From: Patrick McHardy <kaber@trash.net>
To: Ignacy Gawedzki <i@lri.fr>
Cc: netfilter-devel@vger.kernel.org
Subject: Re: Netfilter API and libiptc
Date: Mon, 09 Feb 2009 18:10:03 +0100 [thread overview]
Message-ID: <4990636B.9080900@trash.net> (raw)
In-Reply-To: <20090205141722.GB21417@qubit>
Ignacy Gawedzki wrote:
> Hi everybody,
>
> I'm currently working on a project that relies on manipulation of iptables in
> order to perform fine data packet accounting. This manipulation is performed
> dynamically, so the code initially used libiptc.
>
> Since iptables 1.4.0, libiptc is not distributed anymore, so I resolved to
> incorporate the code into our own source distribution, just as people from
> collectd seemingly did. All seemed to work well until yesterday, when we
> eventually pinpointed our calls to the (internal) libiptc as a cause of a
> kernel freeze. It only happened on a generic Ubuntu Hardy kernel
> (2.6.24-22-generic) on one particular laptop (I didn't succeed in reproducing
> the freeze on another hardware with the same distribution). I suppose it has
> something to do with the change of the format of data flowing to kernelspace
> (iptables 1.3.8 came distributed on that freezing machine), could anyone here
> confirm that this is possible indeed?
It should never crash the kernel, and the ABI is supposed to be
compatible.
>
> Now my question is: how are we supposed to proceed from now on in order to
> manipulate iptables? I read about libxtables and the corresponding libxtc.h
> (though these are not yet packaged in the current Ubuntu Intrepid), but it's
> not clear to me how the communication with the kernel is actually to be done.
>
> Thanks for any information that could help me making this work properly.
Hard to tell without seeing the exact crash you're getting.
next prev parent reply other threads:[~2009-02-09 17:10 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-02-05 14:17 Netfilter API and libiptc Ignacy Gawedzki
2009-02-09 17:10 ` Patrick McHardy [this message]
2009-02-09 18:39 ` Ignacy Gawedzki
2009-02-11 13:39 ` Jesper Dangaard Brouer
2009-02-11 14:37 ` Patrick McHardy
2009-02-11 16:02 ` Jan Engelhardt
2009-02-12 5:13 ` Patrick McHardy
2009-02-12 5:55 ` Jan Engelhardt
2009-02-12 5:58 ` Patrick McHardy
2009-02-12 6:14 ` Jan Engelhardt
2009-02-12 6:18 ` Patrick McHardy
2009-02-12 6:29 ` Jan Engelhardt
2009-02-12 6:34 ` Patrick McHardy
2009-02-16 13:08 ` Jesper Dangaard Brouer
2009-02-16 13:47 ` Jesper Dangaard Brouer
2009-02-16 14:08 ` Patrick McHardy
2009-02-16 16:52 ` Jan Engelhardt
2009-02-16 16:54 ` Patrick McHardy
2009-02-12 9:17 ` Jesper Dangaard Brouer
2009-02-12 10:42 ` Jesper Dangaard Brouer
2009-02-12 13:33 ` Ignacy Gawedzki
2009-02-12 14:11 ` Jan Engelhardt
2009-02-12 14:50 ` Jesper Dangaard Brouer
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4990636B.9080900@trash.net \
--to=kaber@trash.net \
--cc=i@lri.fr \
--cc=netfilter-devel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).