Mailing List Archive: Problem with ROUTE target

Problem with ROUTE target

Mar 24, 2006, 2:34 AM

Post #1 of 3 (2272 views)

Hello,

I installed the ROUTE target for ip6tables and I've got a problem.
Whenever I try to create a rule, for example

ip6tables -t mangle -A POSTROUTING -j ROUTE --oif eth0

I've got the message :

unknown error 4294967295

I know some people had the same issue but I didn't find any solution.

I tried to use strace and the result was something like :

socket(PF_INET, SOCK_RAW, IPPROTO_RAW) = 3
getsockopt(3, SOL_IP, 0x40 /* IP_??? */,
"mangle\0\301\304e9\300\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., [84]) = 0
getsockopt(3, SOL_IP, 0x41 /* IP_??? */,
"mangle\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., [2456]) = 0
setsockopt(3, SOL_IP, 0x40 /* IP_??? */,
"mangle\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 2668) = -1
ENOENT (No such file or directory)

That was not the exact message (I can't reproduce it right now) but that
was this error (ENOENT)

I really need to use this target so I would really appreciate your help

Than you

Re: Problem with ROUTE target [ In reply to ]

lejeuney at gmail

Jul 30, 2007, 5:24 AM

Post #2 of 3 (2045 views)

Permalink

On 2007/07/30-09:29(+0200), Ludovic wrote :
> i'm using kernel 2.6.21.5 and iptables 1.3.7. I have patched it with
> patch-o-matic in order to have the ROUTE target but it doesn't work:
>
> root@linux:~ $ iptables -t mangle -A POSTROUTING -d 10.8.0.6 -j ROUTE --oif tun0
> iptables: No chain/target/match by that name
>
> root@linux:~ $ ll /lib/iptables/ | grep ROUTE
> 12 -rwxr-xr-x 1 root root 8216 Jul 26 17:55 libipt_ROUTE.so
>
< skip >
>
> root@linux:~ $ lsmod
> Module Size Used by
> ipt_ROUTE 3760 0
>
> What can i do to find where my problem is ?
>

Hi Ludovic,
Two things:

- help message on errors is given by iptables in user-land. It seems that
it's compiled with "ROUTE target" support. So it (iptables) "knows" the
command line synthax. In this case, it is a "user-land error".

- The error you get when you send a valid command line, comes from that
the ROUTE target may not be correctly loaded in the netfilter framework
but lsmod shows us that you performed a modprobe...

Can you please send the content of the file proc/net/ip_tables_target

Regards

Yann.

Re: Problem with ROUTE target [ In reply to ]

ludovic.mailinglist at gmail

Jul 30, 2007, 5:29 AM

Post #3 of 3 (2048 views)

Permalink

Thanks a lot for your answer.

Here is my /proc/net/ip_tables_target:

TTL
ULOG
LOG
SAME
NETMAP
REDIRECT
MASQUERADE
IMQ
ECN
TOS
REJECT
DNAT
SNAT
ERROR
TCPMSS
NFLOG
NFQUEUE
MARK
MARK
DSCP
CONNMARK
CLASSIFY

First, i can see that the target ROUTE is not available. Second, what
about the line with ERROR? Is it normal ?

I have checked on an other linux box with ROUTE target working, there
is no ERROR line in the ip_tables_target file and the ROUTE target is
available.

What can i do to correct the ROUTE target available ?

Best regards,
Ludovic.