Bug#468170: iptables: Found same error on amd64 architecture

Mon, 21 Jul 2008 10:26:37 -0700 

Package: iptables
Version: 1.3.6.0debian1-5
Followup-For: Bug #468170


This is an example of what appen on my server:

-------------

myhost# iptables --line-numbers -t filter -L INPUT

Chain INPUT (policy DROP)
num  target     prot opt source               destination
1    C_DROP_BAD_TCP  tcp  --  anywhere             anywhere
2    C_INPUT_FROM_LO  0    --  loopback/8           anywhere
3    C_INPUT_FROM_INET  0    --  anywhere             anywhere
4    LOG        0    --  anywhere             anywhere            LOG level 
debug prefix `INPUT: '

myhost# iptables -v -t filter -R INPUT 4 -p all --match limit --limit 1/minute 
--limit-burst 1  -j LOG --log-level debug --log-prefix "INPUT: "
LOG  0 opt -- in * out *  0.0.0.0/0  -> 0.0.0.0/0  limit: avg 1/min burst 1 LOG 
flags 0 level 7 prefix `INPUT: '
iptables: Invalid argument

-------------

May be I found a hint in the netfilter faq:

3.20 'iptables: Invalid argument' after kernel update (nat table)

You have just upgraded your kernel and suddenly some of the commands 
(especially in the 'nat' table), and you experience something like:
    # iptables -A POSTROUTING -t nat -o ppp0 -j MASQUERADE
    iptables: Invalid argument
This happens when the structure size between kernel and userspace changes. You 
will need to recompile the iptables userspace program using the include files 
of your new kernel. This only 
happens if you (or the vendor of your kernel) has applied some patches either 
only to the old or only to the new kernel. It is not supposed to happen between 
vanilla kernel.org kernels. 
If it does, please inform the netfilter-devel mailinglist.


This is not the NAT table, but problem looks similar. Should I inform 
netfilter-devel mailinglist or did someone already inform them ?

Thanks, Luca

-- System Information:
Debian Release: 4.0
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: i386 (x86_64)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-6-amd64
Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1)

Versions of packages iptables depends on:
ii  libc6                  2.3.6.ds1-13etch5 GNU C Library: Shared libraries
ii  libselinux1            1.32-3            SELinux shared libraries

iptables recommends no packages.

-- no debconf information



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Reply via email to