From: Richard Horton <arimus.uk@googlemail.com>
To: Nishit Shah <nsshah.82@gmail.com>
Cc: netfilter-devel@vger.kernel.org, netfilter@vger.kernel.org
Subject: Re: arptables ruleset not working when compiling on fedora6,7,8/centos 5/redhat 5
Date: Mon, 29 Jun 2009 15:21:52 +0100 [thread overview]
Message-ID: <56378e320906290721i63f969edm90aed19619decf71@mail.gmail.com> (raw)
In-Reply-To: <b2d58cb80906290712k33c1ebbvfc8e661cb34c502c@mail.gmail.com>
2009/6/29 Nishit Shah <nsshah.82@gmail.com>:
> Hi,
> I am compiling arptables-v0.0.3-3/arptables-v0.0.3-2 on
> fedora6,7,8/centos 5/redhat 5. Module is compiled successfully.
> Following are the simple steps.
>
> make
> make install
>
> Now, I am applying following rules,
>
> arptables -N user1
> arptables -N user2
> arptables -N user3
>
> arptables -A INPUT -j user1
> arptables -A INPUT -j user2
> arptables -A INPUT -j user3
>
> when I am doing arptables -nvx -L, I am getting packet counts
> on only "arptables -A INPUT -j user1", no packet counts on user2 and
> user3 chains. If I remove the user1 chain, I am getting packet counts
> on user2 chain, not on user3 chain. It means only the first user
> defined chain is traversing.
>
> all above machine contains gcc >= 4.1.2 and glibc >= 2.5
>
> If i compile the same source with machine having gcc 2.96 and
> glibc 2.2.4 things are working properly on the above machines.
> Is it something related to gcc and/or glibc ? as I am not
> seeing any issues with kernel space arptables code.
>
> Rgds,
> Nishit Shah.
I might be missing something obvious but all three rules are identical
so traffic is going to hit the first rule and go down to user1 chain.
Your user chains don't have any actions associated so looks to me like
it enter the chain, nothing will happen - including not returning to
the input chain so the other rules aren't being hit.
--
Richard Horton
Users are like a virus: Each causing a thousand tiny crises until the
host finally dies.
http://www.solstans.co.uk - Solstans Japanese Bobtails and Norwegian Forest Cats
http://www.pbase.com/arimus - My online photogallery
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
next prev parent reply other threads:[~2009-06-29 14:21 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-06-29 14:12 arptables ruleset not working when compiling on fedora6,7,8/centos 5/redhat 5 Nishit Shah
2009-06-29 14:21 ` Richard Horton [this message]
2009-06-29 14:51 ` Nishit Shah
2009-06-29 14:58 ` Patrick McHardy
2009-06-29 15:18 ` Nishit Shah
2009-06-29 15:44 ` Patrick McHardy
2009-06-29 16:18 ` Nishit Shah
2009-06-30 8:08 ` Nishit Shah
2009-07-01 9:56 ` Patrick McHardy
2009-07-01 11:09 ` Jan Engelhardt
2009-07-01 11:18 ` Patrick McHardy
2009-07-02 16:58 ` Bart De Schuymer
2009-07-05 12:59 ` Bart De Schuymer
2009-07-05 15:59 ` Jan Engelhardt
2009-07-06 19:54 ` Bart De Schuymer
2009-07-06 20:01 ` Jan Engelhardt
2009-07-08 6:57 ` Nishit Shah
2009-07-09 17:50 ` Bart De Schuymer
2009-06-29 18:47 ` Jan Engelhardt
-- strict thread matches above, loose matches on Subject: below --
2009-07-01 11:02 bdschuym@pandora.be
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=56378e320906290721i63f969edm90aed19619decf71@mail.gmail.com \
--to=arimus.uk@googlemail.com \
--cc=netfilter-devel@vger.kernel.org \
--cc=netfilter@vger.kernel.org \
--cc=nsshah.82@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).