 608 0 (autoclean)
> > ipt_REJECT 3072 0 (autoclean)
> > ipt_connlimit 1504 0 (autoclean)
> > ipt_LOG 3648 0 (autoclean)
> > ipt_limit 960 0 (autoclean)
> > iptable_filter 1728 0 (autoclean)
> > ipt_mac 672 15 (autoclean)
> > ipt_helper 992 22 (autoclean)
> > ipt_multiport 640 132 (autoclean)
> > ipt_MARK 800 255 (autoclean)
> > iptable_mangle 2208 1 (autoclean)
> > ians 113220 3 (autoclean)
> > reiserfs 167392 1 (autoclean)
> > e100 36292 4
> > ip_nat_ftp 2848 0 (unused)
> > iptable_nat 22420 2 [ipt_REDIRECT ip_nat_ftp]
> > ip_tables 13664 17 [ipt_IMQ ipt_REDIRECT ipt_ttl ipt_state ipt_REJECT
> > ipt_connlimit ipt_LOG ipt_limit iptable_filter ipt_mac ipt_helper ipt_multiport ipt_MARK
> > iptable_mangle iptable_nat]
> > ip_conntrack_ftp 3872 1
> > ip_conntrack 28544 1 [ipt_REDIRECT ipt_state ipt_connlimit ipt_helper
> > ip_nat_ftp iptable_nat ip_conntrack_ftp]
> > rtc 6012 0 (autoclean)
> > [...]
> >
> >
> >
> > Regards,
> > --
> > Michal Kustosik
> >
> > _______________________________________________
> > LARTC mailing list
> > LARTC@mailman.ds9a.nl
> > http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
> >
>
> _______________________________________________
> LARTC mailing list
> LARTC@mailman.ds9a.nl
> http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [LARTC] tcpdump not working with imq0 devices
2005-11-25 11:26 Andreas Unterkircher
@ 2005-11-25 11:54 ` Andreas Unterkircher
2005-11-25 12:42 ` Andreas Unterkircher
2005-11-25 13:32 ` Andreas Unterkircher
2 siblings, 0 replies; 8+ messages in thread
From: Andreas Unterkircher @ 2005-11-25 11:54 UTC (permalink / raw)
To: lartc
yes, this is needed to get the traffic on the IMQ devices.
But after this you can't match anything on the IMQ devices.
Michal Kustosik (kustosz@veb.pl) schrieb:
>
> On Fri, Nov 25, 2005 at 12:26:20PM +0100, Andreas Unterkircher wrote:
> > As far as I know it's simply not possible. Also you can't use iptables on a
> > imq device.
> >
> I read on http://www.linuximq.net/usage.html that it is nessesary to
> use iptables to specify which packets should go through the imq device:
>
> [... http://www.linuximq.net/usage.html ...]
> After attaching a qdisc to the device you have to specify which packets
> should go through the imq device. An iptables target (`IMQ') is provided
> for using all the packet-selecting power of iptables.
> ...
> /usr/sbin/iptables -t mangle -A PREROUTING -i ppp0 -j IMQ --todev 0
> ...
> [...]
> I have done the same.
>
> Regards,
> --
> Michal Kustosik
>
>
> > Cheers,
> > Andreas
> >
> > Michal Kustosik (kustosz@veb.pl) schrieb:
> > >
> > >
> > > On my debian woody (kernel 2.4.31) the tcpdump
> > > doesn't work with imq0 devices. If I try to tcpdump
> > > imq devices there is no packet seen:
> > > [...]
> > > rt1:~# tcpdump -n -i imq0
> > > Warning: arptype 65535 not supported by libpcap - falling back to cooked socket
> > > tcpdump: WARNING: imq0: no IPv4 address assigned
> > > tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
> > > listening on imq0, link-type LINUX_SLL (Linux cooked), capture size 68 bytes
> > >
> > > [...]
> > > and there is no packet seen. I have sent the packet to imq0 by:
> > > rt1:~# iptables -I PREROUTING -t mangle -j IMQ --todev 0
> > > and there is no other entry in mangle table. There is also
> > > no firewall entry and no entry in nat table.
> > >
> > > The ifconfig command show, that the packet goes by imq0:
> > > [...]
> > > rt1:~# ifconfig imq0
> > > imq0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00
> > > UP RUNNING NOARP MTU:1500 Metric:1
> > > RX packets:3268292 errors:0 dropped:0 overruns:0 frame:0
> > > TX packets:3248999 errors:0 dropped:0 overruns:0 carrier:0
> > > collisions:0 txqueuelen:30
> > > RX bytes:1987844908 (1.8 GiB) TX bytes:1981674079 (1.8 GiB)
> > > [...]
> > >
> > > Everything but iptables is installing from packages deb.
> > > I tried to complile TCPDUMP 3.9.4 from http://www.tcpdump.org/
> > > but it is the same reason.
> > >
> > > I have other router, with similar configuration (vlan, imq, htb, the
> > > same kernel version 2.4.31, the same distribution debian woody)
> > > and there is no problem with debuging interfaces by tcpdump command.
> > >
> > > Have anybody solved the same problem?
