* trying to test libnetfilter_queue on openwrt kamikaze_RC2 - failing with "connection refused"
@ 2009-02-01 4:47 Pete Whiting
2009-02-01 11:29 ` Eric Leblond
0 siblings, 1 reply; 3+ messages in thread
From: Pete Whiting @ 2009-02-01 4:47 UTC (permalink / raw)
To: netfilter-devel
I am trying to build/test libnetfilter_queue for a user-space app
running on openwrt. Compile failed in the utils subdirectory until I
modified Makefile.in to include libnfnetlink.so:
--- original-libnetfilter_queue-0.0.16/utils/Makefile.in 2008-06-27
04:07:44.000000000 -0600
+++ libnetfilter_queue-0.0.16/utils/Makefile.in 2009-01-31
18:29:03.000000000 -0700
@@ -48,7 +48,7 @@ nfqnl_test_OBJECTS = $(am_nfqnl_test_OBJ
nfqnl_test_DEPENDENCIES = ../src/libnetfilter_queue.la
nfqnl_test_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \
$(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
- $(nfqnl_test_LDFLAGS) $(LDFLAGS) -o $@
+ $(nfqnl_test_LDFLAGS) $(LDFLAGS) -o $@ libnfnetlink.so
DEFAULT_INCLUDES = -I.@am__isrc@
depcomp = $(SHELL) $(top_srcdir)/depcomp
am__depfiles_maybe = depfiles
I'm sure there is a better way to do this.
Once built and installed I tried running nfqnl_test as root:
root@Kamikaze_RC2:~# ./nfqnl_test
opening library handle
unbinding existing nf_queue handler for AF_INET (if any)
nfnl_talk: sendmsg(netlink) Connection refused
error during nfq_unbind_pf()
I verified that xt_NFQUEUE is installed:
root@Kamikaze_RC2:~# lsmod | grep QUEUE
xt_NFQUEUE 672 0
x_tables 8976 16
xt_NFQUEUE,ipt_ULOG,xt_string,xt_layer7,ipt_ipp2p,ipt_MASQUERADE,iptable_nat,xt_state,ipt_REJECT,xt_TCPMSS,ipt_LOG,xt_multiport,xt_mac,xt_limit,ip_tables,xt_tcpudp
strace shows the following:
socket(PF_NETLINK, SOCK_RAW, 12) = 3
getsockname(3, {sa_family=AF_NETLINK, pid=0, groups=00000000}, [12]) = 0
time(NULL) = 1232458046
bind(3, {sa_family=AF_NETLINK, pid=0, groups=00000000}, 12) = 0
getsockname(3, {sa_family=AF_NETLINK, pid=1065, groups=00000000}, [12]) = 0
bind(3, {sa_family=AF_NETLINK, pid=1065, groups=00000000}, 12) = 0
write(1, "unbinding existing nf_queue hand"..., 57) = 57
sendmsg(3, {msg_name(12)={sa_family=AF_NETLINK, pid=0,
groups=00000000},
msg_iov(1)=[{"\34\0\0\0\2\3\5\0@\321uI\0\0\0\0\0\0\0\0\10\0\1\0\4\10\0\2",
28}], msg_controllen=0, msg_flags=0}, 0) = -1 ECONNREFUSED (Connection
refused)
write(2, "nfnl_talk", 9nfnl_talk) = 9
write(2, ": sendmsg(netlink) ", 19: sendmsg(netlink) ) = 19
write(2, "Connection refused", 18Connection refused) = 18
write(2, "\n", 1
) = 1
kernel version is 2.6.25.17
thanks for any suggestions.
pete
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: trying to test libnetfilter_queue on openwrt kamikaze_RC2 - failing with "connection refused"
2009-02-01 4:47 trying to test libnetfilter_queue on openwrt kamikaze_RC2 - failing with "connection refused" Pete Whiting
@ 2009-02-01 11:29 ` Eric Leblond
2009-02-01 12:38 ` Pete Whiting
0 siblings, 1 reply; 3+ messages in thread
From: Eric Leblond @ 2009-02-01 11:29 UTC (permalink / raw)
To: Pete Whiting; +Cc: netfilter-devel
[-- Attachment #1: Type: text/plain, Size: 1276 bytes --]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi,
Pete Whiting a écrit :
> I am trying to build/test libnetfilter_queue for a user-space app
> running on openwrt. Compile failed in the utils subdirectory until I
> modified Makefile.in to include libnfnetlink.so:
>
>
> I verified that xt_NFQUEUE is installed:
> root@Kamikaze_RC2:~# lsmod | grep QUEUE
> xt_NFQUEUE 672 0
> x_tables 8976 16
> xt_NFQUEUE,ipt_ULOG,xt_string,xt_layer7,ipt_ipp2p,ipt_MASQUERADE,iptable_nat,xt_state,ipt_REJECT,xt_TCPMSS,ipt_LOG,xt_multiport,xt_mac,xt_limit,ip_tables,xt_tcpudp
It seems the nfnetlink_queue module is missing. It should not be on that
list because of your grep but it could be a good explanation (your
strace seems to confirm this).
