All of lore.kernel.org
 help / color / mirror / Atom feed
* iptables: "getsockopt failed strangely"
@ 2007-06-25 15:53 Joseph Jezak
  2007-06-26  9:27 ` Patrick McHardy
  0 siblings, 1 reply; 2+ messages in thread
From: Joseph Jezak @ 2007-06-25 15:53 UTC (permalink / raw)
  To: netfilter-devel

[-- Attachment #1: Type: text/plain, Size: 561 bytes --]

Hi,

On PowerPC, with a binary compiled statically, we're seeing the 
error message in the topic when simply running the iptables binary.
For more information, the Gentoo bug is available here: 
http://bugs.gentoo.org/show_bug.cgi?id=136813

Basically, the issue arises from a missing check for the result from 
the module request located in 
/usr/src/linux/net/ipv4/netfilter/iptables.c

A patch to add a check for -ENOENT and printing out the missing 
module name then return -EPROTONOSUPPORT instead of -ENOENT is 
attached and "fixes" the bug for me.

-Joe

[-- Attachment #2: ip_tables.patch --]
[-- Type: text/plain, Size: 350 bytes --]

--- ip_tables.c	2007-04-06 14:39:08.000000000 -0400
+++ /home/jjezak/ip_tables.c	2007-04-28 02:22:57.000000000 -0400
@@ -2004,6 +2004,11 @@
 							 rev.revision,
 							 target, &ret),
 					"ipt_%s", rev.name);
+		if (ret == -ENOENT) {
+			printk("iptables: Unable to load ipt_%s\n", rev.name);
+			return -EPROTONOSUPPORT;
+		}
+
 		break;
 	}
 

^ permalink raw reply	[flat|nested] 2+ messages in thread
* Re: iptables: "getsockopt failed strangely"
  2007-06-25 15:53 iptables: "getsockopt failed strangely" Joseph Jezak
@ 2007-06-26  9:27 ` Patrick McHardy
  0 siblings, 0 replies; 2+ messages in thread
From: Patrick McHardy @ 2007-06-26  9:27 UTC (permalink / raw)
  To: Joseph Jezak; +Cc: netfilter-devel

Joseph Jezak wrote:
> Hi,
> 
> On PowerPC, with a binary compiled statically, we're seeing the error
> message in the topic when simply running the iptables binary.
> For more information, the Gentoo bug is available here:
> http://bugs.gentoo.org/show_bug.cgi?id=136813
> 
> Basically, the issue arises from a missing check for the result from the
> module request located in /usr/src/linux/net/ipv4/netfilter/iptables.c
> 
> A patch to add a check for -ENOENT and printing out the missing module
> name then return -EPROTONOSUPPORT instead of -ENOENT is attached and
> "fixes" the bug for me.


Not sure if I understood the report correctly. It states iptables
would return -EPROTONOSUPPORT when requesting the version of a
non-loaded module. Thats not correct since the module will be
loaded previously by do_ipt_get_ctl.

Its possible though that you use an old iptables version, we've
had a bug that corrupted errno with some crap before printing
the error.

^ permalink raw reply	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2007-06-26  9:27 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2007-06-25 15:53 iptables: "getsockopt failed strangely" Joseph Jezak
2007-06-26  9:27 ` Patrick McHardy

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.