Re: [BUGS?: 2.6.0test4] iptables and tc problems

From: Harald Welte
Date: Tue Sep 02 2003 - 15:23:39 EST

Next message: Jamie Lokier: "Re: x86, ARM, PARISC, PPC, MIPS and Sparc folks please run this"
Previous message: Tolentino, Matthew E: "RE: [UPDATED PATCH] EFI support for ia32 kernels"
In reply to: Jose Luis Domingo Lopez: "Re: [BUGS?: 2.6.0test4] iptables and tc problems"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Sep 01, 2003 at 02:28:18PM +0200, Nico Schottelius wrote:

> Then trying to match the ftp connections
> bruehe:~# iptables -A OUTPUT -m owner --uid-owner 0 -j ACCEPT
> iptables: Invalid argument
> bruehe:~# iptables -t mangle -A POSTROUTING -o ppp0 -m owner --uid-owner 1001 -j MARK --set-mark 55
> iptables: Invalid argument
>
> Why does iptables or the kernel not accept that?

you will most likely have to recompile your iptables userspace program.
The owner match has recently undergone some changes in the structure
used for communication between kernel and userspace.

btw: you can easily match ftp data sessions (if you use
ip_conntrack_ftp) by matching with "-m helper --helper ftp"

please direct netfilter/iptables related questions to
netfilter@xxxxxxxxxxxxxxxxxxx in the future.

> Greetings,
> Nico

--
- Harald Welte <laforge@xxxxxxxxxxxx> http://www.gnumonks.org/
============================================================================
Programming is like sex: One mistake and you have to support it your lifetime

Attachment: pgp00001.pgp
Description: PGP signature

Next message: Jamie Lokier: "Re: x86, ARM, PARISC, PPC, MIPS and Sparc folks please run this"
Previous message: Tolentino, Matthew E: "RE: [UPDATED PATCH] EFI support for ia32 kernels"
In reply to: Jose Luis Domingo Lopez: "Re: [BUGS?: 2.6.0test4] iptables and tc problems"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]