On 2021-09-14, at 09:46:20 +0200, kaskada@xxxxxxxx wrote:
> On 13. 9. 2021, at 21:53:43, Jeremy Sowden wrote:
> > `ip_transport_len` and `ipv6_transport_len` were introduced in 5.1.
> > They are both single-statement static inline functions, so add
> > fall-back implementations for compatibility with older kernels.
>
> now it is possible to compile the source on Debian 10 (kernel
> 4.19.0-17-amd64), but when I run:
>
> $ ip6tables -t mangle -A PREROUTING -m ipp2p --dc -j ACCEPT
>
> I still get this error:
>
> ip6tables v1.8.4 (legacy): Couldn't load match `ipp2p':No such file or directory
> Try `ip6tables -h' or 'ip6tables --help' for more information.
>
> When I run it with strace:
>
> $ strace ip6tables -t mangle -A PREROUTING -m ipp2p --dc -j ACCEPT
> [...]
> stat("/usr/lib/x86_64-linux-gnu/xtables/libip6t_ipp2p.so", 0x7fff3562dea0) = -1 ENOENT (Adresář nebo soubor neexistuje)
>
> It says this (it seems that
> "/usr/lib/x86_64-linux-gnu/xtables/libip6t_ipp2p.so" is missing, which
> is a bit suspicious).
It tries libip6t_ipp2p.so first, which fails, ...
> stat("/usr/lib/x86_64-linux-gnu/xtables/libxt_ipp2p.so", {st_mode=S_IFREG|0755, st_size=33512, ...}) = 0
> brk(NULL) = 0x562ecafdb000
> brk(0x562ecaffc000) = 0x562ecaffc000
> openat(AT_FDCWD, "/usr/lib/x86_64-linux-gnu/xtables/libxt_ipp2p.so", O_RDONLY|O_CLOEXEC) = 3
... and then libxt_ipp2p.so, which succeeds.
> read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0p\20\0\0\0\0\0\0"..., 832) = 832
> fstat(3, {st_mode=S_IFREG|0755, st_size=33512, ...}) = 0
> mmap(NULL, 16680, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f902e63a000
> mmap(0x7f902e63b000, 4096, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1000) = 0x7f902e63b000
> mmap(0x7f902e63c000, 4096, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2000) = 0x7f902e63c000
> mmap(0x7f902e63d000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2000) = 0x7f902e63d000
> close(3) = 0
> mprotect(0x7f902e63d000, 4096, PROT_READ) = 0
> socket(AF_INET6, SOCK_RAW, IPPROTO_RAW) = 3
> fcntl(3, F_SETFD, FD_CLOEXEC) = 0
> lstat("/proc/net/ip6_tables_names", {st_mode=S_IFREG|0440, st_size=0, ...}) = 0
> statfs("/proc/net/ip6_tables_names", {f_type=PROC_SUPER_MAGIC, f_bsize=4096, f_blocks=0, f_bfree=0, f_bavail=0, f_files=0, f_ffree=0, f_fsid={val=[0, 0]}, f_namelen=255, f_frsize=4096, f_flags=ST_VALID|ST_NOSUID|ST_NODEV|ST_NOEXEC|ST_RELATIME}) = 0
> getsockopt(3, SOL_IPV6, IP6T_SO_GET_REVISION_MATCH, 0x7fff3562ddb0, [30]) = -1 ENOENT (Adresář nebo soubor neexistuje)
This is the problem. The kernel is reporting that it could not find an
ipv6 version. That's because I forgot to add an ipv6 module alias. I
will send a patch shortly.
J.
Attachment:
signature.asc
Description: PGP signature
