Hello, I'm using iptables 1.3.0 on an embedded MIPS platform (AMD
Alchemy db1100). The kernel I am using is a CVS checkout from
linux-mips.org and is roughly equivalent to 2.6.11-rc2. I am also using
gcc 3.4.3 and fairly recent uClibc. This may be a kernel specific
problem, but I wanted to probe to see if anyone else has experienced
these problems or might have some insights.
I can insert the ip_tables and iptable_nat modules fine. But the
following iptables command fails:
# iptables -t nat -F
iptables v1.3.0: can't initialize iptables table `nat': Memory
allocation problem
Perhaps iptables or your kernel needs to be upgraded.
I did an strace and came up with the attached output. Of particular
interest is this call:
old_mmap(NULL, 1651212288, PROT_READ|PROT_WRITE, MAP_PRIVATE|
MAP_ANONYMOUS, 0, 0) = -1 ENOMEM (Cannot allocate memory)
Wow, seems something is trying to mmap over 1.6GB of data. If anyone
has any tips on why this is happening I would appreciate the input.
Best regards,
Josh Green
# strace iptables -t nat -F
execve("/usr/sbin/iptables", ["iptables", "-t", "nat", "-F"], [/* 16 vars */]) = 0
ioctl(0, TIOCNXCL, {B115200 opost isig icanon -echo ...}) = 0
ioctl(1, TIOCNXCL, {B115200 opost isig icanon -echo ...}) = 0
socket(PF_INET, SOCK_RAW, IPPROTO_RAW) = 4
getsockopt(4, SOL_IP, 0x40 /* IP_??? */, "nat\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., [84]) = 0
brk(0) = 0x10007000
brk(0x10008000) = 0x10008000
old_mmap(NULL, 1651212288, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, 0, 0) = -1 ENOMEM (Cannot allocate memory)
brk(0x726bf000) = 0x10008000
old_mmap(NULL, 1651212288, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, 0, 0) = -1 ENOMEM (Cannot allocate memory)
close(4) = 0
open("/proc/sys/kernel/modprobe", O_RDONLY) = 4
read(4, "/sbin/modprobe\n", 1024) = 15
close(4) = 0
fork() = 1041
wait4(-1, [WIFEXITED(s) && WEXITSTATUS(s) == 0], 0, NULL) = 1041
--- SIGCHLD (Child exited) @ 0 (0) ---
socket(PF_INET, SOCK_RAW, IPPROTO_RAW) = 4
getsockopt(4, SOL_IP, 0x40 /* IP_??? */, "nat\0\0\0\0\0\0\0\0\0\0\0\0\0\340\256\0\20\0\0\0\0\30\4"..., [84]) = 0
old_mmap(NULL, 1651212288, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, 0, 0) = -1 ENOMEM (Cannot allocate memory)
brk(0x726bf000) = 0x10008000
old_mmap(NULL, 1651212288, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, 0, 0) = -1 ENOMEM (Cannot allocate memory)
close(4) = 0
write(2, "iptables", 8iptables) = 8
write(2, " v", 2 v) = 2
write(2, "1.3.0", 51.3.0) = 5
write(2, ": ", 2: ) = 2
write(2, "can\'t initialize iptables table "..., 33can't initialize iptables table `) = 33
write(2, "nat", 3nat) = 3
write(2, "\': ", 3': ) = 3
write(2, "Memory allocation problem", 25Memory allocation problem) = 25
write(2, "\n", 1
) = 1
write(2, "Perhaps iptables or your kernel "..., 54Perhaps iptables or your kernel needs to be upgraded.
) = 54
exit(3) = ?
Attachment:
signature.asc
Description: This is a digitally signed message part
