Re: xtables-addons searching libipt_*.so instead of libxt_*.so

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hari Hendaryanto wrote:
Jan Engelhardt wrote:
On Friday 2010-02-26 01:48, Hari Hendaryanto wrote:
when i try to load match, i.e geoip match i found this error

iptables v1.4.6: Couldn't load match `geoip':/lib64/xtables/libipt_geoip.so:
cannot open shared object file: No such file or directory

i've check /lib64/xtables and i see libxt_geoip.so is there

why iptables search /lib64/xtables/libipt_geoip.so not
/lib64/xtables/libxt_geoip.so ?

This is a suboptimal error message generated by iptables. iptables
tries to load both libxt_ and libipt_/libip6t_, however when all
failed, it only prints the last filename that was tried. We clearly
need to improve upon that.

You can try

    strace -e open iptables -m geoip -h

and see if it opens libxt_geoip.so at all.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
thanks for quick response,

running

strace -e open iptables -m geoip -h

result

open("/etc/ld.so.cache", O_RDONLY)      = 3
open("/lib64/libip4tc.so.0", O_RDONLY)  = 3
open("/lib64/libxtables.so.4", O_RDONLY) = 3
open("/lib64/libm.so.6", O_RDONLY)      = 3
open("/lib64/libc.so.6", O_RDONLY)      = 3
open("/lib64/libdl.so.2", O_RDONLY)     = 3
open("/lib64/xtables/libxt_geoip.so", O_RDONLY) = -1 EACCES (Permission denied) open("/lib64/xtables/libipt_geoip.so", O_RDONLY) = -1 ENOENT (No such file or directory) iptables v1.4.6: Couldn't load match `geoip':/lib64/xtables/libipt_geoip.so: cannot open shared object file: No such file or directory

yes, it search for libxt_geoip.so. but open, get permission denied

ls -al /lib64/xtables/libxt_geoip.so

-rwxr-xr-x. 1 root root 13505 2010-02-25 04:12 /lib64/xtables/libxt_geoip.so

arrgh, sorry for the disturbance, i think it's caused by selinux

thanks for pointing me to the right direction anyway

regards
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[Index of Archives]     [Netfitler Users]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux