Hello,
I am running freewrt development revision 3663 on an asus wl 500gp.
Everything seems fine so far, but i got a problem with iptables.
I can not set a mark in the mangling table:
[EMAIL PROTECTED]:~ # iptables -t mangle -A PREROUTING -p tcp --dport 5154 -j
MARK --set-mark 1
iptables: No chain/target/match by that name
[EMAIL PROTECTED]:~ # iptables -t mangle -A PREROUTING -p tcp --dport 5154 -j
MARK --set-mark 0x1
iptables: No chain/target/match by that name
The module is loaded:
[EMAIL PROTECTED]:~ # lsmod | grep ipt
iptable_mangle 2284 1
ipt_REDIRECT 692 0 (unused)
ipt_MASQUERADE 1396 1
ipt_TCPMSS 2412 1
ipt_REJECT 4076 2
ipt_LOG 4092 0 (unused)
iptable_nat 23528 2 [ipt_REDIRECT ipt_MASQUERADE ip_nat_ftp]
ipt_state 424 6
ipt_conntrack 1192 0 (unused)
iptable_filter 1756 1
ip_tables 18240 12 [iptable_mangle ipt_REDIRECT
ipt_MASQUERADE ipt_TCPMSS ipt_REJECT ipt_LOG iptable_nat ipt_state
ipt_conntrack iptable_filter]
ip_conntrack 26128 1 [ipt_REDIRECT ipt_MASQUERADE ip_nat_ftp
iptable_nat ipt_state ipt_conntrack ip_conntrack_ftp]
The table and the chain exist:
[EMAIL PROTECTED]:~ # iptables -t mangle -L -v
Chain PREROUTING (policy ACCEPT 79580 packets, 17M bytes)
pkts bytes target prot opt in out source
destination
Chain INPUT (policy ACCEPT 9717 packets, 1282K bytes)
pkts bytes target prot opt in out source
destination
Chain FORWARD (policy ACCEPT 69836 packets, 16M bytes)
pkts bytes target prot opt in out source
destination
Chain OUTPUT (policy ACCEPT 9916 packets, 876K bytes)
pkts bytes target prot opt in out source
destination
Chain POSTROUTING (policy ACCEPT 79752 packets, 17M bytes)
pkts bytes target prot opt in out source
destination
I also added an strace output (strace.txt) of the attemp to set the mark.
The library /usr/lib/iptables/libipt_MARK.so is found, but it complains
about
open("/proc/sys/kernel/modprobe", O_RDONLY) = -1 ENOENT (No such file or
directory)
Addind an ACCEPT like this
strace iptables -t mangle -A PREROUTING -p tcp --dport 5154 -j ACCEPT
is possible (see strace-accpet.txt) and there is no complaining about
/proc/sys/kernel/modprobe.
Any ideas?
Kind regards
Cornelius
--
Diese Nachricht wurde auf Viren und andere gefährliche Inhalte untersucht
und ist - aktuelle Virenscanner vorausgesetzt - sauber.
