I'm not yet sure if this is a problem with the Linux MIPS platform in particular, but I thought I would probe to see if anyone else has experienced this. I'm using an AMD Alchemy db1100 board with a CVS checkout from a few weeks back of the mips-linux kernel (2.6.11 rc2). I can insert the ip_tables and iptable_nat modules fine. But the following iptables command fails: # iptables -t nat -F iptables v1.3.0: can't initialize iptables table `nat': Memory allocation problem Perhaps iptables or your kernel needs to be upgraded. I did an strace and came up with the attached output. Of particular interest is this call: old_mmap(NULL, 1651212288, PROT_READ|PROT_WRITE, MAP_PRIVATE| MAP_ANONYMOUS, 0, 0) = -1 ENOMEM (Cannot allocate memory) Wow, seems something is trying to mmap over 1.6GB of data. If anyone has any tips on why this is happening I would appreciate the input. Best regards, Josh Green
# strace iptables -t nat -F
execve("/usr/sbin/iptables", ["iptables", "-t", "nat", "-F"], [/* 16 vars */]) = 0
ioctl(0, TIOCNXCL, {B115200 opost isig icanon -echo ...}) = 0
ioctl(1, TIOCNXCL, {B115200 opost isig icanon -echo ...}) = 0
socket(PF_INET, SOCK_RAW, IPPROTO_RAW) = 4
getsockopt(4, SOL_IP, 0x40 /* IP_??? */, "nat\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., [84]) = 0
brk(0) = 0x10007000
brk(0x10008000) = 0x10008000
old_mmap(NULL, 1651212288, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, 0, 0) = -1 ENOMEM (Cannot allocate memory)
brk(0x726bf000) = 0x10008000
old_mmap(NULL, 1651212288, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, 0, 0) = -1 ENOMEM (Cannot allocate memory)
close(4) = 0
open("/proc/sys/kernel/modprobe", O_RDONLY) = 4
read(4, "/sbin/modprobe\n", 1024) = 15
close(4) = 0
fork() = 1041
wait4(-1, [WIFEXITED(s) && WEXITSTATUS(s) == 0], 0, NULL) = 1041
--- SIGCHLD (Child exited) @ 0 (0) ---
socket(PF_INET, SOCK_RAW, IPPROTO_RAW) = 4
getsockopt(4, SOL_IP, 0x40 /* IP_??? */, "nat\0\0\0\0\0\0\0\0\0\0\0\0\0\340\256\0\20\0\0\0\0\30\4"..., [84]) = 0
old_mmap(NULL, 1651212288, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, 0, 0) = -1 ENOMEM (Cannot allocate memory)
brk(0x726bf000) = 0x10008000
old_mmap(NULL, 1651212288, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, 0, 0) = -1 ENOMEM (Cannot allocate memory)
close(4) = 0
write(2, "iptables", 8iptables) = 8
write(2, " v", 2 v) = 2
write(2, "1.3.0", 51.3.0) = 5
write(2, ": ", 2: ) = 2
write(2, "can\'t initialize iptables table "..., 33can't initialize iptables table `) = 33
write(2, "nat", 3nat) = 3
write(2, "\': ", 3': ) = 3
write(2, "Memory allocation problem", 25Memory allocation problem) = 25
write(2, "\n", 1
) = 1
write(2, "Perhaps iptables or your kernel "..., 54Perhaps iptables or your kernel needs to be upgraded.
) = 54
exit(3) = ?
Attachment:
signature.asc
Description: This is a digitally signed message part
