From: Paul Freeman <netfilter@lists-in.noc4.net>
To: netfilter@vger.kernel.org
Subject: xtables-addons/geoip
Date: Mon, 29 Nov 2010 17:08:52 +0000 [thread overview]
Message-ID: <2e75b596bbcd5d290630dead789faffd@noc4.net> (raw)
Hi we seem to be having the following issue with the geoip match from
xtables_addons any input appreciated.
testing rule...
~ # iptables -A INPUT -p udp --dport 53 -m geoip --src-cc ES -j LOG
--log-prefix 'ES DNS: '
iptables: No chain/target/match by that name.
~ # uname -r
2.6.34-xen-r4
~ # iptables -V
iptables v1.4.8
loaded modules:
~ # lsmod | sort
af_key 27908 0
ah4 5056 0
authenc 6410 4
button 4570 0
cast5 14733 0
cls_u32 6427 1
deflate 1879 0
ebtable_nat 1545 0
ebtables 23279 1 ebtable_nat
ecb 1873 0
esp4 4901 4
hwmon 1449 1 thermal_sys
i2c_i801 8022 0
ip6table_filter 1115 0
ip6_tables 17726 1 ip6table_filter
ipcomp 1860 0
ip_gre 13377 0
iptable_filter 1176 1
iptable_mangle 1304 1
iptable_nat 3822 1
iptable_raw 1039 0
ip_tables 16502 4
iptable_mangle,iptable_nat,iptable_raw,iptable_filter
ipt_addrtype 1849 0
ipt_LOG 5067 9
ipt_REJECT 2177 19
ipv6 280711 73 xfrm6_mode_tunnel,sit
iscsi_trgt 75966 4
Module Size Used by
nf_conntrack 52639 7
iptable_nat,nf_nat,nf_conntrack_ipv4,xt_state,xt_conntrack,xt_CONNMARK,xt_connmark
nf_conntrack_ipv4 10555 5 iptable_nat,nf_nat
nf_defrag_ipv4 1107 1 nf_conntrack_ipv4
nf_nat 14991 1 iptable_nat
nfsd 285062 11
processor 21219 0
rtc_cmos 9118 0
rtc_core 12965 1 rtc_cmos
rtc_lib 1698 1 rtc_core
sch_htb 13997 1
sch_sfq 5359 3
sg 17944 0
sha1_generic 1999 4
sit 8853 0
thermal 11807 0
thermal_sys 13414 2 thermal,processor
tunnel4 2101 2 sit,xfrm4_tunnel
xfrm4_mode_tunnel 1696 8
xfrm4_tunnel 1657 0
xfrm6_mode_tunnel 1600 4
xfrm_ipcomp 3623 1 ipcomp
xfrm_user 22465 2
x_tables 14390 27
xt_geoip,ip6table_filter,ip6_tables,ebtables,iptable_mangle,iptable_nat,iptable_raw,ipt_REJECT,ipt_LOG,xt_state,xt_tcpudp,iptable_filter,ipt_addrtype,xt_DSCP,xt_dscp,xt_string,xt_owner,xt_NFQUEUE,xt_multiport,xt_MARK,xt_mark,xt_iprange,xt_hashlimit,xt_conntrack,xt_CONNMARK,xt_connmark,ip_tables
xt_connmark 1107 0
xt_CONNMARK 1267 0
xt_conntrack 2535 0
xt_dscp 1627 0
xt_DSCP 2043 0
xt_geoip 2248 0
xt_hashlimit 9163 0
xt_iprange 1440 0
xt_mark 853 0
xt_MARK 853 0
xt_multiport 2427 0
xt_NFQUEUE 2037 0
xt_owner 1047 0
xt_state 1255 2
xt_string 1323 0
xt_tcpudp 2399 74
zlib_deflate 19852 1 deflate
strace of the above:
strace iptables -A INPUT -p udp --dport 53 -m geoip --src-cc ES -j LOG
--log-prefix 'ES DNS: '
execve("/sbin/iptables", ["iptables", "-A", "INPUT", "-p", "udp",
"--dport", "53", "-m", "geoip", "--src-cc", "ES", "-j", "LOG",
"--log-prefix", "ES DNS: "], [/* 33 vars */]) = 0
brk(0) = 0x6ac000
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1,
0) =
0x7f50163bc000
access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or
directory)
open("/etc/ld.so.cache", O_RDONLY) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=148536, ...}) = 0
mmap(NULL, 148536, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f5016397000
close(3) = 0
open("/usr/lib/libip4tc.so.0", O_RDONLY) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0000\31\0"...,
832)
= 832
fstat(3, {st_mode=S_IFREG|0755, st_size=26632, ...}) = 0
mmap(NULL, 2121944, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3,
0)
= 0x7f5015f99000
mprotect(0x7f5015f9f000, 2093056, PROT_NONE) = 0
mmap(0x7f501619e000, 8192, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x5000) = 0x7f501619e000
close(3) = 0
open("/usr/lib/libxtables.so.4", O_RDONLY) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\240*\0\0"...,
832)
= 832
fstat(3, {st_mode=S_IFREG|0755, st_size=31168, ...}) = 0
mmap(NULL, 2127872, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3,
0)
= 0x7f5015d91000
mprotect(0x7f5015d98000, 2093056, PROT_NONE) = 0
mmap(0x7f5015f97000, 8192, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x6000) = 0x7f5015f97000
close(3) = 0
open("/lib/libm.so.6", O_RDONLY) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\200>\0\0"...,
832)
= 832
fstat(3, {st_mode=S_IFREG|0755, st_size=534648, ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1,
0) =
0x7f5016396000
mmap(NULL, 2629848, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3,
0)
= 0x7f5015b0e000
mprotect(0x7f5015b8f000, 2097152, PROT_NONE) = 0
mmap(0x7f5015d8f000, 8192, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x81000) = 0x7f5015d8f000
close(3) = 0
open("/lib/libc.so.6", O_RDONLY) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\300\354"...,
832)
= 832
fstat(3, {st_mode=S_IFREG|0755, st_size=1412272, ...}) = 0
mmap(NULL, 3520552, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3,
0)
= 0x7f50157b2000
mprotect(0x7f5015905000, 2093056, PROT_NONE) = 0
mmap(0x7f5015b04000, 20480, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x152000) = 0x7f5015b04000
mmap(0x7f5015b09000, 18472, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f5015b09000
close(3) = 0
open("/lib/libdl.so.2", O_RDONLY) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\360\r\0"...,
832)
= 832
fstat(3, {st_mode=S_IFREG|0755, st_size=14512, ...}) = 0
mmap(NULL, 2109696, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3,
0)
= 0x7f50155ae000
mprotect(0x7f50155b0000, 2097152, PROT_NONE) = 0
mmap(0x7f50157b0000, 8192, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2000) = 0x7f50157b0000
close(3) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1,
0) =
0x7f5016395000
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1,
0) =
0x7f5016394000
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1,
0) =
0x7f5016393000
arch_prctl(ARCH_SET_FS, 0x7f5016394700) = 0
mprotect(0x7f50157b0000, 4096, PROT_READ) = 0
mprotect(0x7f5015b04000, 16384, PROT_READ) = 0
mprotect(0x7f5015d8f000, 4096, PROT_READ) = 0
mprotect(0x7f5015f97000, 4096, PROT_READ) = 0
mprotect(0x7f501619e000, 4096, PROT_READ) = 0
mprotect(0x640000, 4096, PROT_READ) = 0
mprotect(0x7f50163bd000, 4096, PROT_READ) = 0
munmap(0x7f5016397000, 148536) = 0
socket(PF_INET, SOCK_RAW, IPPROTO_RAW) = 3
open("/proc/sys/kernel/modprobe", O_RDONLY) = 4
brk(0) = 0x6ac000
brk(0x6cd000) = 0x6cd000
read(4, "/sbin/modprobe\n", 1024) = 15
close(4) = 0
vfork() = 9715
wait4(-1, [{WIFEXITED(s) && WEXITSTATUS(s) == 0}], 0, NULL) = 9715
--- SIGCHLD (Child exited) @ 0 (0) ---
getsockopt(3, SOL_IP, 0x42 /* IP_??? */,
"connmark\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\370\327\32\26"..., [30]) = 0
close(3) = 0
socket(PF_INET, SOCK_RAW, IPPROTO_RAW) = 3
getsockopt(3, SOL_IP, 0x43 /* IP_??? */,
"CONNMARK\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\370\327\32\26"..., [30]) = 0
close(3) = 0
socket(PF_INET, SOCK_RAW, IPPROTO_RAW) = 3
getsockopt(3, SOL_IP, 0x42 /* IP_??? */,
"conntrack\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\370\327\32\26P"..., [30]) = 0
close(3) = 0
socket(PF_INET, SOCK_RAW, IPPROTO_RAW) = 3
getsockopt(3, SOL_IP, 0x42 /* IP_??? */,
"conntrack\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\370\327\32\26P"..., [30]) = 0
close(3) = 0
socket(PF_INET, SOCK_RAW, IPPROTO_RAW) = 3
getsockopt(3, SOL_IP, 0x42 /* IP_??? */,
"hashlimit\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\370\327\32\26P"..., [30]) = 0
close(3) = 0
socket(PF_INET, SOCK_RAW, IPPROTO_RAW) = 3
