Problems with Kernel 2.6.22.1 - "Thomas B. Preußer"

All of lore.kernel.org
 help / color / mirror / Atom feed

From: "\"Thomas B. Preußer\"" <tp14@inf.tu-dresden.de>
To: netfilter@lists.netfilter.org
Subject: Problems with Kernel 2.6.22.1
Date: Wed, 25 Jul 2007 09:34:26 +0200	[thread overview]
Message-ID: <46A6FD02.6050805@inf.tu-dresden.de> (raw)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hello,

having updated my kernel from 2.6.19.2 to 2.6.22.1 both taken as vanilla
source from kernel.org, I now receive errors when trying to insert rules
using the state or conntrack modules. I expect other extensions to fail
as well. The produced error messages suggest some incompatibility
between the kernel and the userspace iptables:

# iptables -v -A FORWARD -j ACCEPT -m state --state RELATED,ESTABLISHED
ACCEPT  all opt -- in * out *  0.0.0.0/0  -> 0.0.0.0/0  state
RELATED,ESTABLISHED
iptables: Invalid argument

# iptables -v -A FORWARD -j ACCEPT -m conntrack --ctstate
RELATED,ESTABLISHED
ACCEPT  all opt -- in * out *  0.0.0.0/0  -> 0.0.0.0/0  ctstate
RELATED,ESTABLISHED
iptables: Invalid argument

This problem occurs with both the iptables v1.3.6 coming with Debian and
a self-compiled iptables v1.3.8 from the netfilter.org download page.

Is any such issue known? May there be any non-automatic dependencies in
the kernel configuration going beyond:

CONFIG_NETFILTER_NETLINK=y
CONFIG_NF_CONNTRACK_ENABLED=y
CONFIG_NF_CONNTRACK=y
CONFIG_NETFILTER_XT_MATCH_CONNTRACK=y
CONFIG_NETFILTER_XT_MATCH_STATE=y

Thanks,
Thomas
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFGpvz/0Kh0pbgr4w8RAnf+AJwJBl7c1IggMMi0SotiqOpJg5c62QCfThRM
M6sXBxEVroOKyQPUAvxx1VM=
=0lyq
-----END PGP SIGNATURE-----

next             reply	other threads:[~2007-07-25  7:34 UTC|newest]

Thread overview: 2+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2007-07-25  7:34 "Thomas B. Preußer" [this message]
2007-07-25 15:35 ` Problems with Kernel 2.6.22.1 Patrick McHardy

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=46A6FD02.6050805@inf.tu-dresden.de \
    --to=tp14@inf.tu-dresden.de \
    --cc=netfilter@lists.netfilter.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.