* [2.6] Nonsense-messages from iptables + co.
@ 2003-11-14 13:20 Matthias Andree
2003-11-14 14:17 ` Patrick McHardy
` (2 more replies)
0 siblings, 3 replies; 8+ messages in thread
From: Matthias Andree @ 2003-11-14 13:20 UTC (permalink / raw)
To: Linux-Kernel mailing list
Who the heck added these unhelpful
"ipt_hook: happy cracking."
messages to iptables/mangling/connection tracking code? There are three
instances.
If the kernel has got something to say, it should be clear what the
kernel means, say, maximum <whatever> rate exceeded or something, not
such junk like this.
This is IMHO a MUST-FIX before 2.6.0.
--
Matthias Andree
Encrypt your mail: my GnuPG key ID is 0x052E7D95
^ permalink raw reply [flat|nested] 8+ messages in thread* Re: [2.6] Nonsense-messages from iptables + co. 2003-11-14 13:20 [2.6] Nonsense-messages from iptables + co Matthias Andree @ 2003-11-14 14:17 ` Patrick McHardy 2003-11-14 15:10 ` Harald Welte 2003-11-14 17:50 ` Tomas Szepe 2 siblings, 0 replies; 8+ messages in thread From: Patrick McHardy @ 2003-11-14 14:17 UTC (permalink / raw) To: Matthias Andree; +Cc: Linux-Kernel mailing list Matthias Andree wrote: >Who the heck added these unhelpful > >"ipt_hook: happy cracking." > >messages to iptables/mangling/connection tracking code? There are three >instances. > >If the kernel has got something to say, it should be clear what the >kernel means, say, maximum <whatever> rate exceeded or something, not >such junk like this. > >This is IMHO a MUST-FIX before 2.6.0. > > The bug that led to that message is already fixed. The message itself might be stupid but is definitely not a must-fix item. Also, instead of changing the message statistics should be added to conntrack etc. to count unusual events instead of printing them to the console. Best regards, Patrick ^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [2.6] Nonsense-messages from iptables + co. 2003-11-14 13:20 [2.6] Nonsense-messages from iptables + co Matthias Andree 2003-11-14 14:17 ` Patrick McHardy @ 2003-11-14 15:10 ` Harald Welte 2003-11-14 17:50 ` Valdis.Kletnieks ` (2 more replies) 2003-11-14 17:50 ` Tomas Szepe 2 siblings, 3 replies; 8+ messages in thread From: Harald Welte @ 2003-11-14 15:10 UTC (permalink / raw) To: Linux-Kernel mailing list; +Cc: Netfilter Development Mailinglist [-- Attachment #1: Type: text/plain, Size: 1668 bytes --] On Fri, Nov 14, 2003 at 02:20:54PM +0100, Matthias Andree wrote: > Who the heck added these unhelpful > > "ipt_hook: happy cracking." > > messages to iptables/mangling/connection tracking code? There are three > instances. I guess it was Rusty. The idea message is a funny way of telling you that you are sending incomplete ip headers. Something that is not likely to occur unless you are trying to send corrupt packets via raw ip sockets... > If the kernel has got something to say, it should be clear what the > kernel means, say, maximum <whatever> rate exceeded or something, not > such junk like this. There are people who do actually have fun developing linux code. And Rusty has a peculiar sense of humor... for further reference see the comments like 'furniture shopping' throughout the netfilter/iptables source code. I sometimes wish I had the same humor like he has. Yes, I know. Stuff like this is not exactly useful in error messages. I'd say it's one of the few remainders of the 2.3.x early development time. Like the "Rusty's brain broke" messages that have recently been removed/replaced. btw: *nix has a long history of funny error messages, like 'printer on fire' or others. > This is IMHO a MUST-FIX before 2.6.0. It is even in 2.4.x, where it could have been fixed throughout the last couple of years. Nobody else has yet complained. > Matthias Andree -- - Harald Welte <laforge@gnumonks.org> http://www.gnumonks.org/ ============================================================================ Programming is like sex: