Ok, I have a odd problem. I just got done doing the base configuring of my CentOS 6.5 server. Adding in fail2ban, postfix, apache, mysql, ect ect. I then went in and started to add the xtable addons. I downloaded version 1.47.1, as that is the version (to my knowledge) the lastest version for my kernel 2.6.32-431.23.3.el6.x86_64, and then compiled it. After compiling with IPv6 options disabled, compiling with ipv6 enabled has always thrown errors for me, I went in downloaded the geoip database and built it with the xt_geoip_build the BE and LE folder were in /usr/share/xt_geoip/. I then proceeded to add this rule: -A INPUT -m geoip ! --src-cc US -j REJECT --reject-with icmp-net-unreachable But when I did, I got this message: iptables: Invalid argument. Run `dmesg' for more information. The last entry in dmesg was this: xt_geoip: unable to load 'US' into memory: -12 I then tired these rules: -A INPUT -m geoip --src-cc US -j ACCEPT -A INPUT -m geoip --src-cc CN -j REJECT --reject-with icmp-net-unreachable -A INPUT -m geoip --src-cc AW -j REJECT --reject-with icmp-net-unreachable Each of these resulted in same error. xt_geoip: unable to load 'US' into memory: -12 xt_geoip: unable to load 'CN' into memory: -12 xt_geoip: unable to load 'AW' into memory: -12 I do some debuging with the code. I checked the defined path for the database location. As well I was able to locate the exact line in the code where the error is being generated from. xt_geoip.c line 86 inside the geoip_add_node function: p->count = umem.count; p->cc = umem.cc; size = p->count * geoproto_size[proto]; subnet = vmalloc(size); // THIS LINE So at the moment i'm stuck. Cause it seems like none of the country codes from the GeoIP databases are loading. Anyone have any ideas? -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
