Hello all,
I came across this problem when runing iptables-1.3.7 on 2.6.19 and 2.6.20
kernel(MCF5329):
ip_tables: ERROR target: invalid size 30 != 32
which comes from:
xt_check_target() (net/netfilter/x_tables.c)
if (XT_ALIGN(target->targetsize) != size) {
printk("%s_tables: %s target: invalid size %Zu != %u\n",
xt_prefix[family], target->name,
XT_ALIGN(target->targetsize), size);
return -EINVAL;
}
I noticed that in libiptc/libiptc.c(iptables-1.3.7) ipt_error_target is
defined as:
struct ipt_error_target
{
STRUCT_ENTRY_TARGET t;
char error[TABLE_MAXNAMELEN];
};
while in the kernel it defined as:
struct ipt_error_target
{
struct ipt_entry_target target;
char errorname[IPT_FUNCTION_MAXNAMELEN];
};
in net/ipv4/netfilter/ip_tables.c there is another:
static struct ipt_target ipt_error_target = {
.name = IPT_ERROR_TARGET,
.target = ipt_error,
.targetsize = IPT_FUNCTION_MAXNAMELEN,
.family = AF_INET,
};
TABLE_MAXNAMELEN and IPT_FUNCTION_MAXNAMELEN are not equal!!!
Is this a bug? Who can tell me which one is correct?
thanks,
--
David
davidwu@xxxxxxxxxxxxxxxxxxxx