getsockopt(3, SOL_IP, 0x42 /* IP_??? */,
"iprange\0t\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\370\327\32\26"..., [30]) = 0
close(3) = 0
socket(PF_INET, SOCK_RAW, IPPROTO_RAW) = 3
getsockopt(3, SOL_IP, 0x42 /* IP_??? */,
"mark\0ge\0t\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\370\327\32\26"..., [30]) = 0
close(3) = 0
socket(PF_INET, SOCK_RAW, IPPROTO_RAW) = 3
getsockopt(3, SOL_IP, 0x43 /* IP_??? */,
"MARK\0ge\0t\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\370\327\32\26"..., [30]) = 0
close(3) = 0
socket(PF_INET, SOCK_RAW, IPPROTO_RAW) = 3
getsockopt(3, SOL_IP, 0x43 /* IP_??? */,
"MARK\0ge\0t\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\370\327\32\26"..., [30]) = 0
close(3) = 0
socket(PF_INET, SOCK_RAW, IPPROTO_RAW) = 3
getsockopt(3, SOL_IP, 0x42 /* IP_??? */,
"multiport\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\370\327\32\26P"..., [30]) = 0
close(3) = 0
socket(PF_INET, SOCK_RAW, IPPROTO_RAW) = 3
getsockopt(3, SOL_IP, 0x43 /* IP_??? */,
"NFQUEUE\0`\35d\0\36\0\0\0\1\0\0\0\0\0\0\0\0,d\0\0\0", [30]) = 0
close(3) = 0
socket(PF_INET, SOCK_RAW, IPPROTO_RAW) = 3
getsockopt(3, SOL_IP, 0x43 /* IP_??? */,
"NFQUEUE\0`\35d\0\36\0\0\0\1\0\0\0\0\0\0\0\0,d\0\0\1", [30]) = 0
close(3) = 0
socket(PF_INET, SOCK_RAW, IPPROTO_RAW) = 3
getsockopt(3, SOL_IP, 0x42 /* IP_??? */,
"owner\0ort\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\10K\331\25P\1"..., [30]) = 0
close(3) = 0
socket(PF_INET, SOCK_RAW, IPPROTO_RAW) = 3
getsockopt(3, SOL_IP, 0x42 /* IP_??? */,
"string\0rt\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\10K\331\25P\1"..., [30]) = 0
close(3) = 0
socket(PF_INET, SOCK_RAW, IPPROTO_RAW) = 3
getsockopt(3, SOL_IP, 0x42 /* IP_??? */,
"tos\0ng\0rt\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\10K\331\25P\1"..., [30]) = 0
close(3) = 0
socket(PF_INET, SOCK_RAW, IPPROTO_RAW) = 3
getsockopt(3, SOL_IP, 0x43 /* IP_??? */,
"TOS\0ng\0rt\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\10K\331\25P\1"..., [30]) = 0
close(3) = 0
socket(PF_INET, SOCK_RAW, IPPROTO_RAW) = 3
getsockopt(3, SOL_IP, 0x42 /* IP_??? */,
"addrtype\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\10K\331\25P\1"..., [30]) = 0
close(3) = 0
open("/etc/nsswitch.conf", O_RDONLY) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=558, ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1,
0) =
0x7f50163bb000
read(3, "# /etc/nsswitch.conf:\n# $Header:"..., 4096) = 558
read(3, "", 4096) = 0
close(3) = 0
munmap(0x7f50163bb000, 4096) = 0
open("/etc/ld.so.cache", O_RDONLY) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=148536, ...}) = 0
mmap(NULL, 148536, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f5016397000
close(3) = 0
open("/lib64/tls/x86_64/libnss_db.so.2", O_RDONLY) = -1 ENOENT (No such
file or directory)
stat("/lib64/tls/x86_64", 0x7fff41606b20) = -1 ENOENT (No such file or
directory)
open("/lib64/tls/libnss_db.so.2", O_RDONLY) = -1 ENOENT (No such file
or
directory)
stat("/lib64/tls", 0x7fff41606b20) = -1 ENOENT (No such file or
directory)
open("/lib64/x86_64/libnss_db.so.2", O_RDONLY) = -1 ENOENT (No such
file
or directory)
stat("/lib64/x86_64", 0x7fff41606b20) = -1 ENOENT (No such file or
directory)
open("/lib64/libnss_db.so.2", O_RDONLY) = -1 ENOENT (No such file or
directory)
stat("/lib64", {st_mode=S_IFDIR|0755, st_size=8192, ...}) = 0
open("/usr/lib64/tls/x86_64/libnss_db.so.2", O_RDONLY) = -1 ENOENT (No
such file or directory)
stat("/usr/lib64/tls/x86_64", 0x7fff41606b20) = -1 ENOENT (No such file
or
directory)
open("/usr/lib64/tls/libnss_db.so.2", O_RDONLY) = -1 ENOENT (No such
file
or directory)
