Re: iptables: Unknown error 4294967295

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

I was getting this too, and my problem was related to the fact that my kernel 
was configued with CONFIG_NETFILTER_NETLINK=m. I changed that to a "y" and my
UNKNOWN ERROR went away. And yes, I was loading the module at the right time 
in my /etc/modules, but that didn't seem to make a difference to netfilter.



On Monday 25 September 2006 17:41, Yasuyuki KOZAKAI wrote:
> Hello,
>
> From: Lindsay Haisley <fmouse-netfilter@xxxxxxx>
> Date: Mon, 25 Sep 2006 19:03:01 -0500
>
> > When I execute the following:
> >
> > iptables -t nat -I PREROUTING -s 10.8.0.1 -i tap0 -j SNAT --to-source
> > 216.110.12.105
> >
> > ... I'm getting the error:
> >
> > iptables: Unknown error 4294967295
> >
> > (4294967295 = an unsigned representation of a signed long int of -1)
> >
> > Running this under strace shows the following:
> >
> >
> > mmap2(NULL, 7648, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) =
> > 0xb7fbb000
> > mmap2(0xb7fbc000, 4096, PROT_READ|PROT_WRITE,
> > MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0) = 0xb7fbc000 close(3)         
> >                       = 0
> > socket(PF_INET, SOCK_RAW, IPPROTO_RAW)  = 3
> > getsockopt(3, SOL_IP, 0x40 /* IP_??? */,
> > "nat\0\1\0\0\0\335g\21\300\0\0\0\0\224\313F\300\1\0\0\0"..., [84]) = 0
> > getsockopt(3, SOL_IP, 0x41 /* IP_??? */,
> > "nat\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., [656]) = 0
> > setsockopt(3, SOL_IP, 0x40 /* IP_??? */,
> > "nat\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 876) = -1
> > EINVAL (Invalid argument) write(2, "iptables: Unknown error 42949672"...,
> > 35iptables: Unknown error 4294967295 ) = 35
> > exit_group(1)                           = ?
> > Process 10231 detached
> >
> > Apprently the error is originating in a malformed socket option call. 
> > What's happening here, and how can I fix it?   I'm running kernel
> > 2.6.17-gentoo-r4, iptables v1.3.5.
> >
> > I have about every possible kernel netfilter capability compiled as a
> > module, or built into the kernel.
>
> Is your iptables 32bit binary and do you run it on 64bit kernel ?
> And did syslog output anything ?
>
> -- Yasuyuki Kozakai

-- 
Alan Ezust            www.presinet.com
Presinet, inc         alan.ezust@xxxxxxxxxxxx
           Victoria, BC,Canada

Attachment: pgp2SJFsqYSDE.pgp
Description: PGP signature

[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux