ULOG The kernel doesn't support a certain ebtables extension, consider recompiling your kernel or insmod the extension.

ULOG The kernel doesn't support a certain ebtables extension, consider recompiling your kernel or insmod the extension.

[Thomas Berg]

Hi,

Running debian unstable with kernel Linux version 2.6.30-1-686 (Debian 
2.6.30-6)
trying to use ulogd and dont get it to work I get a strange error that I 
cant figure out how to workaround, except recompling the kernel, but the 
kernel is already complied with bridge support, is there any other 
support that i should include?

/sbin/ebtables --modprobe /sbin/modprobe -A FORWARD --in-interface 
eth1.4 --protocol IPv4 --ip-protocol udp --ip-destination-port 67 -j 
DROP --ulog
ULOG The kernel doesn't support a certain ebtables extension, consider 
recompiling your kernel or insmod the extension.

lsmod
ebt_ip                  1752  29
ebt_log                 3268  32
ebtable_broute          1740  0
ebtable_nat             2000  0
ebtable_filter          2028  1
ebtables               14108  3 ebtable_broute,ebtable_nat,ebtable_filter
ipt_ULOG                6684  1
x_tables               14108  4 ebt_ip,ebt_log,ebtables,ipt_ULOG
bridge                 39968  1 ebtable_broute
8021q                  17932  0
garp                    6996  1 8021q
stp                     2112  2 bridge,garp



I can se the modules below
/lib/ebtables
-rw-r--r--  1 root root  3704 2009-06-29 17:22 libebt_802_3.so
-rw-r--r--  1 root root  1768 2009-06-29 17:22 libebtable_broute.so
-rw-r--r--  1 root root  1928 2009-06-29 17:22 libebtable_filter.so
-rw-r--r--  1 root root  1928 2009-06-29 17:22 libebtable_nat.so
-rw-r--r--  1 root root  7908 2009-06-29 17:22 libebt_among.so
-rw-r--r--  1 root root  3908 2009-06-29 17:22 libebt_arpreply.so
-rw-r--r--  1 root root  7708 2009-06-29 17:22 libebt_arp.so
-rw-r--r--  1 root root 55884 2009-06-29 17:22 libebtc.so
-rw-r--r--  1 root root  6904 2009-06-29 17:22 libebt_ip6.so
-rw-r--r--  1 root root  6920 2009-06-29 17:22 libebt_ip.so
-rw-r--r--  1 root root  4364 2009-06-29 17:22 libebt_limit.so
-rw-r--r--  1 root root  5516 2009-06-29 17:22 libebt_log.so
-rw-r--r--  1 root root  3144 2009-06-29 17:22 libebt_mark_m.so
-rw-r--r--  1 root root  4548 2009-06-29 17:22 libebt_mark.so
-rw-r--r--  1 root root  5556 2009-06-29 17:22 libebt_nat.so
-rw-r--r--  1 root root  4552 2009-06-29 17:22 libebt_nflog.so
-rw-r--r--  1 root root  3432 2009-06-29 17:22 libebt_pkttype.so
-rw-r--r--  1 root root  3080 2009-06-29 17:22 libebt_redirect.so
-rw-r--r--  1 root root  2460 2009-06-29 17:22 libebt_standard.so
-rw-r--r--  1 root root  7960 2009-06-29 17:22 libebt_stp.so
-rw-r--r--  1 root root  4776 2009-06-29 17:22 libebt_ulog.so
-rw-r--r--  1 root root  4436 2009-06-29 17:22 libebt_vlan.so


Isnt ebtables supposed to auto load its needed modules? I was planning 
to log dhcp-req and desp-answ packets to a file for further handling 
with ulogd.

Best Regards,
Thomas

Re: ULOG The kernel doesn't support a certain ebtables extension, consider recompiling your kernel or insmod the extension.

