Ok, I think i figured this one out as well - sorry dont have access to my test hardware still to verify. As i was suspecting this is related to iptables breaking backwards compatibility. Starting wit
jamal wrote: On Fri, 2005-03-18 at 20:09, Andy Furniss wrote: jamal wrote: Hi Remus, I could not reproduce this one - it is also a bit odd for calloc to fail. I dont have iptables 1.3.1 but i will ge
Thanks for atching that btw - it was tricky; i have a strong feeling it was resolved by patch i sent. But what happens when you try without mirred? Lets debug that first. The fact that mirred fails i
jamal wrote: On Mon, 2005-03-21 at 16:50, Andy Furniss wrote: jamal wrote: But what happens when you try without mirred? Lets debug that first. The fact that mirred fails is very strange - shouldnt;
Thanks for all your efforts. I will be back on my regular setup by tommorow evening and should be able to hopefuly test this. I am going to try: - latest iproute2 with 1.3.x ipt changes - i am just
Thanks for all your efforts. I will be back on my regular setup by tommorow evening and should be able to hopefuly test this. I am going to try: - latest iproute2 with 1.3.x ipt changes - i am just g
jamal wrote: As i was suspecting this is related to iptables breaking backwards compatibility. Starting with 1.3.0 the target structure changed ;-> (right at the top is a new field called version) I
Ok, Andy - I have tested this and should all work. Can you double check on your side before i push kernel patch to Dave? I tested on ubuntu distro on an AMD athlon. Attached tar.gz with necessary pat
I think its ok for now - we'll say if you want to use ipt you have to use iptables 1.3.1 and above. Just keep me in mind in the future. Like i suggested a while back since i am ripping code off iptab
jamal wrote: Ok, Andy - I have tested this and should all work. Can you double check on your side before i push kernel patch to Dave? I tested on ubuntu distro on an AMD athlon. Attached tar.gz with
Needs investigation. Lets defer for now, and see if it continues to happen Good - hopefully we can now get to where you started ;-> I will send the kernel patch to Dave later. For me all targets are
jamal wrote: Ok, try the module thing; actually try to modprobe mark target first and see if that works as well. Looks like they load OK - anyway I rebooted and modprobed ipt and ipt_MARK before test
jamal wrote: On Wed, 2005-03-23 at 15:53, Andy Furniss wrote: but I can now follow the action ipt MARK line with an action mirred .. and I just get the MARK error tablename: mangle hook: NF_IP_PRE_RO
Andy Furniss wrote: jamal wrote: On Wed, 2005-03-23 at 15:53, Andy Furniss wrote: but I can now follow the action ipt MARK line with an action mirred .. and I just get the MARK error tablename: mangl
Aha! The finger is still pointing to iptables version thing. More breakage than i thought. I dont get this message and it works just fine. What iptables version are you using? I tested with 1.3.1. ch
Never mind, I have reproduced this as well. It doesnt happen in all targets it seems - just some. I will look at the netfilter code later and try and figure to unbreak this. I think i will have to fi
jamal wrote: On Wed, 2005-03-23 at 18:12, Andy Furniss wrote: Noticed I get this in logs Mar 23 23:11:18 amd kernel: MARK: targinfosize 8 != 4 Aha! The finger is still pointing to iptables version th
I can confirm your sanity ;-> Ok, I have figured the cause fatale at least - some targets have multiple versions. MARK happens to be one of those. The reason TOS and others worked is because they onl