Bug#411663: marked as done (linux-image-2.6.18-4-amd64: iptables do not work correctly with amd64 kernel)

Debian Bug Tracking System Thu, 03 Jul 2008 18:06:00 -0700

Your message dated Thu, 3 Jul 2008 19:28:03 +0200
with message-id <[EMAIL PROTECTED]>
and subject line Re: linux-image-2.6.18-4-amd64: iptables do not work correctly 
with amd64 kernel
has caused the Debian Bug report #411663,
regarding linux-image-2.6.18-4-amd64: iptables do not work correctly with amd64 
kernel
to be marked as done.


This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [EMAIL PROTECTED]
immediately.)


-- 
411663: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=411663
Debian Bug Tracking System
Contact [EMAIL PROTECTED] with problems

--- Begin Message ---

Package: linux-image-2.6.18-4-amd64
Version: 2.6.18.dfsg.1-10
Severity: normal


It seems that the 32bit iptables package do not work correctly together
with the (i386) amd64 kernel. After installing this kernel, shorewall do
not start anymore.

Here you can see snippets of the logs:

snippet of /var/log/shorewall-init.log:
...
Processing /etc/shorewall/continue ...
ip6tables v1.3.6: can't initialize ip6tables table `filter': Invalid
argument Perhaps ip6tables or your kernel needs to be upgraded.
ip6tables v1.3.6: can't initialize ip6tables table `filter': Bad file
descriptor Perhaps ip6tables or your kernel needs to be upgraded.
...
Setting up TC Rules...
iptables: Invalid argument
   ERROR: Command "/sbin/iptables -t mangle -A tcpre -s 0.0.0.0/0 -d
0.0.0.0/0 -p icmp --icmp-type echo-request -j MARK --set-mark 1" Failed
...

snippet of /var/log/syslog:
...
Feb 20 11:14:24 uranus kernel: CSLIP: code copyright 1989 Regents of the
University of California 
Feb 20 11:14:24 uranus kernel: PPP generic driver version 2.4.2 
Feb 20 11:14:24 uranus kernel: NET: Registered protocol family 10 
Feb 20 11:14:24 uranus kernel: lo: Disabled Privacy Extensions 
Feb 20 11:14:24 uranus kernel: IPv6 over IPv4 tunneling driver
Feb 20 11:14:24 uranus kernel: ADDRCONF(NETDEV_UP): eth1: link is not
ready 
Feb 20 11:14:24 uranus kernel: eth2: link up, 100Mbps, full-duplex, lpa
0x41E1 
Feb 20 11:14:24 uranus kernel: ADDRCONF(NETDEV_UP): eth3: link is not
ready 
Feb 20 11:14:24 uranus kernel: NET: Registered protocol family 24 
Feb 20 11:14:24 uranus kernel: ip_tables: (C) 2000-2006 Netfilter Core
Team 
Feb 20 11:14:24 uranus kernel: Netfilter messages via NETLINK v0.30. 
Feb 20 11:14:24 uranus kernel: ip_conntrack version 2.4 (8192 buckets,
65536 max) - 304 bytes per conntrack 
Feb 20 11:14:24 uranus kernel: Bridge firewalling registered 
Feb 20 11:14:24 uranus kernel: ip_conntrack_pptp version 3.1 loaded 
Feb 20 11:14:24 uranus kernel: ip_nat_pptp version 3.0 loaded 
Feb 20 11:14:25 uranus kernel: e1000: eth3: e1000_watchdog: NIC Link is
Up 1000 Mbps Full Duplex 
Feb 20 11:14:25 uranus kernel: ADDRCONF(NETDEV_CHANGE): eth3: link
becomes ready 
Feb 20 11:14:25 uranus kernel: ClusterIP Version 0.8 loaded successfully
Feb 20 11:14:25 uranus kernel: ip_tables: conntrack match: invalid size
80 != 68 
Feb 20 11:14:25 uranus kernel: ip_tables: connmark match: invalid size
24 != 12 
Feb 20 11:14:25 uranus kernel: ip_tables: MARK target: invalid size 16 !=
8 
Feb 20 11:14:25 uranus kernel: ip_tables: CONNMARK target: invalid size
24 != 12 
Feb 20 11:14:25 uranus kernel: e1000: eth3: e1000_watchdog: NIC Link is
Down 
Feb 20 11:14:25 uranus kernel: e1000: eth3: e1000_watchdog: NIC Link is
Up 1000 Mbps Full Duplex 
Feb 20 11:14:25 uranus kernel: eth2: no IPv6 routers present 
Feb 20 11:14:25 uranus kernel: eth0: no IPv6 routers present 
Feb 20 11:14:25 uranus kernel: eth3: no IPv6 routers present 
Feb 20 11:14:25 uranus kernel: ip6_tables: (C) 2000-2006 Netfilter Core
Team 
Feb 20 11:14:25 uranus kernel: ip_tables: MARK target: invalid size 16 !=
8 
Feb 20 11:14:25 uranus kernel: ip_tables: conntrack match: invalid size
80 != 68 
Feb 20 11:14:25 uranus kernel: ip_tables: connmark match: invalid size
24 != 12 
Feb 20 11:14:25 uranus kernel: ip_tables: MARK target: invalid size 16 !=
8 
Feb 20 11:14:25 uranus kernel: ip_tables: CONNMARK target: invalid size
24 != 12 
Feb 20 11:14:25 uranus kernel: ip_tables: conntrack match: invalid size
80 != 68
Feb 20 11:14:25 uranus kernel: ip_tables: connmark match: invalid size
24 != 12 
Feb 20 11:14:25 uranus kernel: ip_tables: MARK target: invalid size 16 !=
8 
Feb 20 11:14:25 uranus kernel: ip_tables: CONNMARK target: invalid size
24 != 12
...

--- End Message ---

--- Begin Message ---
Version: 2.6.24-1

fixed in newer linux images.

thanks for report.

-- 
maks
--- End Message ---

Bug#411663: marked as done (linux-image-2.6.18-4-amd64: iptables do not work correctly with amd64 kernel)

Reply via email to