> > >
> > >
> > > Below some information about the strange router:
> > > kernel - 2.4.31 with patch-o-matic-ng, imq-nat.diff,
> > > linux-2.4.28-imq2.diff,
> > > iptables - v1.3.3 with iptables-1.3.0-imq1.diff
> > > vlan - iANS-3.4.3a, e100-3.4.14
> > > lsmod:
> > > [...]
> > > Module Size Used by Tainted: P
> > > imq 1752 1
> > > ipt_IMQ 800 0
> > > ipt_REDIRECT 960 0 (autoclean)
> > > cls_fw 2368 0 (autoclean)
> > > cls_u32 4548 0 (autoclean)
> > > sch_sfq 3456 0 (autoclean)
> > > sch_htb 19040 0 (autoclean)
> > > ipt_ttl 640 0 (autoclean)
> > > ipt_state 608 0 (autoclean)
> > > ipt_REJECT 3072 0 (autoclean)
> > > ipt_connlimit 1504 0 (autoclean)
> > > ipt_LOG 3648 0 (autoclean)
> > > ipt_limit 960 0 (autoclean)
> > > iptable_filter 1728 0 (autoclean)
> > > ipt_mac 672 15 (autoclean)
> > > ipt_helper 992 22 (autoclean)
> > > ipt_multiport 640 132 (autoclean)
> > > ipt_MARK 800 255 (autoclean)
> > > iptable_mangle 2208 1 (autoclean)
> > > ians 113220 3 (autoclean)
> > > reiserfs 167392 1 (autoclean)
> > > e100 36292 4
> > > ip_nat_ftp 2848 0 (unused)
> > > iptable_nat 22420 2 [ipt_REDIRECT ip_nat_ftp]
> > > ip_tables 13664 17 [ipt_IMQ ipt_REDIRECT ipt_ttl ipt_state ipt_REJECT
> > > ipt_connlimit ipt_LOG ipt_limit iptable_filter ipt_mac ipt_helper ipt_multiport
> ipt_MARK
> > > iptable_mangle iptable_nat]
> > > ip_conntrack_ftp 3872 1
> > > ip_conntrack 28544 1 [ipt_REDIRECT ipt_state ipt_connlimit ipt_helper
> > > ip_nat_ftp iptable_nat ip_conntrack_ftp]
> > > rtc 6012 0 (autoclean)
> > > [...]
> > >
> > >
> > >
> > > Regards,
> > > --
> > > Michal Kustosik
> > >
> > > _______________________________________________
> > > LARTC mailing list
> > > LARTC@mailman.ds9a.nl
> > > http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
> > >
> >
> > _______________________________________________
> > LARTC mailing list
> > LARTC@mailman.ds9a.nl
> > http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
>
> _______________________________________________
> LARTC mailing list
> LARTC@mailman.ds9a.nl
> http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
>
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [LARTC] tcpdump not working with imq0 devices
2005-11-25 11:17 [LARTC] tcpdump not working with imq0 devices Michal Kustosik
2005-11-25 11:45 ` Michal Kustosik
@ 2005-11-25 12:05 ` Michal Kustosik
2005-11-25 13:15 ` Michal Kustosik
2 siblings, 0 replies; 8+ messages in thread
From: Michal Kustosik @ 2005-11-25 12:05 UTC (permalink / raw)
To: lartc
On Fri, Nov 25, 2005 at 12:54:03PM +0100, Andreas Unterkircher wrote:
> yes, this is needed to get the traffic on the IMQ devices.
> But after this you can't match anything on the IMQ devices.
>
but "tcpdump -n -i imq0" shoud present any packets going
through the imq0 interface, yes? In my event the tcpdump
show nothing.
--
Michal Kustosik
> Michal Kustosik (kustosz@veb.pl) schrieb:
> >
> > On Fri, Nov 25, 2005 at 12:26:20PM +0100, Andreas Unterkircher wrote:
> > > As far as I know it's simply not possible. Also you can't use iptables on a
> > > imq device.
> > >
> > I read on http://www.linuximq.net/usage.html that it is nessesary to
> > use iptables to specify which packets should go through the imq device:
> >
> > [... http://www.linuximq.net/usage.html ...]
> > After attaching a qdisc to the device you have to specify which packets
> > should go through the imq device. An iptables target (`IMQ') is provided
> > for using all the packet-selecting power of iptables.
> > ...
> > /usr/sbin/iptables -t mangle -A PREROUTING -i ppp0 -j IMQ --todev 0
> > ...
> > [...]
> > I have done the same.
> >
> > Regards,
> > --
> > Michal Kustosik
> >
> >
> > > Cheers,
> > > Andreas
> > >
> > > Michal Kustosik (kustosz@veb.pl) schrieb:
> > > >
> > > >
> > > > On my debian woody (kernel 2.4.31) the tcpdump
> > > > doesn't work with imq0 devices. If I try to tcpdump
> > > > imq devices there is no packet seen:
> > > > [...]
> > > > rt1:~# tcpdump -n -i imq0
> > > > Warning: arptype 65535 not supported by libpcap - falling back to cooked socket
> > > > tcpdump: WARNING: imq0: no IPv4 address assigned
> > > > tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
> > > > listening on imq0, link-type LINUX_SLL (Linux cooked), capture size 68 bytes
> > > >
> > > > [...]
