I would like to use the U32 match with IPTables. I am having a huge
amount of trouble getting it to work though. I have tried POM-ng, the
xt_u32 patch on the dev list, SVN versions of IP Tables, IP Tables
1.3.8, 1.3.5, all to no avail. I am compiling the U32 module as a module
in the kernel, and every time I have gotten iptables: Invalid Argument
when I try to use iptables -A INPUT -m u32 --u32 '2&0xFFFF=0x2:0x0100'
-j DROP or anything related to u32. dmesg shows: ip_tables: u32 match:
invalid size 1984 != 2028. I have tried changing the defines in
/usr/src/linux/include/linux/netfilter/xt_u32.h so that the structure
has the same size, but I'm a bit worried this will break other things
(and it didn't fix it anyway). Has anyone had any luck with this module,
and if so, what versions are you using and where did you get the U32
module?
I'm currently using gentoo patched kernel 2.6.21-r4 and iptables 1.3.8.
Thanks!
amount of trouble getting it to work though. I have tried POM-ng, the
xt_u32 patch on the dev list, SVN versions of IP Tables, IP Tables
1.3.8, 1.3.5, all to no avail. I am compiling the U32 module as a module
in the kernel, and every time I have gotten iptables: Invalid Argument
when I try to use iptables -A INPUT -m u32 --u32 '2&0xFFFF=0x2:0x0100'
-j DROP or anything related to u32. dmesg shows: ip_tables: u32 match:
invalid size 1984 != 2028. I have tried changing the defines in
/usr/src/linux/include/linux/netfilter/xt_u32.h so that the structure
has the same size, but I'm a bit worried this will break other things
(and it didn't fix it anyway). Has anyone had any luck with this module,
and if so, what versions are you using and where did you get the U32
module?
I'm currently using gentoo patched kernel 2.6.21-r4 and iptables 1.3.8.
Thanks!