We are porting some old code that was running on the 2.6.15 kernel with iptables 1.3.4. This code needs some iptables rules to be in place. I have installed iptables 1.4.0 on Ubuntu 7.10 (kernel 2.6.22) now. When I define the rules set as follows: iptables -t mangle -N CLASS_1 iptables -t mangle -N REV_CLASS_1 iptables -t mangle -N NON_TCP_CHAIN iptables -t mangle -N DOWNLINK_SYN_CHAIN iptables -t mangle -N TCP_SYN_CHAIN iptables -t mangle -N TCP_DOWNLINK_CHAIN iptables -t mangle -A CLASS_1 -j MARK --set-mark 0x1 iptables -t mangle -A CLASS_1 -j QUEUE iptables -t mangle -A REV_CLASS_1 -j MARK --set-mark 0x80000001 iptables -t mangle -A REV_CLASS_1 -j QUEUE iptables -t mangle -A NON_TCP_CHAIN -m mark --mark 0x80000000 -j REV_CLASS_1 iptables -t mangle -A NON_TCP_CHAIN -p udp -j QUEUE iptables -t mangle -A NON_TCP_CHAIN -j CLASS_1 iptables -t mangle -A TCP_SYN_CHAIN -m mark --mark 0x80000000 -j DOWNLINK_SYN_CHAIN iptables -t mangle -A DOWNLINK_SYN_CHAIN -j REV_CLASS_1 iptables -t mangle -A TCP_SYN_CHAIN -j CLASS_1 iptables -t mangle -A TCP_DOWNLINK_CHAIN -j REV_CLASS_1 iptables -t mangle -A TCP_DOWNLINK_CHAIN -j QUEUE iptables -t mangle -A FORWARD -p ! tcp -j NON_TCP_CHAIN -------------------------------------------------------------------------------------------------------------- iptables -t mangle -A FORWARD -p tcp --tcp-flags SYN,RST,ACK SYN -j TCP_SYN_CHAIN ------------------------------------------------------------------------------------------------------------- iptables -t mangle -A FORWARD -m mark --mark 0x80000000 -j TCP_DOWNLINK_CHAIN iptables -t mangle -A FORWARD -j CLASS_1 When I get to the line that is separated above, I get the following error: iptables: Too many levels of symbolic links Any ideas on how to fix this problem? Thanks, Pedram -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
