Re: iptables -> can't initialize iptables table `filter': Bad file descriptor

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 12/4/07, Patrick McHardy <kaber@xxxxxxxxx> wrote:
> Salatiel Filho wrote:
> > On 12/4/07, Patrick McHardy <kaber@xxxxxxxxx> wrote:
> >> Salatiel Filho wrote:
> >>> ~# iptables -L
> >>> iptables v1.3.8: can't initialize iptables table `filter': Invalid argument
> >>> Perhaps iptables or your kernel needs to be upgraded.
> >>>
> >>> # dmesg
> >>> ip_tables: (C) 2000-2002 Netfilter core team
> >>> translate_table: size 632
> >>> Finished chain 1
> >>> Finished chain 2
> >>> Finished chain 3
> >>> table->private->number = 4
> >>> get_entries: 668 != 672
> >> This looks like an alignment problem. Old kernels required
> >> alignof(struct ipt_entry), which should be 4. Userspace
> >> compiled against current headers use:
> >>
> >> struct _xt_align
> >> {
> >>          u_int8_t u8;
> >>          u_int16_t u16;
> >>          u_int32_t u32;
> >>          u_int64_t u64;
> >> };
> >>
> >> #define XT_ALIGN(s) (((s) + (__alignof__(struct _xt_align)-1))  \
> >>
> >>                          & ~(__alignof__(struct _xt_align)-1))
> >>
> >> which I guess is 8 on ARM. Does removing the u_int64_t
> >> from the struct above in the iptables source
> >> (include/linux/netfilter/x_tables.h) help?
> >>
> >>
> >
> > I can not find include/linux/netfilter/x_tables.h in iptables source.
> >
> > # ls -1 include/linux/netfilter/
> > nf_conntrack_common.h
> > nf_conntrack_tuple_common.h
> > nf_conntrack_tuple.h
> > nf_nat.h
>
> Right, we only recently added it. Are you compiling against your
> kernel source? Otherwise check in /usr/include/linux/...
>
How do i know if i am compiling against my kernel source ?
Does it auto use /usr/src/linux/... ?
anyway , i changed /usr/include/linux/linux/netfilter/x_tables.h but
still the same problem.


# iptables -L
iptables v1.3.8: can't initialize iptables table `filter': Invalid argument
Perhaps iptables or your kernel needs to be upgraded.

# dmesg
ip_tables: (C) 2000-2002 Netfilter core team
translate_table: size 632
Finished chain 1
Finished chain 2
Finished chain 3
table->private->number = 4
get_entries: 668 != 672

-- 
[]'s
Salatiel

"O maior prazer do inteligente é bancar o  idiota
   diante de um  idiota que banca o inteligente".
-
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Index of Archives]     [Netfitler Users]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux