From mboxrd@z Thu Jan 1 00:00:00 1970 From: Paul Freeman Subject: xtables-addons/geoip Date: Mon, 29 Nov 2010 17:08:52 +0000 Message-ID: <2e75b596bbcd5d290630dead789faffd@noc4.net> Mime-Version: 1.0 Content-Transfer-Encoding: 7bit Return-path: Sender: netfilter-owner@vger.kernel.org List-ID: Content-Type: text/plain; charset="us-ascii"; format="flowed" To: netfilter@vger.kernel.org Hi we seem to be having the following issue with the geoip match from xtables_addons any input appreciated. testing rule... ~ # iptables -A INPUT -p udp --dport 53 -m geoip --src-cc ES -j LOG --log-prefix 'ES DNS: ' iptables: No chain/target/match by that name. ~ # uname -r 2.6.34-xen-r4 ~ # iptables -V iptables v1.4.8 loaded modules: ~ # lsmod | sort af_key 27908 0 ah4 5056 0 authenc 6410 4 button 4570 0 cast5 14733 0 cls_u32 6427 1 deflate 1879 0 ebtable_nat 1545 0 ebtables 23279 1 ebtable_nat ecb 1873 0 esp4 4901 4 hwmon 1449 1 thermal_sys i2c_i801 8022 0 ip6table_filter 1115 0 ip6_tables 17726 1 ip6table_filter ipcomp 1860 0 ip_gre 13377 0 iptable_filter 1176 1 iptable_mangle 1304 1 iptable_nat 3822 1 iptable_raw 1039 0 ip_tables 16502 4 iptable_mangle,iptable_nat,iptable_raw,iptable_filter ipt_addrtype 1849 0 ipt_LOG 5067 9 ipt_REJECT 2177 19 ipv6 280711 73 xfrm6_mode_tunnel,sit iscsi_trgt 75966 4 Module Size Used by nf_conntrack 52639 7 iptable_nat,nf_nat,nf_conntrack_ipv4,xt_state,xt_conntrack,xt_CONNMARK,xt_connmark nf_conntrack_ipv4 10555 5 iptable_nat,nf_nat nf_defrag_ipv4 1107 1 nf_conntrack_ipv4 nf_nat 14991 1 iptable_nat nfsd 285062 11 processor 21219 0 rtc_cmos 9118 0 rtc_core 12965 1 rtc_cmos rtc_lib 1698 1 rtc_core sch_htb 13997 1 sch_sfq 5359 3 sg 17944 0 sha1_generic 1999 4 sit 8853 0 thermal 11807 0 thermal_sys 13414 2 thermal,processor tunnel4 2101 2 sit,xfrm4_tunnel xfrm4_mode_tunnel 1696 8 xfrm4_tunnel 1657 0 xfrm6_mode_tunnel 1600 4 xfrm_ipcomp 3623 1 ipcomp xfrm_user 22465 2 x_tables 14390 27 xt_geoip,ip6table_filter,ip6_tables,ebtables,iptable_mangle,iptable_nat,iptable_raw,ipt_REJECT,ipt_LOG,xt_state,xt_tcpudp,iptable_filter,ipt_addrtype,xt_DSCP,xt_dscp,xt_string,xt_owner,xt_NFQUEUE,xt_multiport,xt_MARK,xt_mark,xt_iprange,xt_hashlimit,xt_conntrack,xt_CONNMARK,xt_connmark,ip_tables xt_connmark 1107 0 xt_CONNMARK 1267 0 xt_conntrack 2535 0 xt_dscp 1627 0 xt_DSCP 2043 0 xt_geoip 2248 0 xt_hashlimit 9163 0 xt_iprange 1440 0 xt_mark 853 0 xt_MARK 853 0 xt_multiport 2427 0 xt_NFQUEUE 2037 0 xt_owner 1047 0 xt_state 1255 2 xt_string 1323 0 xt_tcpudp 2399 74 zlib_deflate 19852 1 deflate strace of the above: strace iptables -A INPUT -p udp --dport 53 -m geoip --src-cc ES -j LOG --log-prefix 'ES DNS: ' execve("/sbin/iptables", ["iptables", "-A", "INPUT", "-p", "udp", "--dport", "53", "-m", "geoip", "--src-cc", "ES", "-j", "LOG", "--log-prefix", "ES DNS: "], [/* 33 vars */]) = 0 brk(0) = 0x6ac000 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f50163bc000 access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory) open("/etc/ld.so.cache", O_RDONLY) = 3 fstat(3, {st_mode=S_IFREG|0644, st_size=148536, ...}) = 0 mmap(NULL, 148536, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f5016397000 close(3) = 0 open("/usr/lib/libip4tc.so.0", O_RDONLY) = 3 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0000\31\0"..., 832) = 832 fstat(3, {st_mode=S_IFREG|0755, st_size=26632, ...