iptables throws unknown error - suspecting 32/64 compat issue

2007-05-10 Thread Jan Engelhardt
Hi, the following command gives an error: iptables -t mangle -I FORWARD -m conntrack --ctstate NEW output is: iptables: Unknown error 4294967295 As mentioned in the topic, I suspect it is due to 32-bit iptables not coping correctly with the 64-bit kernel (sometimes, patches

Re: vm changes from linux-2.6.14 to linux-2.6.15

2007-05-10 Thread Benjamin Herrenschmidt
We never seemed to reach completion here? Well, I'm waiting for other people comments too... as I said earlier, I'm not too fan of burrying the update_mmu_cache() inside ptep_set_access_flags(), but perhaps we could remove the whole logic of reading the old PTE comparing it, and instead have

Re: iptables throws unknown error - suspecting 32/64 compat issue

2007-05-10 Thread Jan Engelhardt
On May 10 2007 08:27, Jan Engelhardt wrote: Hi, the following command gives an error: iptables -t mangle -I FORWARD -m conntrack --ctstate NEW output is: iptables: Unknown error 4294967295 As mentioned in the topic, I suspect it is due to 32-bit iptables not coping correctly

Re: vm changes from linux-2.6.14 to linux-2.6.15

2007-05-10 Thread David Miller
From: Benjamin Herrenschmidt [EMAIL PROTECTED] Date: Thu, 10 May 2007 16:29:43 +1000 We never seemed to reach completion here? Well, I'm waiting for other people comments too... as I said earlier, I'm not too fan of burrying the update_mmu_cache() inside ptep_set_access_flags(), but

Re: iptables throws unknown error - suspecting 32/64 compat issue

2007-05-10 Thread Patrick McHardy
Jan Engelhardt wrote: Hi, the following command gives an error: iptables -t mangle -I FORWARD -m conntrack --ctstate NEW output is: iptables: Unknown error 4294967295 As mentioned in the topic, I suspect it is due to 32-bit iptables not coping correctly with the

Re: iptables throws unknown error - suspecting 32/64 compat issue

2007-05-10 Thread Patrick McHardy
Jan Engelhardt wrote: On May 10 2007 08:27, Jan Engelhardt wrote: As mentioned in the topic, I suspect it is due to 32-bit iptables not coping correctly with the 64-bit kernel (sometimes, patches to fix these are posted, so I thought it could be related). OS is Aurora Linux 2.98, with their

Re: iptables throws unknown error - suspecting 32/64 compat issue

2007-05-10 Thread Patrick McHardy
Jan Engelhardt wrote: On May 10 2007 15:20, Patrick McHardy wrote: And the following cmd oopsed it: # iptables -A INPUT -p tcp --dport 22 -m conntrack --ctstate NEW -j sshcheck; I believe this is a bug in the compat code, which *seems* to call (its a bit messy, I just had a quick

Re: iptables throws unknown error - suspecting 32/64 compat issue

2007-05-10 Thread Jan Engelhardt
On May 10 2007 16:02, Patrick McHardy wrote: A lot ... as far as the filter table and sshcheck is concerned, iptables -N sshcheck; iptables -A sshcheck -m recent --name sshcheck --seconds 60 --update -j DROP; iptables -A sshcheck -m hashlimit --hashlimit-name sshcheck \