[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <20061230213048.07238350.vsu@altlinux.ru>
Date: Sat, 30 Dec 2006 21:30:48 +0300
From: Sergey Vlasov <vsu@...linux.ru>
To: Jan Engelhardt <jengelh@...ux01.gwdg.de>
Cc: netfilter@...ts.netfilter.org, linux-kernel@...r.kernel.org
Subject: Re: ip_tables init broken
On Sat, 30 Dec 2006 18:14:35 +0100 (MET) Jan Engelhardt wrote:
> when the ip_tables module is loaded automatically when inserting the
> first rule, something gets screwed up, as -L -v -n shows:
>
>
> 17:39 ichi:~ # lsmod | grep ip_tables
> 17:39 ichi:~ # iptables -t mangle -A FORWARD -i eth1 -j MARK --set-mark 161
> 17:39 ichi:~ # iptables -t mangle -A FORWARD -i eth1 -j MARK --set-mark 161
> 17:39 ichi:~ # iptables -t mangle -L -v -n | grep eth1
> p b targ pr opt in out src dst
> 0 0 MARK 0 -- eth1 * 0.0.0.0/0 0.0.0.0/0 0xa1
> 0 0 MARK 0 -- eth1 * 0.0.0.0/0 0.0.0.0/0 MARK set 0xa1
>
> Everything is fine if ip_tables was loaded before.
>
> This box runs 2.6.18.5. Can anyone confirm this bug?
Looks like this problem was fixed between iptables releases 1.3.5 and
1.3.7 (the old buggy version was trying to detect whether the kernel
supports the newer MARK target version before loading the ip_tables
module, therefore the check was giving bogus results).
Content of type "application/pgp-signature" skipped
Powered by blists - more mailing lists