The error is from the locking ioctl:
onoff = 1;
if (ioctl(fd, SIOCSTLCK, &onoff) == 0) {
if (ioctl(fd, SIOCSTPUT, &obj) != 0)
perror("SIOCSTPUT");
printf("Failed to TPUT ipf: %d:%s\n", errno, strerror(errno));
onoff = 0;
if (ioctl(fd, SIOCSTLCK, &onoff) != 0)
perror("SIOCSTLCK");
} else {
printf("Failed to lock ipf: %d:%s\n", errno, strerror(errno));
}
Failed to lock ipf: 1:Not owner
truss:
12691: open("/dev/ipnat", O_RDONLY) = 3
12691: ioctl(3, _IOWRN('r', 63, 52), 0x08047D64) = 0
12691: so_socket(PF_INET, SOCK_DGRAM, IPPROTO_IP, "", SOV_DEFAULT) = 4
12691: connect(4, 0x08047610, 16, SOV_DEFAULT) = 0
12691: getsockname(4, 0x08047610, 0x080475F8, SOV_DEFAULT) = 0
12691: close(4) = 0
12691: ioctl(1, TCGETA, 0x080468F4) Err#22 EINVAL
12691: fstat64(1, 0x08046920) = 0
12691: brk(0x08062308) = 0
12691: brk(0x08066308) = 0
12691: fstat64(1, 0x08046860) = 0
12691: so_socket(PF_INET, SOCK_STREAM, IPPROTO_IP, "", SOV_DEFAULT) = 4
12691: bind(4, 0x08047610, 16, SOV_SOCKBSD) = 0
12691: getsockname(4, 0x08047610, 0x080475F8, SOV_DEFAULT) = 0
12691: ioctl(3, _IOWRN('r', 79, 4), 0x08047600) Err#1 EPERM
12691: write(1, " l o c a l I P # t o".., 243) = 243
Darren Reed wrote:
Ok, the ioctl() are failing, but inetd is eating the stderr output.. Sigh.
error: Not owner.
root 12660 12523 0 17:51:19 ? 0:00 /usr/local/bin/proxy e1000g0
# ls -lL /dev/ipl*
crw-rw-rw- 1 root sys 165, 0 Mar 20 15:31 /dev/ipl
crw-rw-rw- 1 root sys 165, 6 May 19 17:51 /dev/iplookup
So I assume that doesn't mean Unix owner (root, and /dev looks accessable) but
rather NAT rule owner?
What exactly produces the above error?
None of the perror calls have that output.
Can you use truss on inetd to find out?
Darren
--
Jorgen Lundman | <[EMAIL PROTECTED]>
Unix Administrator | +81 (0)3 -5456-2687 ext 1017 (work)
Shibuya-ku, Tokyo | +81 (0)90-5578-8500 (cell)
Japan | +81 (0)3 -3375-1767 (home)