If this is not the case, please apply the joined patch and let us know.
By the way, please tell us your kernel version. It seems this problem is
specific to some version.
BR,
- --
Eric Leblond <eric@inl.fr>
INL: http://www.inl.fr/
NuFW: http://www.nufw.org/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFJhYecnxA7CdMWjzIRAqX7AJsEM3sXmWRZG64PrQQog+FYuxnQQQCfVsfC
IQeVwqHXrG1GSnxkEli3o+s=
=Pk8w
-----END PGP SIGNATURE-----
[-- Attachment #2: dont_exit_at_unbind.patch --]
[-- Type: text/x-patch, Size: 508 bytes --]
diff --git a/utils/nfqnl_test.c b/utils/nfqnl_test.c
index 7cf27f0..b4ace5b 100644
--- a/utils/nfqnl_test.c
+++ b/utils/nfqnl_test.c
@@ -72,8 +72,7 @@ int main(int argc, char **argv)
printf("unbinding existing nf_queue handler for AF_INET (if any)\n");
if (nfq_unbind_pf(h, AF_INET) < 0) {
- fprintf(stderr, "error during nfq_unbind_pf()\n");
- exit(1);
+ fprintf(stderr, "error during nfq_unbind_pf() but continuing\n");
}
printf("binding nfnetlink_queue as nf_queue handler for AF_INET\n");
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: trying to test libnetfilter_queue on openwrt kamikaze_RC2 - failing with "connection refused"
2009-02-01 11:29 ` Eric Leblond
@ 2009-02-01 12:38 ` Pete Whiting
0 siblings, 0 replies; 3+ messages in thread
From: Pete Whiting @ 2009-02-01 12:38 UTC (permalink / raw)
To: Eric Leblond; +Cc: netfilter-devel
you were correct - I had the wrong kernel modules loaded. Once built
and installed the error went away. Patch to ignore return code was not
needed.
sorry for the noise.
kernel version 2.6.25.17
2009/2/1 Eric Leblond <eric@inl.fr>:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hi,
>
> Pete Whiting a écrit :
>> I am trying to build/test libnetfilter_queue for a user-space app
>> running on openwrt. Compile failed in the utils subdirectory until I
>> modified Makefile.in to include libnfnetlink.so:
>>
>>
>> I verified that xt_NFQUEUE is installed:
>> root@Kamikaze_RC2:~# lsmod | grep QUEUE
>> xt_NFQUEUE 672 0
>> x_tables 8976 16
>> xt_NFQUEUE,ipt_ULOG,xt_string,xt_layer7,ipt_ipp2p,ipt_MASQUERADE,iptable_nat,xt_state,ipt_REJECT,xt_TCPMSS,ipt_LOG,xt_multiport,xt_mac,xt_limit,ip_tables,xt_tcpudp
>
> It seems the nfnetlink_queue module is missing. It should not be on that
> list because of your grep but it could be a good explanation (your
> strace seems to confirm this).
>
> If this is not the case, please apply the joined patch and let us know.
>
> By the way, please tell us your kernel version. It seems this problem is
> specific to some version.
>
> BR,
> - --
> Eric Leblond <eric@inl.fr>
> INL: http://www.inl.fr/
> NuFW: http://www.nufw.org/
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.9 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iD8DBQFJhYecnxA7CdMWjzIRAqX7AJsEM3sXmWRZG64PrQQog+FYuxnQQQCfVsfC
> IQeVwqHXrG1GSnxkEli3o+s=
> =Pk8w
> -----END PGP SIGNATURE-----
>
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2009-02-01 12:38 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2009-02-01 4:47 trying to test libnetfilter_queue on openwrt kamikaze_RC2 - failing with "connection refused" Pete Whiting
2009-02-01 11:29 ` Eric Leblond
2009-02-01 12:38 ` Pete Whiting
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).