[/dev/rob0]

On Monday 31 August 2009 15:15:08 Thomas Berg wrote:
> /sbin/ebtables --modprobe /sbin/modprobe -A FORWARD --in-interface
> eth1.4 --protocol IPv4 --ip-protocol udp --ip-destination-port 67
> -j DROP --ulog
> ULOG The kernel doesn't support a certain ebtables extension,
> consider recompiling your kernel or insmod the extension.
>
> lsmod
> ebt_ip                  1752  29
> ebt_log                 3268  32
> ebtable_broute          1740  0
> ebtable_nat             2000  0
> ebtable_filter          2028  1
> ebtables               14108  3 ebtable_broute,ebtable_nat,ebtable_filter
> ipt_ULOG                6684  1
> x_tables               14108  4 ebt_ip,ebt_log,ebtables,ipt_ULOG
> bridge                 39968  1 ebtable_broute
> 8021q                  17932  0
> garp                    6996  1 8021q
> stp                     2112  2 bridge,garp

> I can se the modules below
> /lib/ebtables

Those are ebtables(8) user-space modules, not kernel.

> Isnt ebtables supposed to auto load its needed modules?

I have this:
/lib/modules/$(uname -r)/kernel/net/bridge/netfilter/ebt_ulog.ko
Do you?

If this is your custom kernel, you overlooked it. If it is a Debian
kernel, file a Debian bug.
-- 
    Offlist mail to this address is discarded unless
    "/dev/rob0" or "not-spam" is in Subject: header

Re: ULOG The kernel doesn't support a certain ebtables extension, consider recompiling your kernel or insmod the extension.

[Thomas Berg]

/dev/rob0 skrev:
> On Monday 31 August 2009 15:15:08 Thomas Berg wrote:
>  
>> /sbin/ebtables --modprobe /sbin/modprobe -A FORWARD --in-interface
>> eth1.4 --protocol IPv4 --ip-protocol udp --ip-destination-port 67
>> -j DROP --ulog
>> ULOG The kernel doesn't support a certain ebtables extension,
>> consider recompiling your kernel or insmod the extension.
>>
>> lsmod
>> ebt_ip                  1752  29
>> ebt_log                 3268  32
>> ebtable_broute          1740  0
>> ebtable_nat             2000  0
>> ebtable_filter          2028  1
>> ebtables               14108  3 
>> ebtable_broute,ebtable_nat,ebtable_filter
>> ipt_ULOG                6684  1
>> x_tables               14108  4 ebt_ip,ebt_log,ebtables,ipt_ULOG
>> bridge                 39968  1 ebtable_broute
>> 8021q                  17932  0
>> garp                    6996  1 8021q
>> stp                     2112  2 bridge,garp
>>     
>
>  
>> I can se the modules below
>> /lib/ebtables
>>     
>
> Those are ebtables(8) user-space modules, not kernel.
>
>  
>> Isnt ebtables supposed to auto load its needed modules?
>>     
>
> I have this:
> /lib/modules/$(uname -r)/kernel/net/bridge/netfilter/ebt_ulog.ko
> Do you?
>
>   
Its there
-rw-r--r-- 1 root root  9209 2009-03-13 23:37 ebt_ulog.ko

trying modprobe ebt_ulog results in

br0:/lib/modules/2.6.26-1-686/kernel/net/bridge/netfilter# modprobe 
ebt_ulog
FATAL: Error inserting ebt_ulog 
(/lib/modules/2.6.30-1-686/kernel/net/bridge/netfilter/ebt_ulog.ko): 
Cannot allocate memory

> If this is your custom kernel, you overlooked it. 
I was going to make a custom kernel, but dit get unsure what I should 
include except bridging to get ebt_ulog to work. Did dot find any 
related to ulog in menuconfig or do i have to make a patch to the source 
before running menuconfig?


> If it is a Debian
> kernel, file a Debian bug.
>   
Its a debian unstable kernel so there will probably be a new release soon.


Best regards,
Thomas

Re: ULOG The kernel doesn't support a certain ebtables extension, consider recompiling your kernel or insmod the extension.

