>*From where does this function get called if it manages to prevent *> ConnMan from running? BTW, does ConnMan close down or what happens?
connmand[4691]: src/ipconfig.c:__connman_ipconfig_init() connmand[4691]: src/rtnl.c:__connman_rtnl_init() connmand[4691]: src/task.c:__connman_task_init() connmand[4691]: src/proxy.c:__connman_proxy_init() connmand[4691]: src/detect.c:__connman_detect_init() connmand[4691]: src/rtnl.c:connman_rtnl_register() rtnl 0xa2448 name detect connmand[4691]: src/session.c:__connman_session_init() connmand[4691]: src/notifier.c:connman_notifier_register() notifier 0xa2510 name session connmand[4691]: src/firewall.c:__connman_firewall_enable() mangle INPUT -j CONNMARK --restore-mark connmand[4691]: src/firewall.c:insert_managed_rule() table mangle add managed chain for INPUT connmand[4691]: src/iptables.c:__connman_iptables_new_chain() -t mangle -N connman-INPUT connmand[4691]: src/iptables.c:iptables_init() mangle connmand[4691]: src/iptables.c:iptables_add_chain() table mangle chain connman-INPUT connmand[4691]: src/iptables.c:__connman_iptables_insert() -t mangle -I INPUT -j connman-INPUT (null) v(null): Couldn't load target `standard':No such file or directory --------------------- When I am running connman with -ndr, I see above messages and after printing Couldn't load target, connmand exits. This function connmand[4691]: src/firewall.c:insert_managed_rule() table mangle add managed chain for INPUT is calling __connman_iptables_insert() -t mangle -I INPUT -j connman-INPUT which is resulting in the Couldn't load target error. By commenting the lines (which I mentioned in previous posts), we are able to make connmand work without any such error messages. Can you please let us know how to disable calling this firewall function? (or why this firewall functions are getting called) Thanks, On Thu, Jun 18, 2015 at 5:12 PM, Vidhya Govindan <[email protected]> wrote: > Hi > > Thanks for your responses. > > Please find the logs below which is coming when I run connmand > > connmand[4691]: src/ipconfig.c:__connman_ipconfig_init() > connmand[4691]: src/rtnl.c:__connman_rtnl_init() > connmand[4691]: src/task.c:__connman_task_init() > connmand[4691]: src/proxy.c:__connman_proxy_init() > connmand[4691]: src/detect.c:__connman_detect_init() > connmand[4691]: src/rtnl.c:connman_rtnl_register() rtnl 0xa2448 name detect > connmand[4691]: src/session.c:__connman_session_init() > connmand[4691]: src/notifier.c:connman_notifier_register() notifier > 0xa2510 name session > connmand[4691]: src/firewall.c:__connman_firewall_enable() mangle INPUT -j > CONNMARK --restore-mark > connmand[4691]: src/firewall.c:insert_managed_rule() table mangle add > managed chain for INPUT > connmand[4691]: src/iptables.c:__connman_iptables_new_chain() -t mangle -N > connman-INPUT > connmand[4691]: src/iptables.c:iptables_init() mangle > connmand[4691]: src/iptables.c:iptables_add_chain() table mangle chain > connman-INPUT > connmand[4691]: src/iptables.c:__connman_iptables_insert() -t mangle -I > INPUT -j connman-INPUT > (null) v(null): Couldn't load target `standard':No such file or directory > > --------------------------------------------------------------------------- > On debugging we found that in function __connman_iptables_insert() -I > option is expecting target name which is already added to the chain. > iptables_add_chain() - is adding target name connman-INPUT to chain, but > while __connman_iptables_insert -I instead of connman-INPUT, -I INPUT is > given. There fore it results in error could not load target which is not in > chain. > > On debugging further we found that it is called in firewall.c, > static int insert_managed_chain(const char *table_name, int id) > { > char *rule, *managed_chain; > int err; > > managed_chain = g_strdup_printf("%s%s", CHAIN_PREFIX, > builtin_chains[id]); > > DBG("T%s C %s", table_name, managed_chain); > err = __connman_iptables_new_chain(table_name, managed_chain); > if (err < 0) > goto out; > > rule = g_strdup_printf("-j %s", managed_chain); > DBG("T%s C %s R %s ID %d", table_name, builtin_chains[id], > rule, id); > //err = __connman_iptables_insert(table_name, builtin_chains[id], > rule); > /* err = __connman_iptables_insert(table_name, managed_chain, rule); > g_free(rule); > if (err < 0) { > __connman_iptables_delete_chain(table_name, > managed_chain); > goto out; > */ > > > ------------------------------------------------------------------------------------------------ > By commenting the lines shown above, we are able to run connmand without > any problems. > As this is seems to be a dirty hack, we want to do it in a clean manner. > > Can you please suggest which way we can use? > > Thanks, > Vidhya > > > On Thu, Jun 18, 2015 at 3:24 PM, Vidhya Govindan <[email protected]> > wrote: > >> Hi, >> >> Could you please let us know how we can disable firewall support in >> connman. >> There are some problems I am facing when I am running firewall. So want >> to test by disabling it. >> >> Thanks in advance. >> >> Vidhya >> > > _______________________________________________ connman mailing list [email protected] https://lists.connman.net/mailman/listinfo/connman
