On Mon, Jun 29, 2009 at 9:48 PM, Nishit Shah<nsshah.82@xxxxxxxxx> wrote: > On Mon, Jun 29, 2009 at 9:14 PM, Patrick McHardy<kaber@xxxxxxxxx> wrote: >> Nishit Shah wrote: >>> >>> On Mon, Jun 29, 2009 at 8:28 PM, Patrick McHardy<kaber@xxxxxxxxx> wrote: >>>> >>>> Nishit Shah wrote: >>>>> >>>>> On Mon, Jun 29, 2009 at 7:51 PM, Richard >>>>> Horton<arimus.uk@xxxxxxxxxxxxxx> >>>>> wrote: >>>>>> >>>>>> 2009/6/29 Nishit Shah <nsshah.82@xxxxxxxxx>: >>>>>>> >>>>>>> Hi, >>>>>>> I am compiling arptables-v0.0.3-3/arptables-v0.0.3-2 on >>>>>>> fedora6,7,8/centos 5/redhat 5. Module is compiled successfully. >>>>>>> Following are the simple steps. >>>> >>>> Which kernel versions (the lowest) are these running? >>>> >>> >>> lowest is 2.6.18. >> >> Ah, I remember, we had some breakage with of the ARPT codes with the >> introduction of x_tables in 2.6.16. Please try to figure out the >> difference of those values between working and non-working state >> (ARPT_CONTINUE, ARPT_RETURN etc.) >> > > Bingo !!! > > It is due to the value of ARPT_RETURN. ARPT_RETURN defined in > arptables-v0.0.3-3 is > > ./include/linux/netfilter_arp/arp_tables.h:#define ARPT_RETURN > (-NF_MAX_VERDICT - 1) > > and value of NF_MAX_VERDICT is different on machine running with gcc > 2.96/glibc 2.2.4 and above all machines. > > value of NF_MAX_VERDICT on machine running gcc 2.96 and glibc 2.2.4, > > /usr/include/linux/netfilter.h:#define NF_MAX_VERDICT NF_REPEAT > > and same file on all above machines, > > /usr/include/linux/netfilter.h:#define NF_MAX_VERDICT NF_STOP > > Thanks Patrick :) > > Rgds, > Nishit Shah. > I am adding the patch for the same. Rgds, Nishit Shah.
Attachment:
arpt-return-fix.patch
Description: Binary data