}) = 0 mmap(NULL, 2121944, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f5015f99000 mprotect(0x7f5015f9f000, 2093056, PROT_NONE) = 0 mmap(0x7f501619e000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x5000) = 0x7f501619e000 close(3) = 0 open("/usr/lib/libxtables.so.4", O_RDONLY) = 3 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\240*\0\0"..., 832) = 832 fstat(3, {st_mode=S_IFREG|0755, st_size=31168, ...}) = 0 mmap(NULL, 2127872, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f5015d91000 mprotect(0x7f5015d98000, 2093056, PROT_NONE) = 0 mmap(0x7f5015f97000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x6000) = 0x7f5015f97000 close(3) = 0 open("/lib/libm.so.6", O_RDONLY) = 3 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\200>\0\0"..., 832) = 832 fstat(3, {st_mode=S_IFREG|0755, st_size=534648, ...}) = 0 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5016396000 mmap(NULL, 2629848, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f5015b0e000 mprotect(0x7f5015b8f000, 2097152, PROT_NONE) = 0 mmap(0x7f5015d8f000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x81000) = 0x7f5015d8f000 close(3) = 0 open("/lib/libc.so.6", O_RDONLY) = 3 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\300\354"..., 832) = 832 fstat(3, {st_mode=S_IFREG|0755, st_size=1412272, ...}) = 0 mmap(NULL, 3520552, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f50157b2000 mprotect(0x7f5015905000, 2093056, PROT_NONE) = 0 mmap(0x7f5015b04000, 20480, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x152000) = 0x7f5015b04000 mmap(0x7f5015b09000, 18472, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f5015b09000 close(3) = 0 open("/lib/libdl.so.2", O_RDONLY) = 3 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\360\r\0"..., 832) = 832 fstat(3, {st_mode=S_IFREG|0755, st_size=14512, ...}) = 0 mmap(NULL, 2109696, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f50155ae000 mprotect(0x7f50155b0000, 2097152, PROT_NONE) = 0 mmap(0x7f50157b0000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2000) = 0x7f50157b0000 close(3) = 0 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5016395000 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5016394000 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5016393000 arch_prctl(ARCH_SET_FS, 0x7f5016394700) = 0 mprotect(0x7f50157b0000, 4096, PROT_READ) = 0 mprotect(0x7f5015b04000, 16384, PROT_READ) = 0 mprotect(0x7f5015d8f000, 4096, PROT_READ) = 0 mprotect(0x7f5015f97000, 4096, PROT_READ) = 0 mprotect(0x7f501619e000, 4096, PROT_READ) = 0 mprotect(0x640000, 4096, PROT_READ) = 0 mprotect(0x7f50163bd000, 4096, PROT_READ) = 0 munmap(0x7f5016397000, 148536) = 0 socket(PF_INET, SOCK_RAW, IPPROTO_RAW) = 3 open("/proc/sys/kernel/modprobe", O_RDONLY) = 4 brk(0) = 0x6ac000 brk(0x6cd000) = 0x6cd000 read(4, "/sbin/modprobe\n", 1024) = 15 close(4) = 0 vfork() = 9715 wait4(-1, [{WIFEXITED(s) && WEXITSTATUS(s) == 0}], 0, NULL) = 9715 --- SIGCHLD (Child exited) @ 0 (0) --- getsockopt(3, SOL_IP, 0x42 /* IP_??? */, "connmark\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\370\327\32\26"..., [30]) = 0 close(3) = 0 socket(PF_INET, SOCK_RAW, IPPROTO_RAW) = 3 getsockopt(3, SOL_IP, 0x43 /* IP_??? */, "CONNMARK\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\370\327\32\26"..., [30]) = 0 close(3) = 0 socket(PF_INET, SOCK_RAW, IPPROTO_RAW) = 3 getsockopt(3, SOL_IP, 0x42 /* IP_??? */, "conntrack\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\370\327\32\26P"..., [30]) = 0 close(3) = 0 socket(PF_INET, SOCK_RAW, IPPROTO_RAW) = 3 getsockopt(3, SOL_IP, 0x42 /* IP_??? */, "conntrack\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\370\327\32\26P"..., [30]) = 