> > > > and there is no packet seen. I have sent the packet to imq0 by:
> > > > rt1:~# iptables -I PREROUTING -t mangle -j IMQ --todev 0
> > > > and there is no other entry in mangle table. There is also
> > > > no firewall entry and no entry in nat table.
> > > >
> > > > The ifconfig command show, that the packet goes by imq0:
> > > > [...]
> > > > rt1:~# ifconfig imq0
> > > > imq0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00
> > > > UP RUNNING NOARP MTU:1500 Metric:1
> > > > RX packets:3268292 errors:0 dropped:0 overruns:0 frame:0
> > > > TX packets:3248999 errors:0 dropped:0 overruns:0 carrier:0
> > > > collisions:0 txqueuelen:30
> > > > RX bytes:1987844908 (1.8 GiB) TX bytes:1981674079 (1.8 GiB)
> > > > [...]
> > > >
> > > > Everything but iptables is installing from packages deb.
> > > > I tried to complile TCPDUMP 3.9.4 from http://www.tcpdump.org/
> > > > but it is the same reason.
> > > >
> > > > I have other router, with similar configuration (vlan, imq, htb, the
> > > > same kernel version 2.4.31, the same distribution debian woody)
> > > > and there is no problem with debuging interfaces by tcpdump command.
> > > >
> > > > Have anybody solved the same problem?
> > > >
> > > >
> > > > Below some information about the strange router:
> > > > kernel - 2.4.31 with patch-o-matic-ng, imq-nat.diff,
> > > > linux-2.4.28-imq2.diff,
> > > > iptables - v1.3.3 with iptables-1.3.0-imq1.diff
> > > > vlan - iANS-3.4.3a, e100-3.4.14
> > > > lsmod:
> > > > [...]
> > > > Module Size Used by Tainted: P
> > > > imq 1752 1
> > > > ipt_IMQ 800 0
> > > > ipt_REDIRECT 960 0 (autoclean)
> > > > cls_fw 2368 0 (autoclean)
> > > > cls_u32 4548 0 (autoclean)
> > > > sch_sfq 3456 0 (autoclean)
> > > > sch_htb 19040 0 (autoclean)
> > > > ipt_ttl 640 0 (autoclean)
> > > > ipt_state 608 0 (autoclean)
> > > > ipt_REJECT 3072 0 (autoclean)
> > > > ipt_connlimit 1504 0 (autoclean)
> > > > ipt_LOG 3648 0 (autoclean)
> > > > ipt_limit 960 0 (autoclean)
> > > > iptable_filter 1728 0 (autoclean)
> > > > ipt_mac 672 15 (autoclean)
> > > > ipt_helper 992 22 (autoclean)
> > > > ipt_multiport 640 132 (autoclean)
> > > > ipt_MARK 800 255 (autoclean)
> > > > iptable_mangle 2208 1 (autoclean)
> > > > ians 113220 3 (autoclean)
> > > > reiserfs 167392 1 (autoclean)
> > > > e100 36292 4
> > > > ip_nat_ftp 2848 0 (unused)
> > > > iptable_nat 22420 2 [ipt_REDIRECT ip_nat_ftp]
> > > > ip_tables 13664 17 [ipt_IMQ ipt_REDIRECT ipt_ttl ipt_state ipt_REJECT
> > > > ipt_connlimit ipt_LOG ipt_limit iptable_filter ipt_mac ipt_helper ipt_multiport
> > ipt_MARK
> > > > iptable_mangle iptable_nat]
> > > > ip_conntrack_ftp 3872 1
> > > > ip_conntrack 28544 1 [ipt_REDIRECT ipt_state ipt_connlimit ipt_helper
> > > > ip_nat_ftp iptable_nat ip_conntrack_ftp]
> > > > rtc 6012 0 (autoclean)
> > > > [...]
> > > >
> > > >
> > > >
> > > > Regards,
> > > > --
> > > > Michal Kustosik
> > > >
> > > > _______________________________________________
> > > > LARTC mailing list
> > > > LARTC@mailman.ds9a.nl
> > > > http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
> > > >
> > >
> > > _______________________________________________
> > > LARTC mailing list
> > > LARTC@mailman.ds9a.nl
> > > http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
> >
> > _______________________________________________
> > LARTC mailing list
> > LARTC@mailman.ds9a.nl
> > http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
> >
>
> _______________________________________________
> LARTC mailing list
> LARTC@mailman.ds9a.nl
> http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
--
Michal Kustosik
Administrator Sieci Damis VeB
http://www.veb.damis.pl/
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [LARTC] tcpdump not working with imq0 devices
2005-11-25 11:26 Andreas Unterkircher
2005-11-25 11:54 ` Andreas Unterkircher
@ 2005-11-25 12:42 ` Andreas Unterkircher
2005-11-25 13:32 ` Andreas Unterkircher
2 siblings, 0 replies; 8+ messages in thread
From: Andreas Unterkircher @ 2005-11-25 12:42 UTC (permalink / raw)
To: lartc
No - if the interface doesn't support the necessary socketoptions (I guess
something like SO_ATTACH_FILTER) it won't work.
