guy keren wrote:
on my system, this works fine. i'm using redhat's kernel, 2.4.18-17.7.x .
did you:
1. look in /var/log/messages while running this command?
2. strace this command?
if not - shame on you....
Shame on me, indeed. So I punished myself a bit...
At some stage I upgraded iptables to 1.3.3, which is the fresh version.
It looked like it could solve something. It didn't.
To begin with, nothing happens in /var/log/messages. strace gave
something to bite on, but ltrace got even more specific. It ends with:
4891 setsockopt(3, 0, 64, 0x08057988, 4968) = -1
4891 free(0x08055058) = <void>
4891 free(0x08057988) = <void>
4891 free(0x08058cf8) = <void>
4891 __errno_location() = 0x42130b60
4891 strerror(22) = "Invalid argument"
4891 fprintf(0x4212dc80, "iptables: %s\n", "Invalid argument") = 27
Aha, I said, let's see who does it. The string "setsockopt" appears
twice in the entire iptables source, and I could narrow it down to
libiptc/libiptc.c, line 2102:
if (setsockopt(sockfd, TC_IPPROTO, SO_SET_REPLACE, repl,
sizeof(*repl) + repl->size) < 0) {
free(repl->counters);
free(repl);
free(newcounters);
return 0;
}
This means absolutely nothing to me. The function is called TC_COMMIT,
and it deals with some counters. Other keywords: Replace, map.
In short, I have still no idea what to do.
Guy, is this enought punishment? Can I go playing now? ;)
Eli
--
Web: http://www.billauer.co.il
--------------------------------------------------------------------------
Haifa Linux Club Mailing List (http://www.haifux.org)
To unsub send an empty message to [EMAIL PROTECTED]