0 close(3) = 0 socket(PF_INET, SOCK_RAW, IPPROTO_RAW) = 3 getsockopt(3, SOL_IP, 0x42 /* IP_??? */, "hashlimit\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\370\327\32\26P"..., [30]) = 0 close(3) = 0 socket(PF_INET, SOCK_RAW, IPPROTO_RAW) = 3 getsockopt(3, SOL_IP, 0x42 /* IP_??? */, "iprange\0t\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\370\327\32\26"..., [30]) = 0 close(3) = 0 socket(PF_INET, SOCK_RAW, IPPROTO_RAW) = 3 getsockopt(3, SOL_IP, 0x42 /* IP_??? */, "mark\0ge\0t\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\370\327\32\26"..., [30]) = 0 close(3) = 0 socket(PF_INET, SOCK_RAW, IPPROTO_RAW) = 3 getsockopt(3, SOL_IP, 0x43 /* IP_??? */, "MARK\0ge\0t\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\370\327\32\26"..., [30]) = 0 close(3) = 0 socket(PF_INET, SOCK_RAW, IPPROTO_RAW) = 3 getsockopt(3, SOL_IP, 0x43 /* IP_??? */, "MARK\0ge\0t\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\370\327\32\26"..., [30]) = 0 close(3) = 0 socket(PF_INET, SOCK_RAW, IPPROTO_RAW) = 3 getsockopt(3, SOL_IP, 0x42 /* IP_??? */, "multiport\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\370\327\32\26P"..., [30]) = 0 close(3) = 0 socket(PF_INET, SOCK_RAW, IPPROTO_RAW) = 3 getsockopt(3, SOL_IP, 0x43 /* IP_??? */, "NFQUEUE\0`\35d\0\36\0\0\0\1\0\0\0\0\0\0\0\0,d\0\0\0", [30]) = 0 close(3) = 0 socket(PF_INET, SOCK_RAW, IPPROTO_RAW) = 3 getsockopt(3, SOL_IP, 0x43 /* IP_??? */, "NFQUEUE\0`\35d\0\36\0\0\0\1\0\0\0\0\0\0\0\0,d\0\0\1", [30]) = 0 close(3) = 0 socket(PF_INET, SOCK_RAW, IPPROTO_RAW) = 3 getsockopt(3, SOL_IP, 0x42 /* IP_??? */, "owner\0ort\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\10K\331\25P\1"..., [30]) = 0 close(3) = 0 socket(PF_INET, SOCK_RAW, IPPROTO_RAW) = 3 getsockopt(3, SOL_IP, 0x42 /* IP_??? */, "string\0rt\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\10K\331\25P\1"..., [30]) = 0 close(3) = 0 socket(PF_INET, SOCK_RAW, IPPROTO_RAW) = 3 getsockopt(3, SOL_IP, 0x42 /* IP_??? */, "tos\0ng\0rt\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\10K\331\25P\1"..., [30]) = 0 close(3) = 0 socket(PF_INET, SOCK_RAW, IPPROTO_RAW) = 3 getsockopt(3, SOL_IP, 0x43 /* IP_??? */, "TOS\0ng\0rt\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\10K\331\25P\1"..., [30]) = 0 close(3) = 0 socket(PF_INET, SOCK_RAW, IPPROTO_RAW) = 3 getsockopt(3, SOL_IP, 0x42 /* IP_??? */, "addrtype\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\10K\331\25P\1"..., [30]) = 0 close(3) = 0 open("/etc/nsswitch.conf", O_RDONLY) = 3 fstat(3, {st_mode=S_IFREG|0644, st_size=558, ...}) = 0 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f50163bb000 read(3, "# /etc/nsswitch.conf:\n# $Header:"..., 4096) = 558 read(3, "", 4096) = 0 close(3) = 0 munmap(0x7f50163bb000, 4096) = 0 open("/etc/ld.so.cache", O_RDONLY) = 3 fstat(3, {st_mode=S_IFREG|0644, st_size=148536, ...}) = 0 mmap(NULL, 148536, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f5016397000 close(3) = 0 open("/lib64/tls/x86_64/libnss_db.so.2", O_RDONLY) = -1 ENOENT (No such file or directory) stat("/lib64/tls/x86_64", 0x7fff41606b20) = -1 ENOENT (No such file or directory) open("/lib64/tls/libnss_db.so.2", O_RDONLY) = -1 ENOENT (No such file or directory) stat("/lib64/tls", 0x7fff41606b20) = -1 ENOENT (No such file or directory) open("/lib64/x86_64/libnss_db.so.2", O_RDONLY) = -1 ENOENT (No such file or directory) stat("/lib64/x86_64", 0x7fff41606b20) = -1 ENOENT (No such file or directory) open("/lib64/libnss_db.so.2", O_RDONLY) = -1 ENOENT (No such file or directory) stat("/lib64", {st_mode=S_IFDIR|0755, st_size=8192, ...