Michal Kustosik (kustosz@veb.pl) schrieb:
>
> On Fri, Nov 25, 2005 at 12:54:03PM +0100, Andreas Unterkircher wrote:
> > yes, this is needed to get the traffic on the IMQ devices.
> > But after this you can't match anything on the IMQ devices.
> >
> but "tcpdump -n -i imq0" shoud present any packets going
> through the imq0 interface, yes? In my event the tcpdump
> show nothing.
>
> --
> Michal Kustosik
>
>
>
>
> > Michal Kustosik (kustosz@veb.pl) schrieb:
> > >
> > > On Fri, Nov 25, 2005 at 12:26:20PM +0100, Andreas Unterkircher wrote:
> > > > As far as I know it's simply not possible. Also you can't use iptables on a
> > > > imq device.
> > > >
> > > I read on http://www.linuximq.net/usage.html that it is nessesary to
> > > use iptables to specify which packets should go through the imq device:
> > >
> > > [... http://www.linuximq.net/usage.html ...]
> > > After attaching a qdisc to the device you have to specify which packets
> > > should go through the imq device. An iptables target (`IMQ') is provided
> > > for using all the packet-selecting power of iptables.
> > > ...
> > > /usr/sbin/iptables -t mangle -A PREROUTING -i ppp0 -j IMQ --todev 0
> > > ...
> > > [...]
> > > I have done the same.
> > >
> > > Regards,
> > > --
> > > Michal Kustosik
> > >
> > >
> > > > Cheers,
> > > > Andreas
> > > >
> > > > Michal Kustosik (kustosz@veb.pl) schrieb:
> > > > >
> > > > >
> > > > > On my debian woody (kernel 2.4.31) the tcpdump
> > > > > doesn't work with imq0 devices. If I try to tcpdump
> > > > > imq devices there is no packet seen:
> > > > > [...]
> > > > > rt1:~# tcpdump -n -i imq0
> > > > > Warning: arptype 65535 not supported by libpcap - falling back to cooked socket
> > > > > tcpdump: WARNING: imq0: no IPv4 address assigned
> > > > > tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
> > > > > listening on imq0, link-type LINUX_SLL (Linux cooked), capture size 68 bytes
> > > > >
> > > > > [...]
> > > > > and there is no packet seen. I have sent the packet to imq0 by:
> > > > > rt1:~# iptables -I PREROUTING -t mangle -j IMQ --todev 0
> > > > > and there is no other entry in mangle table. There is also
> > > > > no firewall entry and no entry in nat table.
> > > > >
> > > > > The ifconfig command show, that the packet goes by imq0:
> > > > > [...]
> > > > > rt1:~# ifconfig imq0
> > > > > imq0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00
> > > > > UP RUNNING NOARP MTU:1500 Metric:1
> > > > > RX packets:3268292 errors:0 dropped:0 overruns:0 frame:0
> > > > > TX packets:3248999 errors:0 dropped:0 overruns:0 carrier:0
> > > > > collisions:0 txqueuelen:30
> > > > > RX bytes:1987844908 (1.8 GiB) TX bytes:1981674079 (1.8 GiB)
> > > > > [...]
> > > > >
> > > > > Everything but iptables is installing from packages deb.
> > > > > I tried to complile TCPDUMP 3.9.4 from http://www.tcpdump.org/
> > > > > but it is the same reason.
> > > > >
> > > > > I have other router, with similar configuration (vlan, imq, htb, the
> > > > > same kernel version 2.4.31, the same distribution debian woody)
> > > > > and there is no problem with debuging interfaces by tcpdump command.
> > > > >
> > > > > Have anybody solved the same problem?
> > > > >
> > > > >
> > > > > Below some information about the strange router:
> > > > > kernel - 2.4.31 with patch-o-matic-ng, imq-nat.diff,
> > > > > linux-2.4.28-imq2.diff,
> > > > > iptables - v1.3.3 with iptables-1.3.0-imq1.diff
> > > > > vlan - iANS-3.4.3a, e100-3.4.14
> > > > > lsmod:
> > > > > [...]