For all your IT requirements visit: http://www.transtec.co.uk
[EMAIL PROTECTED]:~ # strace iptables -t mangle -A PREROUTING -p tcp --dport
5154 -j MARK --set-mark 0x1
execve("/usr/sbin/iptables", ["iptables", "-t", "mangle", "-A", "PREROUTING",
"-p", "tcp", "--dport", "5154", "-j", "MARK", "--set-mark", "0x1"], [/* 13 vars
*/]) = 0
svr4_syscall() = -1 ERRNO_4090 (Unknown error 4090)
stat("/etc/ld.so.cache", 0x7fff78b0) = -1 ENOENT (No such file or directory)
open("", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/lib/libdl.so.0", O_RDONLY) = 3
old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, 0, 0) =
0x2aaaf000
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\10\0\1\0\0\0\200\10"..., 4096) =
4096
old_mmap(NULL, 274432, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x2aaef000
old_mmap(0x2aaef000, 7168, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED, -1, 0) =
0x2aaef000
old_mmap(0x2ab30000, 4264, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3,
0x1000) = 0x2ab30000
close(3) = 0
munmap(0x2aaaf000, 4096) = 0
open("", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/lib/libc.so.0", O_RDONLY) = 3
old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS,
715845908, 0x2aaef000) = 0x2aaaf000
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\10\0\1\0\0\0\240\315"..., 4096) =
4096
old_mmap(NULL, 757760, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x2ab32000
old_mmap(0x2ab32000, 459316, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED, 3, 0)
= 0x2ab32000
old_mmap(0x2abe2000, 12488, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3,
0x70000) = 0x2abe2000
old_mmap(0x2abe6000, 17696, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, 3, 0x70000) = 0x2abe6000
close(3) = 0
munmap(0x2aaaf000, 4096) = 0
mprotect(0x2ab30000, 4096, PROT_READ) = 0
mprotect(0x2abe2000, 8192, PROT_READ) = 0
mprotect(0x2aaed000, 4096, PROT_READ) = 0
ioctl(0, TIOCNXCL, {B230400 -opost isig icanon -echo ...}) = 0
ioctl(1, TIOCNXCL, {B230400 -opost isig icanon -echo ...}) = 0
brk(0) = 0x10000900
brk(0x10001900) = 0x10001900
brk(0x10002000) = 0x10002000
open("/etc/protocols", O_RDONLY) = 3
ioctl(3, TIOCNXCL, 0x7fff78b8) = -1 ENOTTY (Inappropriate ioctl for
device)
brk(0x10003000) = 0x10003000
read(3, "ip\t0\tIP\nicmp\t1\tICMP\nigmp\t2\tIGMP\n"..., 4096) = 660
close(3) = 0
", O_RDONLY) = 3ptablen}�T|�
old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, 4246188,
0) = 0x2aaaf000
read(3, "[EMAIL PROTECTED]"..., 4096) = 4096
old_mmap(NULL, 270336, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x2abeb000
old_mmap(0x2abeb000, 7604, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED, -1, 0) =
0x2abeb000
old_mmap(0x2ac2c000, 3944, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3,
0x1000) = 0x2ac2c000
close(3) = 0
munmap(0x2aaaf000, 4096) = 0
open("/usr/lib/iptables/libipt_MARK.so", O_RDONLY) = 3
old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, 4246188,
0) = 0x2aaaf000
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\10\0\1\0\0\0\260\6"..., 4096) =
4096
old_mmap(NULL, 270336, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS, 4246188, 0) =
0x2ac2d000
old_mmap(0x2ac2d000, 4088, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED, 4246188,
0) = 0x2ac2d000
old_mmap(0x2ac6e000, 368, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3,
0x1000) = 0x2ac6e000
close(3) = 0
munmap(0x2aaaf000, 4096) = 0
socket(PF_INET, SOCK_RAW, IPPROTO_RAW) = 3
open("/proc/sys/kernel/modprobe", O_RDONLY) = -1 ENOENT (No such file or
directory)
getsockopt(3, SOL_IP, 0x43 /* IP_??? */, 0x7fff78b0, 0x7fff78d0) = -1
ENOPROTOOPT (Protocol not available)
close(3) = 0
socket(PF_INET, SOCK_RAW, IPPROTO_RAW) = 3
open("/proc/sys/kernel/modprobe", O_RDONLY) = -1 ENOENT (No such file or
directory)
getsockopt(3, SOL_IP, 0x43 /* IP_??? */, 0x7fff78b0, 0x10000000) = -1
ENOPROTOOPT (Protocol not available)
close(3) = 0
socket(PF_INET, SOCK_RAW, IPPROTO_RAW) = 3
getsockopt(3, SOL_IP, 0x40 /* IP_??? */,
"mangle\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., [84]) = 0
getsockopt(3, SOL_IP, 0x41 /* IP_??? */,
"mangle\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., [976]) = 0
setsockopt(3, SOL_IP, 0x40 /* IP_??? */, "mangle", 6) = -1 ENOENT (No such file
or directory)
write(2, "iptables: ", 10iptables: ) = 10
write(2, "No chain/target/match by that na"..., 34No chain/target/match by that
name) = 34
write(2, "\n", 1
) = 1
munmap(0x2ac2d000, 266624) = 0
munmap(0x2abeb000, 270208) = 0
exit(1) = ?
