Hi, Trying to compile a simple kernel module using netfilter hooks, I am getting the following wierd errors and lots many like these. Also nf_hook_ops structure is not found at /usr/include/netfilter.h , i had to specifically include /usr/src/linux2.4.20-8/include/linux/netfilter.h. Why is this happening, any clues ? in file included from hooks.c:16: /usr/include/linux/in.h:114: parse error before "sa_family_t" /usr/include/linux/in.h:121: parse error before '}' token In file included from /usr/include/linux/fs.h:23, from /usr/include/linux/capability.h:17, from /usr/include/linux/binfmts.h:5, from /usr/include/linux/sched.h:9, from /usr/include/linux/skbuff.h:19, from hooks.c:18: /usr/include/linux/string.h:8:2: warning: #warning Using kernel header in userland! In file included from /usr/include/linux/sched.h:14, from /usr/include/linux/skbuff.h:19, from hooks.c:18: /usr/include/linux/timex.h:173: field `time' has incomplete type In file included from /usr/include/linux/bitops.h:69, from /usr/include/asm/system.h:7, from /usr/include/linux/sched.h:16, from /usr/include/linux/skbuff.h:19 thanks Amit Andreas Scherrer <fortytwo@xxxxxx>@lists.netfilter.org on 05/19/2004 09:07:21 PM Sent by: netfilter-admin@xxxxxxxxxxxxxxxxxxx To: netfilter@xxxxxxxxxxxxxxxxxxx cc: Subject: (Fake?) DHC-Packets penetrating firewall Hi I am experiencing a strange problem (at least it seems strange to me ;)). I have a server which has two NICs (eth0 = external, eth1 = internal) running kernel 2.4.18 and performing NAT. I use 10.0.1.x IPs in my internal net. Recently a (fake?) DHCP-Server turned up somewhere (on the same broadband link, I use cable?) which sends me _a lot_ of DHCPOFFERS and the like _which I don't think I requested_ and (says it has?) a 10.x.x.x IP. So I listed it in my dhclient.conf as "reject server". This seems to work because I can see log entries in /var/log/daemon.log (see attachment "daemon.txt"). So I went on and entered a rule in my iptables which (I thought) would keep those packets away from me. But no luck, I can see packets "hanging" in the rule (using iptables -v -L) but the log entries in /var/log/daemon.log keep showing up! So something is wrong with my rule, I thought and closed everything, just to check (see attachement "fire.sh", my dummy firewall script and "iptables?.txt"). And now the log entries _still appear_. WHY? I don't get it... The attachements: daemon.txt - tail of /var/log/daemon.log, these entries were created while the fire.sh ipchains were active fire.sh - a cut-down version of my real firewall-script (just DROPs everything, I think) iptables.txt - a $iptables -v -L while the fire.sh "firewall" was active iptables2.txt - like iptables.txt, but a few seconds (10?) later Can you help me? greenhorn (See attached file: daemon.txt)(See attached file: fire.sh) (See attached file: iptables.txt) (See attached file: iptables2.txt)
May 19 17:01:34 wgsurf dhclient-2.2.x: DHCPOFFER from 10.224.96.1 rejected. May 19 17:01:34 wgsurf dhclient-2.2.x: DHCPACK from 10.224.96.1 rejected. May 19 17:01:35 wgsurf dhclient-2.2.x: DHCPOFFER from 10.224.96.1 rejected. May 19 17:01:36 wgsurf dhclient-2.2.x: DHCPACK from 10.224.96.1 rejected. May 19 17:02:07 wgsurf last message repeated 5 times May 19 17:02:07 wgsurf dhclient-2.2.x: DHCPACK from 10.224.96.1 rejected. May 19 17:02:17 wgsurf dhclient-2.2.x: DHCPOFFER from 10.224.96.1 rejected. May 19 17:02:18 wgsurf dhclient-2.2.x: DHCPACK from 10.224.96.1 rejected. May 19 17:02:18 wgsurf dhclient-2.2.x: DHCPACK from 10.224.96.1 rejected. May 19 17:02:30 wgsurf dhclient-2.2.x: DHCPOFFER from 10.224.96.1 rejected.
Attachment:
fire.sh
Description: Binary data
Chain INPUT (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
55 5382 drop-and-log-it all -- any any anywhere anywhere
Chain FORWARD (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 drop-and-log-it all -- any any anywhere anywhere
Chain OUTPUT (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
6 282 drop-and-log-it all -- any any anywhere anywhere
Chain drop-and-log-it (3 references)
pkts bytes target prot opt in out source destination
61 5664 LOG all -- any any anywhere anywhere LOG level warning
61 5664 DROP all -- any any anywhere anywhere
Chain INPUT (policy DROP 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 289 25038 drop-and-log-it all -- any any anywhere anywhere Chain FORWARD (policy DROP 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 39 2702 drop-and-log-it all -- any any anywhere anywhere Chain OUTPUT (policy DROP 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 11 628 drop-and-log-it all -- any any anywhere anywhere Chain drop-and-log-it (3 references) pkts bytes target prot opt in out source destination 339 28368 LOG all -- any any anywhere anywhere LOG level warning 339 28368 DROP all -- any any anywhere anywhere