> > > > > Module Size Used by Tainted: P
> > > > > imq 1752 1
> > > > > ipt_IMQ 800 0
> > > > > ipt_REDIRECT 960 0 (autoclean)
> > > > > cls_fw 2368 0 (autoclean)
> > > > > cls_u32 4548 0 (autoclean)
> > > > > sch_sfq 3456 0 (autoclean)
> > > > > sch_htb 19040 0 (autoclean)
> > > > > ipt_ttl 640 0 (autoclean)
> > > > > ipt_state 608 0 (autoclean)
> > > > > ipt_REJECT 3072 0 (autoclean)
> > > > > ipt_connlimit 1504 0 (autoclean)
> > > > > ipt_LOG 3648 0 (autoclean)
> > > > > ipt_limit 960 0 (autoclean)
> > > > > iptable_filter 1728 0 (autoclean)
> > > > > ipt_mac 672 15 (autoclean)
> > > > > ipt_helper 992 22 (autoclean)
> > > > > ipt_multiport 640 132 (autoclean)
> > > > > ipt_MARK 800 255 (autoclean)
> > > > > iptable_mangle 2208 1 (autoclean)
> > > > > ians 113220 3 (autoclean)
> > > > > reiserfs 167392 1 (autoclean)
> > > > > e100 36292 4
> > > > > ip_nat_ftp 2848 0 (unused)
> > > > > iptable_nat 22420 2 [ipt_REDIRECT ip_nat_ftp]
> > > > > ip_tables 13664 17 [ipt_IMQ ipt_REDIRECT ipt_ttl ipt_state
> ipt_REJECT
> > > > > ipt_connlimit ipt_LOG ipt_limit iptable_filter ipt_mac ipt_helper ipt_multiport
> > > ipt_MARK
> > > > > iptable_mangle iptable_nat]
> > > > > ip_conntrack_ftp 3872 1
> > > > > ip_conntrack 28544 1 [ipt_REDIRECT ipt_state ipt_connlimit
> ipt_helper
> > > > > ip_nat_ftp iptable_nat ip_conntrack_ftp]
> > > > > rtc 6012 0 (autoclean)
> > > > > [...]
> > > > >
> > > > >
> > > > >
> > > > > Regards,
> > > > > --
> > > > > Michal Kustosik
> > > > >
> > > > > _______________________________________________
> > > > > LARTC mailing list
> > > > > LARTC@mailman.ds9a.nl
> > > > > http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
> > > > >
> > > >
> > > > _______________________________________________
> > > > LARTC mailing list
> > > > LARTC@mailman.ds9a.nl
> > > > http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
> > >
> > > _______________________________________________
> > > LARTC mailing list
> > > LARTC@mailman.ds9a.nl
> > > http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
> > >
> >
> > _______________________________________________
> > LARTC mailing list
> > LARTC@mailman.ds9a.nl
> > http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
>
> --
> Michal Kustosik
> Administrator Sieci Damis VeB
> http://www.veb.damis.pl/
>
> _______________________________________________
> LARTC mailing list
> LARTC@mailman.ds9a.nl
> http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
>
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [LARTC] tcpdump not working with imq0 devices
2005-11-25 11:17 [LARTC] tcpdump not working with imq0 devices Michal Kustosik
2005-11-25 11:45 ` Michal Kustosik
2005-11-25 12:05 ` Michal Kustosik
@ 2005-11-25 13:15 ` Michal Kustosik
2 siblings, 0 replies; 8+ messages in thread
From: Michal Kustosik @ 2005-11-25 13:15 UTC (permalink / raw)
To: lartc
On Fri, Nov 25, 2005 at 01:42:30PM +0100, Andreas Unterkircher wrote:
> No - if the interface doesn't support the necessary socketoptions (I guess
> something like SO_ATTACH_FILTER) it won't work.
>
thank you for explain...
compiling kernel with "Socket Filtering" in "Networking options"
should be enough to see packets by tcpdump on imq interface?
--
Michal
> Michal Kustosik (kustosz@veb.pl) schrieb:
> >
> > On Fri, Nov 25, 2005 at 12:54:03PM +0100, Andreas Unterkircher wrote:
> > > yes, this is needed to get the traffic on the IMQ devices.
> > > But after this you can't match anything on the IMQ devices.
> > >
> > but "tcpdump -n -i imq0" shoud present any packets going
> > through the imq0 interface, yes? In my event the tcpdump
> > show nothing.
> >
> > --
> > Michal Kustosik
> >
> >
> >
> >
> > > Michal Kustosik (kustosz@veb.pl) schrieb:
> > > >
> > > > On Fri, Nov 25, 2005 at 12:26:20PM +0100, Andreas Unterkircher wrote:
> > > > > As far as I know it's simply not possible. Also you can't use iptables on a
> > > > > imq device.
> > > > >
> > > > I read on http://www.linuximq.net/usage.html that it is nessesary to
> > > > use iptables to specify which packets should go through the imq device:
> > > >
> > > > [... http://www.linuximq.net/usage.html ...]
> > > > After attaching a qdisc to the device you have to specify which packets
> > > > should go through the imq device. An iptables target (`IMQ') is provided
> > > > for using all the packet-selecting power of iptables.
> > > > ...
> > > > /usr/sbin/iptables -t mangle -A PREROUTING -i ppp0 -j IMQ --todev 0
> > > > ...
> > > > [...]
> > > > I have done the same.
> > > >
> > > > Regards,
> > > > --
> > > > Michal Kustosik
> > > >
> > > >
> > > > > Cheers,
> > > > > Andreas
> > > > >
> > > > > Michal Kustosik (kustosz@veb.pl) schrieb:
> > > > > >
> > > > > >
> > > > > > On my debian woody (kernel 2.4.31) the tcpdump
> > > > > > doesn't work with imq0 devices. If I try to tcpdump
> > > > > > imq devices there is no packet seen:
> > > > > > [...]