execve("/usr/sbin/iptables", ["iptables", "-t", "mangle", "-A", "PREROUTING",
"-p", "tcp", "--dport", "5154", "-j", "ACCEPT"], [/* 13 vars */]) = 0
svr4_syscall() = -1 ERRNO_4090 (Unknown error 4090)
stat("/etc/ld.so.cache", 0x7fff78d0) = -1 ENOENT (No such file or directory)
open("/usr/lib/libdl.so.0", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/lib/libdl.so.0", O_RDONLY) = 3
old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) =
0x2aaaf000
read(3, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 4096) =
4096
old_mmap(NULL, 274432, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x2aaef000
old_mmap(0x2aaef000, 7168, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED, -1, 0) =
0x2aaef000
old_mmap(0x2ab30000, 4264, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3,
0x1000) = 0x2ab30000
close(3) = 0
munmap(0x2aaaf000, 4096) = 0
open("/usr/lib/libc.so.0", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/lib/libc.so.0", O_RDONLY) = 3
old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS,
715845908, 0x2aaef000) = 0x2aaaf000
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 4096) =
4096
old_mmap(NULL, 757760, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x2ab32000
old_mmap(0x2ab32000, 459316, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED, 3, 0)
= 0x2ab32000
old_mmap(0x2abe2000, 12488, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3,
0x70000) = 0x2abe2000
old_mmap(0x2abe6000, 17696, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, 3, 0x70000) = 0x2abe6000
close(3) = 0
munmap(0x2aaaf000, 4096) = 0
mprotect(0x2ab30000, 4096, PROT_READ) = 0
mprotect(0x2abe2000, 8192, PROT_READ) = 0
mprotect(0x2aaed000, 4096, PROT_READ) = 0
ioctl(0, TIOCNXCL, {B38400 opost isig icanon echo ...}) = 0
ioctl(1, TIOCNXCL, {B38400 opost isig icanon echo ...}) = 0
brk(0) = 0x10000900
brk(0x10001900) = 0x10001900
brk(0x10002000) = 0x10002000
open("/etc/protocols", O_RDONLY) = 3
ioctl(3, TIOCNXCL, 0x7fff78d8) = -1 ENOTTY (Inappropriate ioctl for
device)
brk(0x10003000) = 0x10003000
read(3, "ip\t0\tIP\nicmp\t1\tICMP\nigmp\t2\tIGMP\n"..., 4096) = 660
close(3) = 0
open("/usr/lib/iptables/libipt_tcp.so", O_RDONLY) = 3
old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) =
0x2aaaf000
read(3, "[EMAIL PROTECTED]"..., 4096) = 4096
old_mmap(NULL, 270336, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x2abeb000
old_mmap(0x2abeb000, 7604, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED, 3, 0) =
0x2abeb000
old_mmap(0x2ac2c000, 3944, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3,
0x1000) = 0x2ac2c000
close(3) = 0
munmap(0x2aaaf000, 4096) = 0
open("/usr/lib/iptables/libipt_standard.so", O_RDONLY) = 3
old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) =
0x2aaaf000
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\10\0\1\0\0\0\360\5"..., 4096) =
3908
old_mmap(NULL, 266240, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x2ac2d000
old_mmap(0x2ac2d000, 2304, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED, 3, 0) =
0x2ac2d000
old_mmap(0x2ac6d000, 2500, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3, 0) =
0x2ac6d000
close(3) = 0
munmap(0x2aaaf000, 4096) = 0
socket(PF_INET, SOCK_RAW, IPPROTO_RAW) = 3
getsockopt(3, SOL_IP, 0x40 /* IP_??? */,
"mangle\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., [84]) = 0
getsockopt(3, SOL_IP, 0x41 /* IP_??? */,
"mangle\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., [1376]) = 0
brk(0x10004000) = 0x10004000
setsockopt(3, SOL_IP, 0x40 /* IP_??? */,
"mangle\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 1632) = 0
setsockopt(3, SOL_IP, 0x41 /* IP_??? */,
"mangle\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 184) = 0
close(3) = 0
munmap(0x2ac2d000, 264688) = 0
munmap(0x2abeb000, 270208) = 0
exit(0) _______________________________________________
freewrt-developers mailing list
[email protected]
https://www.freewrt.org/lists/listinfo/freewrt-developers