[Patrick McHardy]

Thomas Berg wrote:
>>> ebt_ip                  1752  29
>>> ebt_log                 3268  32
>>> ebtable_broute          1740  0
>>> ebtable_nat             2000  0
>>> ebtable_filter          2028  1
>>> ebtables               14108  3
>>> ebtable_broute,ebtable_nat,ebtable_filter
>>> ipt_ULOG                6684  1
>>> x_tables               14108  4 ebt_ip,ebt_log,ebtables,ipt_ULOG
>>> bridge                 39968  1 ebtable_broute
>>> 8021q                  17932  0
>>> garp                    6996  1 8021q
>>> stp                     2112  2 bridge,garp
>>>     
> br0:/lib/modules/2.6.26-1-686/kernel/net/bridge/netfilter# modprobe
> ebt_ulog
> FATAL: Error inserting ebt_ulog
> (/lib/modules/2.6.30-1-686/kernel/net/bridge/netfilter/ebt_ulog.ko):
> Cannot allocate memory

ebt_ulog and ipt_ULOG can't be used simultaneously since they both use
the same netlink unit. I don't think we can fix it at this point since
both are obsolete and this would break existing setups. You can use
nfnetlink_log and xt_NFLOG/ebt_NFLOG as a replacement.

Re: ULOG The kernel doesn't support a certain ebtables extension, consider recompiling your kernel or insmod the extension.

[Thomas Berg]

Hi

trying this

rmmod ipt_ulog

modprobe ebt_ulog

ebtables 14108 3 ebtable_broute,ebtable_nat,ebtable_filter
x_tables 14108 5 ebt_ulog,ebt_nflog,ebt_ip,ebt_log,ebtables


module is then loaded, great but still the same error when trying to add 
a ebtables rule with ulog.

br0:~# /sbin/ebtables --modprobe /sbin/modprobe -A FORWARD 
--in-interface eth1.4 --protocol IPv4 --ip-protocol udp 
--ip-destination-port 67 -j DROP --ulog
The kernel doesn't support a certain ebtables extension, consider 
recompiling your kernel or insmod the extension.

unloading ebt_ulog and then trying to add a rule with ulog ends up with 
ebt_ulog loaded but still getting the same error message

The kernel doesn't support a certain ebtables extension, consider 
recompiling your kernel or insmod the extension.

So ebtables is loading ebt_ulog if ipt_ulog is unloaded but still there 
is this error message that the kernel need to be recompiled or try to 
load module.

I´ll have to check out nfnetlink_log and se if I can use that instead, 
is it forwaring the whole packet to userspace?

Best regards,
Thomas

Patrick McHardy skrev:
> Thomas Berg wrote:
>   
>>>> ebt_ip                  1752  29
>>>> ebt_log                 3268  32
>>>> ebtable_broute          1740  0
>>>> ebtable_nat             2000  0
>>>> ebtable_filter          2028  1
>>>> ebtables               14108  3
>>>> ebtable_broute,ebtable_nat,ebtable_filter
>>>> ipt_ULOG                6684  1
>>>> x_tables               14108  4 ebt_ip,ebt_log,ebtables,ipt_ULOG
>>>> bridge                 39968  1 ebtable_broute
>>>> 8021q                  17932  0
>>>> garp                    6996  1 8021q
>>>> stp                     2112  2 bridge,garp
>>>>     
>>>>         
>> br0:/lib/modules/2.6.26-1-686/kernel/net/bridge/netfilter# modprobe
>> ebt_ulog
>> FATAL: Error inserting ebt_ulog
>> (/lib/modules/2.6.30-1-686/kernel/net/bridge/netfilter/ebt_ulog.ko):
>> Cannot allocate memory
>>     
>
> ebt_ulog and ipt_ULOG can't be used simultaneously since they both use
> the same netlink unit. I don't think we can fix it at this point since
> both are obsolete and this would break existing setups. You can use
> nfnetlink_log and xt_NFLOG/ebt_NFLOG as a replacement.
>   

Re: ULOG The kernel doesn't support a certain ebtables extension, consider recompiling your kernel or insmod the extension.