> > > > > > rt1:~# tcpdump -n -i imq0
> > > > > > Warning: arptype 65535 not supported by libpcap - falling back to cooked socket
> > > > > > tcpdump: WARNING: imq0: no IPv4 address assigned
> > > > > > tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
> > > > > > listening on imq0, link-type LINUX_SLL (Linux cooked), capture size 68 bytes
> > > > > >
> > > > > > [...]
> > > > > > and there is no packet seen. I have sent the packet to imq0 by:
> > > > > > rt1:~# iptables -I PREROUTING -t mangle -j IMQ --todev 0
> > > > > > and there is no other entry in mangle table. There is also
> > > > > > no firewall entry and no entry in nat table.
> > > > > >
> > > > > > The ifconfig command show, that the packet goes by imq0:
> > > > > > [...]
> > > > > > rt1:~# ifconfig imq0
> > > > > > imq0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00
> > > > > > UP RUNNING NOARP MTU:1500 Metric:1
> > > > > > RX packets:3268292 errors:0 dropped:0 overruns:0 frame:0
> > > > > > TX packets:3248999 errors:0 dropped:0 overruns:0 carrier:0
> > > > > > collisions:0 txqueuelen:30
> > > > > > RX bytes:1987844908 (1.8 GiB) TX bytes:1981674079 (1.8 GiB)
> > > > > > [...]
> > > > > >
> > > > > > Everything but iptables is installing from packages deb.
> > > > > > I tried to complile TCPDUMP 3.9.4 from http://www.tcpdump.org/
> > > > > > but it is the same reason.
> > > > > >
> > > > > > I have other router, with similar configuration (vlan, imq, htb, the
> > > > > > same kernel version 2.4.31, the same distribution debian woody)
> > > > > > and there is no problem with debuging interfaces by tcpdump command.
> > > > > >
> > > > > > Have anybody solved the same problem?
> > > > > >
> > > > > >
> > > > > > Below some information about the strange router:
> > > > > > kernel - 2.4.31 with patch-o-matic-ng, imq-nat.diff,
> > > > > > linux-2.4.28-imq2.diff,
> > > > > > iptables - v1.3.3 with iptables-1.3.0-imq1.diff
> > > > > > vlan - iANS-3.4.3a, e100-3.4.14
> > > > > > lsmod:
> > > > > > [...]
> > > > > > Module Size Used by Tainted: P
> > > > > > imq 1752 1
> > > > > > ipt_IMQ 800 0
> > > > > > ipt_REDIRECT 960 0 (autoclean)
> > > > > > cls_fw 2368 0 (autoclean)
> > > > > > cls_u32 4548 0 (autoclean)
> > > > > > sch_sfq 3456 0 (autoclean)
> > > > > > sch_htb 19040 0 (autoclean)
> > > > > > ipt_ttl 640 0 (autoclean)
> > > > > > ipt_state 608 0 (autoclean)
> > > > > > ipt_REJECT 3072 0 (autoclean)
> > > > > > ipt_connlimit 1504 0 (autoclean)
> > > > > > ipt_LOG 3648 0 (autoclean)
> > > > > > ipt_limit 960 0 (autoclean)
> > > > > > iptable_filter 1728 0 (autoclean)
> > > > > > ipt_mac 672 15 (autoclean)
> > > > > > ipt_helper 992 22 (autoclean)
> > > > > > ipt_multiport 640 132 (autoclean)
> > > > > > ipt_MARK 800 255 (autoclean)
> > > > > > iptable_mangle 2208 1 (autoclean)
> > > > > > ians 113220 3 (autoclean)
> > > > > > reiserfs 167392 1 (autoclean)
> > > > > > e100 36292 4
> > > > > > ip_nat_ftp 2848 0 (unused)
> > > > > > iptable_nat 22420 2 [ipt_REDIRECT ip_nat_ftp]
> > > > > > ip_tables 13664 17 [ipt_IMQ ipt_REDIRECT ipt_ttl ipt_state
> > ipt_REJECT
> > > > > > ipt_connlimit ipt_LOG ipt_limit iptable_filter ipt_mac ipt_helper ipt_multiport
> > > > ipt_MARK
> > > > > > iptable_mangle iptable_nat]
> > > > > > ip_conntrack_ftp 3872 1
> > > > > > ip_conntrack 28544 1 [ipt_REDIRECT ipt_state ipt_connlimit
> > ipt_helper
> > > > > > ip_nat_ftp iptable_nat ip_conntrack_ftp]
> > > > > > rtc 6012 0 (autoclean)
> > > > > > [...]