stat("/usr/lib64/tls", 0x7fff41606b20) = -1 ENOENT (No such file or
directory)
open("/usr/lib64/x86_64/libnss_db.so.2", O_RDONLY) = -1 ENOENT (No such
file or directory)
stat("/usr/lib64/x86_64", 0x7fff41606b20) = -1 ENOENT (No such file or
directory)
open("/usr/lib64/libnss_db.so.2", O_RDONLY) = -1 ENOENT (No such file
or
directory)
stat("/usr/lib64", {st_mode=S_IFDIR|0755, st_size=73728, ...}) = 0
munmap(0x7f5016397000, 148536) = 0
open("/etc/ld.so.cache", O_RDONLY) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=148536, ...}) = 0
mmap(NULL, 148536, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f5016397000
close(3) = 0
open("/lib/libnss_files.so.2", O_RDONLY) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0p!\0\0\0"...,
832)
= 832
fstat(3, {st_mode=S_IFREG|0755, st_size=51528, ...}) = 0
mmap(NULL, 2147728, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3,
0)
= 0x7f50153a1000
mprotect(0x7f50153ac000, 2097152, PROT_NONE) = 0
mmap(0x7f50155ac000, 8192, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xb000) = 0x7f50155ac000
close(3) = 0
mprotect(0x7f50155ac000, 4096, PROT_READ) = 0
munmap(0x7f5016397000, 148536) = 0
open("/etc/protocols", O_RDONLY|0x80000) = 3
fcntl(3, F_GETFD) = 0x1 (flags FD_CLOEXEC)
fstat(3, {st_mode=S_IFREG|0644, st_size=5681, ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1,
0) =
0x7f50163bb000
read(3, "# /etc/protocols\n#\n# Internet (I"..., 4096) = 4096
close(3) = 0
munmap(0x7f50163bb000, 4096) = 0
open("/lib64/xtables/libxt_geoip.so", O_RDONLY) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\0\r\0\0"...,
832)
= 832
fstat(3, {st_mode=S_IFREG|0755, st_size=10464, ...}) = 0
mmap(NULL, 2105840, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3,
0)
= 0x7f501519e000
mprotect(0x7f50151a0000, 2093056, PROT_NONE) = 0
mmap(0x7f501539f000, 8192, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1000) = 0x7f501539f000
close(3) = 0
mprotect(0x7f501539f000, 4096, PROT_READ) = 0
open("/usr/share/xt_geoip/LE/ES.iv0", O_RDONLY) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=21128, ...}) = 0
read(3, "\0\205\371\25\377\205\371\25\0\0\6.\377\377\6.\0008\20"...,
21128) = 21128
close(3) = 0
socket(PF_INET, SOCK_RAW, IPPROTO_RAW) = 3
getsockopt(3, SOL_IP, 0x40 /* IP_??? */,
"filter\0\0\351\16^\200\377\377\377\377\1\0\0\0\0\0\0\0"..., [84]) = 0
mmap(NULL, 253952, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1,
0)
= 0x7f5016355000
getsockopt(3, SOL_IP, 0x41 /* IP_??? */,
"filter\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., [251024])
= 0
brk(0x6ee000) = 0x6ee000
brk(0x70f000) = 0x70f000
mmap(NULL, 253952, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1,
0)
= 0x7f5016317000
brk(0x733000) = 0x733000
setsockopt(3, SOL_IP, 0x40 /* IP_??? */,
"filter\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 251488) =
-1
ENOENT (No such file or directory)
brk(0x72c000) = 0x72c000
munmap(0x7f5016317000, 253952) = 0
close(3) = 0
munmap(0x7f5016355000, 253952) = 0
write(2, "iptables: No chain/target/match "..., 46iptables: No
chain/target/match by that name.
) = 46
exit_group(1)
--
Kindest regards
Paul Freeman,
NOC4 Limited
+44(0)1844 318 410 (Direct)
+44(0)1844 318 124 (Fax)
next reply other threads:[~2010-11-29 17:08 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-11-29 17:08 Paul Freeman [this message]
2010-12-02 1:46 ` xtables-addons/geoip Jan Engelhardt
2010-12-09 7:42 ` xtables-addons/geoip Paul Freeman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=2e75b596bbcd5d290630dead789faffd@noc4.net \
--to=netfilter@lists-in.noc4.net \
--cc=netfilter@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.