Dear Mr Welte,
I tried the following:
Made a fresh install of RH7.2. Then got an iptables.src.rpm (1.2.5) and installed it. (It was a standard RH 7.2 kernel 2.4.9)
iptables -t mangle -L --------> OK
Then I tried to get a ____fresh 2.4.18____ /not redhat/ kernel and compiled & installed it. Result: -------> NOT OK
iptables: libiptc/libip4tc.c:384: do_check: Assertion `h->info.valid_hooks == (1 << 0 | 1 << 3)' failed.
Aborted
Fresh 2.4.17_______/not RH/ and c & i. Result
iptables -t mangle -L ------> OK
Fresh 2.5.2______ kernel:
iptables -t mangle -L ------> OK
Fresh 2.5.5______ kernel:
iptables -t mangle -L -------> NOT OK
iptables: libiptc/libip4tc.c:384: do_check: Assertion `h->info.valid_hooks == (1 << 0 | 1 << 3)' failed.
Aborted
So I can confirm that the problem is with kernel 2.4.18 and 2.5.5. In all cases the userspace program was RedHat's iptables-1.2.5
According to you the problem IS in my iptables although I mentioned that earlier (as can be read later) I used the standard iptables-1.2.5.tar.bz2 from netfilter.samba.org.
By "Some vendors, esp. redhat, were mistakenly shipping iptables packages with
debugging enabled." you mean netfilter.samba.org is one of them ? ;-)
If yes then where can I turn DEBUG off (clean iptables from netfilter.sambe.org)? In makefile
there is a COPT_FLAGS:=-O2 -DNDEBUG. Is that mean off or I should search somewhere else?
Thanks for your help.
Best regards,
Gabor Horvath
[EMAIL PROTECTED]
| Harald Welte <[EMAIL PROTECTED]>
2002.03.01 12:33
|
C�mzett: Brad Chapman <[EMAIL PROTECTED]> M�solat: [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED] T�rgy: Re: mangle table problem? |
On Fri, Mar 01, 2002 at 03:28:59AM -0800, Brad Chapman wrote:
> Sir,
>
> --- [EMAIL PROTECTED] wrote:
> > Dear Members,
> >
> > I faced a strange problem. Tried to use kernel 2.5.5. No module support at
> > all - I compiled in everything. I patched nothing on the kernel.
> >
> > Compiled a new iptables 1.2.5 without problem. I am unable to use the
> > mangle table. Error message follows at the bottom of the mail.
> > Tried it on two completely different machine /Athlon 1400 - desktop, PIII
> > 1GHz - laptop/ with the same result.
> >
> > Has anybody met this problem yet?
Yes, of course. It was widely discussed at the linux-kernel mailinglist.
You are running iptables with debugging support turned on.
Please compile the userspace iptables command without debugging.
Some vendors, esp. redhat, were mistakenly shipping iptables packages with
debugging enabled.
> He said he did NOT patch his kernel. Did DaveM put mangle5hooks in 2.5.5?
it is in 2.5.5 and 2.4.18.
> Brad Chapman
--
Live long and prosper
- Harald Welte / [EMAIL PROTECTED] http://www.gnumonks.org/
============================================================================
GCS/E/IT d- s-: a-- C+++ UL++++$ P+++ L++++$ E--- W- N++ o? K- w--- O- M+
V-- PS++ PE-- Y++ PGP++ t+ 5-- !X !R tv-- b+++ !DI !D G+ e* h--- r++ y+(*)