}) = 0 open("/usr/lib64/tls/x86_64/libnss_db.so.2", O_RDONLY) = -1 ENOENT (No such file or directory) stat("/usr/lib64/tls/x86_64", 0x7fff41606b20) = -1 ENOENT (No such file or directory) open("/usr/lib64/tls/libnss_db.so.2", O_RDONLY) = -1 ENOENT (No such file or directory) stat("/usr/lib64/tls", 0x7fff41606b20) = -1 ENOENT (No such file or directory) open("/usr/lib64/x86_64/libnss_db.so.2", O_RDONLY) = -1 ENOENT (No such file or directory) stat("/usr/lib64/x86_64", 0x7fff41606b20) = -1 ENOENT (No such file or directory) open("/usr/lib64/libnss_db.so.2", O_RDONLY) = -1 ENOENT (No such file or directory) stat("/usr/lib64", {st_mode=S_IFDIR|0755, st_size=73728, ...}) = 0 munmap(0x7f5016397000, 148536) = 0 open("/etc/ld.so.cache", O_RDONLY) = 3 fstat(3, {st_mode=S_IFREG|0644, st_size=148536, ...}) = 0 mmap(NULL, 148536, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f5016397000 close(3) = 0 open("/lib/libnss_files.so.2", O_RDONLY) = 3 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0p!\0\0\0"..., 832) = 832 fstat(3, {st_mode=S_IFREG|0755, st_size=51528, ...}) = 0 mmap(NULL, 2147728, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f50153a1000 mprotect(0x7f50153ac000, 2097152, PROT_NONE) = 0 mmap(0x7f50155ac000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xb000) = 0x7f50155ac000 close(3) = 0 mprotect(0x7f50155ac000, 4096, PROT_READ) = 0 munmap(0x7f5016397000, 148536) = 0 open("/etc/protocols", O_RDONLY|0x80000) = 3 fcntl(3, F_GETFD) = 0x1 (flags FD_CLOEXEC) fstat(3, {st_mode=S_IFREG|0644, st_size=5681, ...}) = 0 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f50163bb000 read(3, "# /etc/protocols\n#\n# Internet (I"..., 4096) = 4096 close(3) = 0 munmap(0x7f50163bb000, 4096) = 0 open("/lib64/xtables/libxt_geoip.so", O_RDONLY) = 3 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\0\r\0\0"..., 832) = 832 fstat(3, {st_mode=S_IFREG|0755, st_size=10464, ...}) = 0 mmap(NULL, 2105840, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f501519e000 mprotect(0x7f50151a0000, 2093056, PROT_NONE) = 0 mmap(0x7f501539f000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1000) = 0x7f501539f000 close(3) = 0 mprotect(0x7f501539f000, 4096, PROT_READ) = 0 open("/usr/share/xt_geoip/LE/ES.iv0", O_RDONLY) = 3 fstat(3, {st_mode=S_IFREG|0644, st_size=21128, ...}) = 0 read(3, "\0\205\371\25\377\205\371\25\0\0\6.\377\377\6.\0008\20"..., 21128) = 21128 close(3) = 0 socket(PF_INET, SOCK_RAW, IPPROTO_RAW) = 3 getsockopt(3, SOL_IP, 0x40 /* IP_??? */, "filter\0\0\351\16^\200\377\377\377\377\1\0\0\0\0\0\0\0"..., [84]) = 0 mmap(NULL, 253952, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5016355000 getsockopt(3, SOL_IP, 0x41 /* IP_??? */, "filter\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., [251024]) = 0 brk(0x6ee000) = 0x6ee000 brk(0x70f000) = 0x70f000 mmap(NULL, 253952, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5016317000 brk(0x733000) = 0x733000 setsockopt(3, SOL_IP, 0x40 /* IP_??? */, "filter\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 251488) = -1 ENOENT (No such file or directory) brk(0x72c000) = 0x72c000 munmap(0x7f5016317000, 253952) = 0 close(3) = 0 munmap(0x7f5016355000, 253952) = 0 write(2, "iptables: No chain/target/match "..., 46iptables: No chain/target/match by that name. ) = 46 exit_group(1) -- Kindest regards Paul Freeman, NOC4 Limited +44(0)1844 318 410 (Direct) +44(0)1844 318 124 (Fax)