> > > > > >
> > > > > >
> > > > > >
> > > > > > Regards,
> > > > > > --
> > > > > > Michal Kustosik
> > > > > >
> > > > > > _______________________________________________
> > > > > > LARTC mailing list
> > > > > > LARTC@mailman.ds9a.nl
> > > > > > http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
> > > > > >
> > > > >
> > > > > _______________________________________________
> > > > > LARTC mailing list
> > > > > LARTC@mailman.ds9a.nl
> > > > > http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
> > > >
> > > > _______________________________________________
> > > > LARTC mailing list
> > > > LARTC@mailman.ds9a.nl
> > > > http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
> > > >
> > >
> > > _______________________________________________
> > > LARTC mailing list
> > > LARTC@mailman.ds9a.nl
> > > http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
> >
> > --
> > Michal Kustosik
> > Administrator Sieci Damis VeB
> > http://www.veb.damis.pl/
> >
> > _______________________________________________
> > LARTC mailing list
> > LARTC@mailman.ds9a.nl
> > http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
> >
>
> _______________________________________________
> LARTC mailing list
> LARTC@mailman.ds9a.nl
> http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [LARTC] tcpdump not working with imq0 devices
2005-11-25 11:26 Andreas Unterkircher
2005-11-25 11:54 ` Andreas Unterkircher
2005-11-25 12:42 ` Andreas Unterkircher
@ 2005-11-25 13:32 ` Andreas Unterkircher
2 siblings, 0 replies; 8+ messages in thread
From: Andreas Unterkircher @ 2005-11-25 13:32 UTC (permalink / raw)
To: lartc
I would say this is something within IMQ itself.
Michal Kustosik (kustosz@veb.pl) schrieb:
>
> On Fri, Nov 25, 2005 at 01:42:30PM +0100, Andreas Unterkircher wrote:
> > No - if the interface doesn't support the necessary socketoptions (I guess
> > something like SO_ATTACH_FILTER) it won't work.
> >
> thank you for explain...
> compiling kernel with "Socket Filtering" in "Networking options"
> should be enough to see packets by tcpdump on imq interface?
>
> --
> Michal
>
>
>
> > Michal Kustosik (kustosz@veb.pl) schrieb:
> > >
> > > On Fri, Nov 25, 2005 at 12:54:03PM +0100, Andreas Unterkircher wrote:
> > > > yes, this is needed to get the traffic on the IMQ devices.
> > > > But after this you can't match anything on the IMQ devices.
> > > >
> > > but "tcpdump -n -i imq0" shoud present any packets going
> > > through the imq0 interface, yes? In my event the tcpdump
> > > show nothing.
> > >
> > > --
> > > Michal Kustosik
> > >
> > >
> > >
> > >
> > > > Michal Kustosik (kustosz@veb.pl) schrieb:
> > > > >
> > > > > On Fri, Nov 25, 2005 at 12:26:20PM +0100, Andreas Unterkircher wrote:
> > > > > > As far as I know it's simply not possible. Also you can't use iptables on a
> > > > > > imq device.
> > > > > >
> > > > > I read on http://www.linuximq.net/usage.html that it is nessesary to
> > > > > use iptables to specify which packets should go through the imq device:
> > > > >
> > > > > [... http://www.linuximq.net/usage.html ...]
> > > > > After attaching a qdisc to the device you have to specify which packets
> > > > > should go through the imq device. An iptables target (`IMQ') is provided
> > > > > for using all the packet-selecting power of iptables.
> > > > > ...
> > > > > /usr/sbin/iptables -t mangle -A PREROUTING -i ppp0 -j IMQ --todev 0
> > > > > ...
> > > > > [...]
> > > > > I have done the same.
> > > > >
> > > > > Regards,
> > > > > --
> > > > > Michal Kustosik
> > > > >
> > > > >
> > > > > > Cheers,
> > > > > > Andreas
> > > > > >
> > > > > > Michal Kustosik (kustosz@veb.pl) schrieb:
> > > > > > >
> > > > > > >
> > > > > > > On my debian woody (kernel 2.4.31) the tcpdump
> > > > > > > doesn't work with imq0 devices. If I try to tcpdump
> > > > > > > imq devices there is no packet seen:
> > > > > > > [...]
> > > > > > > rt1:~# tcpdump -n -i imq0
> > > > > > > Warning: arptype 65535 not supported by libpcap - falling back to cooked
> socket
> > > > > > > tcpdump: WARNING: imq0: no IPv4 address assigned
> > > > > > > tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
> > > > > > > listening on imq0, link-type LINUX_SLL (Linux cooked), capture size 68
> bytes
> > > > > > >
> > > > > > > [...]
> > > > > > > and there is no packet seen. I have sent the packet to imq0 by:
> > > > > > > rt1:~# iptables -I PREROUTING -t mangle -j IMQ --todev 0
> > > > > > > and there is no other entry in mangle table. There is also
> > > > > > > no firewall entry and no entry in nat table.
> > > > > > >
> > > > > > > The ifconfig command show, that the packet goes by imq0:
> > > > > > > [...]
> > > > > > > rt1:~# ifconfig imq0
> > > > > > > imq0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00
> > > > > > > UP RUNNING NOARP MTU:1500 Metric:1
> > > > > > > RX packets:3268292 errors:0 dropped:0 overruns:0 frame:0
> > > > > > > TX packets:3248999 errors:0 dropped:0 overruns:0 carrier:0
> > > > > > > collisions:0 txqueuelen:30
> > > > > > > RX bytes:1987844908 (1.8 GiB) TX bytes:1981674079 (1.8 GiB)
> > > > > > > [...]
> > > > > > >
> > > > > > > Everything but iptables is installing from packages deb.
> > > > > > > I tried to complile TCPDUMP 3.9.4 from http://www.tcpdump.org/
> > > > > > > but it is the same reason.
