From mboxrd@z Thu Jan 1 00:00:00 1970 From: Nishit Shah Subject: Re: arptables ruleset not working when compiling on fedora6,7,8/centos 5/redhat 5 Date: Mon, 29 Jun 2009 21:48:20 +0530 Message-ID: References: <56378e320906290721i63f969edm90aed19619decf71@mail.gmail.com> <4A48D6AD.4010005@trash.net> <4A48E14A.3060708@trash.net> Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: QUOTED-PRINTABLE Cc: Richard Horton , netfilter-devel@vger.kernel.org, netfilter@vger.kernel.org To: Patrick McHardy Return-path: In-Reply-To: <4A48E14A.3060708@trash.net> Sender: netfilter-owner@vger.kernel.org List-Id: netfilter-devel.vger.kernel.org On Mon, Jun 29, 2009 at 9:14 PM, Patrick McHardy wrote= : > Nishit Shah wrote: >> >> On Mon, Jun 29, 2009 at 8:28 PM, Patrick McHardy wr= ote: >>> >>> Nishit Shah wrote: >>>> >>>> On Mon, Jun 29, 2009 at 7:51 PM, Richard >>>> Horton >>>> wrote: >>>>> >>>>> 2009/6/29 Nishit Shah : >>>>>> >>>>>> Hi, >>>>>> =A0 =A0 =A0 I am compiling arptables-v0.0.3-3/arptables-v0.0.3-2= on >>>>>> fedora6,7,8/centos 5/redhat 5. Module is compiled successfully. >>>>>> Following are the simple steps. >>> >>> Which kernel versions (the lowest) are these running? >>> >> >> lowest is 2.6.18. > > Ah, I remember, we had some breakage with of the ARPT codes with the > introduction of x_tables in 2.6.16. Please try to figure out the > difference of those values between working and non-working state > (ARPT_CONTINUE, ARPT_RETURN etc.) > Bingo !!! It is due to the value of ARPT_RETURN. ARPT_RETURN defined in arptables-v0.0.3-3 is =2E/include/linux/netfilter_arp/arp_tables.h:#define ARPT_RETURN (-NF_MAX_VERDICT - 1) and value of NF_MAX_VERDICT is different on machine running with gcc 2.96/glibc 2.2.4 and above all machines. value of NF_MAX_VERDICT on machine running gcc 2.96 and glibc 2.2.4, /usr/include/linux/netfilter.h:#define NF_MAX_VERDICT NF_REPEAT and same file on all above machines, /usr/include/linux/netfilter.h:#define NF_MAX_VERDICT NF_STOP Thanks Patrick :) Rgds, Nishit Shah.