On Mon, Jun 29, 2009 at 9:14 PM, Patrick McHardy<kaber@xxxxxxxxx> wrote:
> Nishit Shah wrote:
>>
>> On Mon, Jun 29, 2009 at 8:28 PM, Patrick McHardy<kaber@xxxxxxxxx> wrote:
>>>
>>> Nishit Shah wrote:
>>>>
>>>> On Mon, Jun 29, 2009 at 7:51 PM, Richard
>>>> Horton<arimus.uk@xxxxxxxxxxxxxx>
>>>> wrote:
>>>>>
>>>>> 2009/6/29 Nishit Shah <nsshah.82@xxxxxxxxx>:
>>>>>>
>>>>>> Hi,
>>>>>> I am compiling arptables-v0.0.3-3/arptables-v0.0.3-2 on
>>>>>> fedora6,7,8/centos 5/redhat 5. Module is compiled successfully.
>>>>>> Following are the simple steps.
>>>
>>> Which kernel versions (the lowest) are these running?
>>>
>>
>> lowest is 2.6.18.
>
> Ah, I remember, we had some breakage with of the ARPT codes with the
> introduction of x_tables in 2.6.16. Please try to figure out the
> difference of those values between working and non-working state
> (ARPT_CONTINUE, ARPT_RETURN etc.)
>
Bingo !!!
It is due to the value of ARPT_RETURN. ARPT_RETURN defined in
arptables-v0.0.3-3 is
./include/linux/netfilter_arp/arp_tables.h:#define ARPT_RETURN
(-NF_MAX_VERDICT - 1)
and value of NF_MAX_VERDICT is different on machine running with gcc
2.96/glibc 2.2.4 and above all machines.
value of NF_MAX_VERDICT on machine running gcc 2.96 and glibc 2.2.4,
/usr/include/linux/netfilter.h:#define NF_MAX_VERDICT NF_REPEAT
and same file on all above machines,
/usr/include/linux/netfilter.h:#define NF_MAX_VERDICT NF_STOP
Thanks Patrick :)
Rgds,
Nishit Shah.
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