> > > > > > >
> > > > > > > I have other router, with similar configuration (vlan, imq, htb, the
> > > > > > > same kernel version 2.4.31, the same distribution debian woody)
> > > > > > > and there is no problem with debuging interfaces by tcpdump command.
> > > > > > >
> > > > > > > Have anybody solved the same problem?
> > > > > > >
> > > > > > >
> > > > > > > Below some information about the strange router:
> > > > > > > kernel - 2.4.31 with patch-o-matic-ng, imq-nat.diff,
> > > > > > > linux-2.4.28-imq2.diff,
> > > > > > > iptables - v1.3.3 with iptables-1.3.0-imq1.diff
> > > > > > > vlan - iANS-3.4.3a, e100-3.4.14
> > > > > > > lsmod:
> > > > > > > [...]
> > > > > > > Module Size Used by Tainted: P
> > > > > > > imq 1752 1
> > > > > > > ipt_IMQ 800 0
> > > > > > > ipt_REDIRECT 960 0 (autoclean)
> > > > > > > cls_fw 2368 0 (autoclean)
> > > > > > > cls_u32 4548 0 (autoclean)
> > > > > > > sch_sfq 3456 0 (autoclean)
> > > > > > > sch_htb 19040 0 (autoclean)
> > > > > > > ipt_ttl 640 0 (autoclean)
> > > > > > > ipt_state 608 0 (autoclean)
> > > > > > > ipt_REJECT 3072 0 (autoclean)
> > > > > > > ipt_connlimit 1504 0 (autoclean)
> > > > > > > ipt_LOG 3648 0 (autoclean)
> > > > > > > ipt_limit 960 0 (autoclean)
> > > > > > > iptable_filter 1728 0 (autoclean)
> > > > > > > ipt_mac 672 15 (autoclean)
> > > > > > > ipt_helper 992 22 (autoclean)
> > > > > > > ipt_multiport 640 132 (autoclean)
> > > > > > > ipt_MARK 800 255 (autoclean)
> > > > > > > iptable_mangle 2208 1 (autoclean)
> > > > > > > ians 113220 3 (autoclean)
> > > > > > > reiserfs 167392 1 (autoclean)
> > > > > > > e100 36292 4
> > > > > > > ip_nat_ftp 2848 0 (unused)
> > > > > > > iptable_nat 22420 2 [ipt_REDIRECT ip_nat_ftp]
> > > > > > > ip_tables 13664 17 [ipt_IMQ ipt_REDIRECT ipt_ttl ipt_state
> > > ipt_REJECT
> > > > > > > ipt_connlimit ipt_LOG ipt_limit iptable_filter ipt_mac ipt_helper
> ipt_multiport
> > > > > ipt_MARK
> > > > > > > iptable_mangle iptable_nat]
> > > > > > > ip_conntrack_ftp 3872 1
> > > > > > > ip_conntrack 28544 1 [ipt_REDIRECT ipt_state ipt_connlimit
> > > ipt_helper
> > > > > > > ip_nat_ftp iptable_nat ip_conntrack_ftp]
> > > > > > > rtc 6012 0 (autoclean)
> > > > > > > [...]
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > > Regards,
> > > > > > > --
> > > > > > > Michal Kustosik
> > > > > > >
> > > > > > > _______________________________________________
> > > > > > > LARTC mailing list
> > > > > > > LARTC@mailman.ds9a.nl
> > > > > > > http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
> > > > > > >
> > > > > >
> > > > > > _______________________________________________
> > > > > > LARTC mailing list
> > > > > > LARTC@mailman.ds9a.nl
> > > > > > http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
> > > > >
> > > > > _______________________________________________
> > > > > LARTC mailing list
> > > > > LARTC@mailman.ds9a.nl
> > > > > http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
> > > > >
> > > >
> > > > _______________________________________________
> > > > LARTC mailing list
> > > > LARTC@mailman.ds9a.nl
> > > > http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
> > >
> > > --
> > > Michal Kustosik
> > > Administrator Sieci Damis VeB
> > > http://www.veb.damis.pl/
> > >
> > > _______________________________________________
> > > LARTC mailing list
> > > LARTC@mailman.ds9a.nl
> > > http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
> > >
> >
> > _______________________________________________
> > LARTC mailing list
> > LARTC@mailman.ds9a.nl
> > http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
>
> _______________________________________________
> LARTC mailing list
> LARTC@mailman.ds9a.nl
> http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
>
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
^ permalink raw reply [flat|nested] 8+ messages in thread
end of thread, other threads:[~2005-11-25 13:32 UTC | newest]
Thread overview: 8+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2005-11-25 11:17 [LARTC] tcpdump not working with imq0 devices Michal Kustosik
2005-11-25 11:45 ` Michal Kustosik
2005-11-25 12:05 ` Michal Kustosik
2005-11-25 13:15 ` Michal Kustosik
-- strict thread matches above, loose matches on Subject: below --
2005-11-25 11:26 Andreas Unterkircher
2005-11-25 11:54 ` Andreas Unterkircher
2005-11-25 12:42 ` Andreas Unterkircher
2005-11-25 13:32 ` Andreas Unterkircher
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.