Hi
Thanks for your responses.
Please find the logs below which is coming when I run connmand
connmand[4691]: src/ipconfig.c:__connman_ipconfig_init()
connmand[4691]: src/rtnl.c:__connman_rtnl_init()
connmand[4691]: src/task.c:__connman_task_init()
connmand[4691]: src/proxy.c:__connman_proxy_init()
connmand[4691]: src/detect.c:__connman_detect_init()
connmand[4691]: src/rtnl.c:connman_rtnl_register() rtnl 0xa2448 name detect
connmand[4691]: src/session.c:__connman_session_init()
connmand[4691]: src/notifier.c:connman_notifier_register() notifier 0xa2510
name session
connmand[4691]: src/firewall.c:__connman_firewall_enable() mangle INPUT -j
CONNMARK --restore-mark
connmand[4691]: src/firewall.c:insert_managed_rule() table mangle add
managed chain for INPUT
connmand[4691]: src/iptables.c:__connman_iptables_new_chain() -t mangle -N
connman-INPUT
connmand[4691]: src/iptables.c:iptables_init() mangle
connmand[4691]: src/iptables.c:iptables_add_chain() table mangle chain
connman-INPUT
connmand[4691]: src/iptables.c:__connman_iptables_insert() -t mangle -I
INPUT -j connman-INPUT
(null) v(null): Couldn't load target `standard':No such file or directory
---------------------------------------------------------------------------
On debugging we found that in function __connman_iptables_insert() -I
option is expecting target name which is already added to the chain.
iptables_add_chain() - is adding target name connman-INPUT to chain, but
while __connman_iptables_insert -I instead of connman-INPUT, -I INPUT is
given. There fore it results in error could not load target which is not in
chain.
On debugging further we found that it is called in firewall.c,
static int insert_managed_chain(const char *table_name, int id)
{
char *rule, *managed_chain;
int err;
managed_chain = g_strdup_printf("%s%s", CHAIN_PREFIX,
builtin_chains[id]);
DBG("T%s C %s", table_name, managed_chain);
err = __connman_iptables_new_chain(table_name, managed_chain);
if (err < 0)
goto out;
rule = g_strdup_printf("-j %s", managed_chain);
DBG("T%s C %s R %s ID %d", table_name, builtin_chains[id],
rule, id);
//err = __connman_iptables_insert(table_name, builtin_chains[id],
rule);
/* err = __connman_iptables_insert(table_name, managed_chain, rule);
g_free(rule);
if (err < 0) {
__connman_iptables_delete_chain(table_name, managed_chain);
goto out;
*/
------------------------------------------------------------------------------------------------
By commenting the lines shown above, we are able to run connmand without
any problems.
As this is seems to be a dirty hack, we want to do it in a clean manner.
Can you please suggest which way we can use?
Thanks,
Vidhya
On Thu, Jun 18, 2015 at 3:24 PM, Vidhya Govindan <unicvid...@gmail.com>
wrote:
> Hi,
>
> Could you please let us know how we can disable firewall support in
> connman.
> There are some problems I am facing when I am running firewall. So want to
> test by disabling it.
>
> Thanks in advance.
>
> Vidhya
>
_______________________________________________
connman mailing list
connman@connman.net
https://lists.connman.net/mailman/listinfo/connman