[Patrick McHardy]

[-- Attachment #1: Type: text/plain, Size: 632 bytes --]

Thomas Berg wrote:
> Hi
> 
> trying this
> 
> rmmod ipt_ulog
> 
> modprobe ebt_ulog
> 
> ebtables 14108 3 ebtable_broute,ebtable_nat,ebtable_filter
> x_tables 14108 5 ebt_ulog,ebt_nflog,ebt_ip,ebt_log,ebtables
> 
> 
> module is then loaded, great but still the same error when trying to add
> a ebtables rule with ulog.
> 
> br0:~# /sbin/ebtables --modprobe /sbin/modprobe -A FORWARD
> --in-interface eth1.4 --protocol IPv4 --ip-protocol udp
> --ip-destination-port 67 -j DROP --ulog
> The kernel doesn't support a certain ebtables extension, consider
> recompiling your kernel or insmod the extension.

This patch should fix it.



[-- Attachment #2: x --]
[-- Type: text/plain, Size: 873 bytes --]

commit 8a56df0ae1690f8f42a3c6c4532f4b06f93febea
Author: Patrick McHardy <kaber@trash.net>
Date:   Tue Sep 1 14:34:01 2009 +0200

    netfilter: ebt_ulog: fix checkentry return value
    
    Commit 19eda87 (netfilter: change return types of check functions for
    Ebtables extensions) broke the ebtables ulog module by missing a return
    value conversion.
    
    Signed-off-by: Patrick McHardy <kaber@trash.net>

diff --git a/net/bridge/netfilter/ebt_ulog.c b/net/bridge/netfilter/ebt_ulog.c
index 133eeae..ce50688 100644
--- a/net/bridge/netfilter/ebt_ulog.c
+++ b/net/bridge/netfilter/ebt_ulog.c
@@ -266,7 +266,7 @@ static bool ebt_ulog_tg_check(const struct xt_tgchk_param *par)
 	if (uloginfo->qthreshold > EBT_ULOG_MAX_QLEN)
 		uloginfo->qthreshold = EBT_ULOG_MAX_QLEN;
 
-	return 0;
+	return true;
 }
 
 static struct xt_target ebt_ulog_tg_reg __read_mostly = {

Re: ULOG The kernel doesn't support a certain ebtables extension, consider recompiling your kernel or insmod the extension.

[Thomas Berg]

Do you think this patch will be inckluden in debian unstble release soon 
or do I have to complie a new kernel to get it working?

Best regards,
Thomas

Patrick McHardy skrev:
> Thomas Berg wrote:
>   
>> Hi
>>
>> trying this
>>
>> rmmod ipt_ulog
>>
>> modprobe ebt_ulog
>>
>> ebtables 14108 3 ebtable_broute,ebtable_nat,ebtable_filter
>> x_tables 14108 5 ebt_ulog,ebt_nflog,ebt_ip,ebt_log,ebtables
>>
>>
>> module is then loaded, great but still the same error when trying to add
>> a ebtables rule with ulog.
>>
>> br0:~# /sbin/ebtables --modprobe /sbin/modprobe -A FORWARD
>> --in-interface eth1.4 --protocol IPv4 --ip-protocol udp
>> --ip-destination-port 67 -j DROP --ulog
>> The kernel doesn't support a certain ebtables extension, consider
>> recompiling your kernel or insmod the extension.
>>     
>
> This patch should fix it.
>
>
>   

Re: ULOG The kernel doesn't support a certain ebtables extension, consider recompiling your kernel or insmod the extension.

[Patrick McHardy]

Thomas Berg wrote:
> Do you think this patch will be inckluden in debian unstble release soon
> or do I have to complie a new kernel to get it working?

It will be sent to the -stable kernel once it has hit upstream, when the
next merge window opens. So its probably going to be something like 2-3
weeks. Not sure how long it then takes for Debian to pick it up.