On Sat, 30 Dec 2006 18:14:35 +0100 (MET) Jan Engelhardt wrote: > when the ip_tables module is loaded automatically when inserting the > first rule, something gets screwed up, as -L -v -n shows: > > > 17:39 ichi:~ # lsmod | grep ip_tables > 17:39 ichi:~ # iptables -t mangle -A FORWARD -i eth1 -j MARK --set-mark 161 > 17:39 ichi:~ # iptables -t mangle -A FORWARD -i eth1 -j MARK --set-mark 161 > 17:39 ichi:~ # iptables -t mangle -L -v -n | grep eth1 > p b targ pr opt in out src dst > 0 0 MARK 0 -- eth1 * 0.0.0.0/0 0.0.0.0/0 0xa1 > 0 0 MARK 0 -- eth1 * 0.0.0.0/0 0.0.0.0/0 MARK set 0xa1 > > Everything is fine if ip_tables was loaded before. > > This box runs 2.6.18.5. Can anyone confirm this bug? Looks like this problem was fixed between iptables releases 1.3.5 and 1.3.7 (the old buggy version was trying to detect whether the kernel supports the newer MARK target version before loading the ip_tables module, therefore the check was giving bogus results).
Attachment:
pgpfbkAwePxRs.pgp
Description: PGP signature
- Follow-Ups:
- Re: ip_tables init broken [fixd]
- From: Jan Engelhardt <[email protected]>
- Re: ip_tables init broken [fixd]
- References:
- ip_tables init broken
- From: Jan Engelhardt <[email protected]>
- ip_tables init broken
- Prev by Date: Re: No sound in KDE with intel hda since 2.6.20-rc1
- Next by Date: Re: No sound in KDE with intel hda since 2.6.20-rc1
- Previous by thread: ip_tables init broken
- Next by thread: Re: ip_tables init broken [fixd]
- Index(es):