One mistake and you have to support it your lifetime [-- Attachment #2: Type: application/pgp-signature, Size: 189 bytes --] ^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [2.6] Nonsense-messages from iptables + co. 2003-11-14 15:10 ` Harald Welte @ 2003-11-14 17:50 ` Valdis.Kletnieks 2003-11-14 19:08 ` Maciej Soltysiak 2003-11-14 20:01 ` Matthias Andree 2 siblings, 0 replies; 8+ messages in thread From: Valdis.Kletnieks @ 2003-11-14 17:50 UTC (permalink / raw) To: Harald Welte; +Cc: Linux-Kernel mailing list, Netfilter Development Mailinglist [-- Attachment #1: Type: text/plain, Size: 1015 bytes --] On Fri, 14 Nov 2003 16:10:04 +0100, Harald Welte said: > > "ipt_hook: happy cracking." > > I guess it was Rusty. The idea message is a funny way of telling you > that you are sending incomplete ip headers. Something that is not > likely to occur unless you are trying to send corrupt packets via raw ip > sockets... Actually, once I found the message, and saw the context, it was actually clear and self-explanatory. It was actually the ipfilter code's fault that it got generated in any context other than "trying to send an intentionall busticated packet"... > There are people who do actually have fun developing linux code. And > Rusty has a peculiar sense of humor... for further reference see the > comments like 'furniture shopping' throughout the netfilter/iptables > source code. I sometimes wish I had the same humor like he has. find arch/sparc* -name '*.[ch]'| xargs grep -i penguin and then read through the files that finds (trap.c is particularly fun). Somebody was having fun porting. ;) [-- Attachment #2: Type: application/pgp-signature, Size: 226 bytes --] ^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [2.6] Nonsense-messages from iptables + co. 2003-11-14 15:10 ` Harald Welte 2003-11-14 17:50 ` Valdis.Kletnieks @ 2003-11-14 19:08 ` Maciej Soltysiak 2003-11-14 20:01 ` Matthias Andree 2 siblings, 0 replies; 8+ messages in thread From: Maciej Soltysiak @ 2003-11-14 19:08 UTC (permalink / raw) To: Harald Welte; +Cc: Linux-Kernel mailing list, Netfilter Development Mailinglist > > This is IMHO a MUST-FIX before 2.6.0. > > It is even in 2.4.x, where it could have been fixed throughout the last > couple of years. Nobody else has yet complained. Well, I have noticed an increased amount of these 2 weeks ago, and I belive it was Patrick McHardy, who found a bug that could cause these to show, when no root process was creating any invalid packets. AFAIK, it has been fixed in 2.6.0-test9-bk16 or around that. The message stays though :-) Maciej. ^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [2.6] Nonsense-messages from iptables + co. 2003-11-14 15:10 ` Harald Welte 2003-11-14 17:50 ` Valdis.Kletnieks 2003-11-14 19:08 ` Maciej Soltysiak @ 2003-11-14 20:01 ` Matthias Andree 2003-11-14 20:37 ` Harald Welte 2 siblings, 1 reply; 8+ messages in thread From: Matthias Andree @ 2003-11-14 20:01 UTC (permalink / raw) To: Linux-Kernel mailing list; +Cc: Harald Welte, Netfilter Development Mailinglist On Fri, 14 Nov 2003, Harald Welte wrote: > On Fri, Nov 14, 2003 at 02:20:54PM +0100, Matthias Andree wrote: > > Who the heck added these unhelpful > > > > "ipt_hook: happy cracking." > > > > messages to iptables/mangling/connection tracking code? There are three > > instances. > > I guess it was Rusty. The idea message is a funny way of telling you > that you are sending incomplete ip headers. Am I? what's with the *_limit() function called before the printk? > Something that is not > likely to occur unless you are trying to send corrupt packets via raw ip > sockets... Not at the times when these occurred. > > If the kernel has got something to say, it should be clear what the > > kernel means, say, maximum <whatever> rate exceeded or something, not > > such junk like this. > > There are people who do actually have fun developing linux code. And > Rusty has a peculiar sense of humor... for further reference see the > comments like 'furniture shopping' throughout the netfilter/iptables > source code. I sometimes wish I had the same humor like he has. > > Yes, I know. Stuff like this is not exactly useful in error messages. > I'd say it's one of the few remainders of the 2.3.x early development > time. Like the "Rusty's brain broke" messages that have recently been > removed/replaced. > > btw: *nix has a long history of funny error messages, like 'printer on > fire' or others. I don't mind having fun developing or placing funny error messages, and I hadn't taken that as "serious problem" message but rather as "someone in the wild tries to cheat on us" but how do I know? I'm a bit more cautious with network related stuff, particular with packet filtering and things like that. I'd suggest that the fun be put in the comments, or that funny error messages are accompanied by a plain text explanation in parentheses, or there is at least a "dictionary" of error messages in the comments of the *.c files that a geek could find... ^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [2.6] Nonsense-messages from iptables + co. 2003-11-14 20:01 ` Matthias Andree @ 2003-11-14 20:37 ` Harald Welte 0 siblings, 0 replies; 8+ messages in thread From: Harald Welte @ 2003-11-14 20:37 UTC (permalink / raw) To: Linux-Kernel mailing list, Netfilter Development Mailinglist [-- Attachment #1: Type: text/plain, Size: 1068 bytes --] On Fri, Nov 14, 2003 at 09:01:19PM +0100, Matthias Andree wrote: > > I guess it was Rusty. The idea message is a funny way of telling you > > that you are sending incomplete ip headers. > > Am I? what's with the *_limit() function called before the printk? it's a generic network rate limiting function. It prevents the same message from being logged and logged again (and thus flooding your syslog). > > Something that is not likely to occur unless you are trying to send > > corrupt packets via raw ip sockets... > > Not at the times when these occurred. there seemed to be a bug that I was unaware of, and according to other mails in this thread it has been fixed. -- - Harald Welte <laforge@netfilter.org> http://www.netfilter.org/ ============================================================================ "Fragmentation is like classful addressing -- an interesting early architectural error that shows how much experimentation was going on while IP was being designed." -- Paul Vixie [-- Attachment #2: Type: application/pgp-signature, Size: 189 bytes --] ^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [2.6] Nonsense-messages from iptables + co. 2003-11-14 13:20 [2.6] Nonsense-messages from iptables + co Matthias Andree 2003-11-14 14:17 ` Patrick McHardy 2003-11-14 15:10 ` Harald Welte @ 2003-11-14 17:50 ` Tomas Szepe 2 siblings, 0 replies; 8+ messages in thread From: Tomas Szepe @ 2003-11-14 17:50 UTC (permalink / raw) To: Linux-Kernel mailing list On Nov-14 2003, Fri, 14:20 +0100 Matthias Andree <matthias.andree@gmx.de> wrote: > Who the heck added these unhelpful > > "ipt_hook: happy cracking." > > If the kernel has got something to say, it should be clear what the > kernel means, say, maximum <whatever> rate exceeded or something, not > such junk like this. fprintf(stderr, "user lacks sense of humor, killing thread.\n"); ^ permalink raw reply [flat|nested] 8+ messages in thread
end of thread, other threads:[~2003-11-14 20:42 UTC | newest] Thread overview: 8+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2003-11-14 13:20 [2.6] Nonsense-messages from iptables + co Matthias Andree 2003-11-14 14:17 ` Patrick McHardy 2003-11-14 15:10 ` Harald Welte 2003-11-14 17:50 ` Valdis.Kletnieks 2003-11-14 19:08 ` Maciej Soltysiak 2003-11-14 20:01 ` Matthias Andree 2003-11-14 20:37 ` Harald Welte 2003-11-14 17:50 ` Tomas Szepe
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox