All of lore.kernel.org
 help / color / mirror / Atom feed
From: <kaskada@email.cz>
To: "Jeremy Sowden" <jeremy@azazel.net>
Cc: "Jan Engelhardt" <jengelh@inai.de>,
	"Netfilter Devel" <netfilter-devel@vger.kernel.org>
Subject: Re: [xtables-addons] xt_ipp2p: add ipv6 module alias
Date: Fri, 01 Oct 2021 21:39:56 +0200 (CEST)	[thread overview]
Message-ID: <6px.aVLX.4UiUlbqe9QP.1XLsGC@seznam.cz> (raw)
In-Reply-To: YUOWFQUquE59aamm@azazel.net

[-- Attachment #1: Type: text/plain, Size: 5937 bytes --]

Hello again,

now I most likely found out where the problem was. Sometimes in the past I probably installed theese 2 packages with apt:
xtables-addons-common

xtables-addons-source


Until I removed them, I was not able to install/use xtables for IPv6 from source. But now, it seems it works. Thank you so much for your patience.


Pep.




---------- Původní e-mail ----------

Od: Jeremy Sowden <jeremy@azazel.net>

Komu: kaskada@email.cz

Datum: 16. 9. 2021 21:13:04

Předmět: Re: [xtables-addons] xt_ipp2p: add ipv6 module alias

On 2021-09-16, at 14:25:00 +0200, kaskada@email.cz wrote:

> How can I check where iptables/ip6tables searches for plugins/modules

> please?

>

> Actually the problem is not with iptables but with ip6tables. I can

> use IPP2P module on the same Debian with no problems with iptables,

> but ip6tables give this error (still the same):

>

> ip6tables -t mangle -A PREROUTING -m ipp2p --dc -j ACCEPT

> ip6tables v1.8.4 (legacy): Couldn't load match `ipp2p':No such file or

> directory

>

> Try `ip6tables -h' or 'ip6tables --help' for more information.

>

> BTW I`m using legacy (not nf_tables) iptables and ip6tables (changed

> with update-alternatives --config iptables, update-alternatives

> --config ip6tables).



xtables-addons installs the following kernel modules:



  /lib/modules/4.19.0-17-amd64/extra/compat_xtables.ko

  /lib/modules/4.19.0-17-amd64/extra/xt_ACCOUNT.ko

  /lib/modules/4.19.0-17-amd64/extra/xt_CHAOS.ko

  /lib/modules/4.19.0-17-amd64/extra/xt_condition.ko

  /lib/modules/4.19.0-17-amd64/extra/xt_DELUDE.ko

  /lib/modules/4.19.0-17-amd64/extra/xt_DHCPMAC.ko

  /lib/modules/4.19.0-17-amd64/extra/xt_DNETMAP.ko

  /lib/modules/4.19.0-17-amd64/extra/xt_ECHO.ko

  /lib/modules/4.19.0-17-amd64/extra/xt_fuzzy.ko

  /lib/modules/4.19.0-17-amd64/extra/xt_geoip.ko

  /lib/modules/4.19.0-17-amd64/extra/xt_iface.ko

  /lib/modules/4.19.0-17-amd64/extra/xt_IPMARK.ko

  /lib/modules/4.19.0-17-amd64/extra/xt_ipp2p.ko

  /lib/modules/4.19.0-17-amd64/extra/xt_ipv4options.ko

  /lib/modules/4.19.0-17-amd64/extra/xt_length2.ko

  /lib/modules/4.19.0-17-amd64/extra/xt_LOGMARK.ko

  /lib/modules/4.19.0-17-amd64/extra/xt_lscan.ko

  /lib/modules/4.19.0-17-amd64/extra/xt_pknock.ko

  /lib/modules/4.19.0-17-amd64/extra/xt_PROTO.ko

  /lib/modules/4.19.0-17-amd64/extra/xt_psd.ko

  /lib/modules/4.19.0-17-amd64/extra/xt_quota2.ko

  /lib/modules/4.19.0-17-amd64/extra/xt_SYSRQ.ko

  /lib/modules/4.19.0-17-amd64/extra/xt_TARPIT.ko



and the following user-space libraries:



  /usr/lib/x86_64-linux-gnu/xtables/libxt_ACCOUNT.so

  /usr/lib/x86_64-linux-gnu/xtables/libxt_CHAOS.so

  /usr/lib/x86_64-linux-gnu/xtables/libxt_condition.so

  /usr/lib/x86_64-linux-gnu/xtables/libxt_DELUDE.so

  /usr/lib/x86_64-linux-gnu/xtables/libxt_dhcpmac.so

  /usr/lib/x86_64-linux-gnu/xtables/libxt_DHCPMAC.so

  /usr/lib/x86_64-linux-gnu/xtables/libxt_DNETMAP.so

  /usr/lib/x86_64-linux-gnu/xtables/libxt_ECHO.so

  /usr/lib/x86_64-linux-gnu/xtables/libxt_fuzzy.so

  /usr/lib/x86_64-linux-gnu/xtables/libxt_geoip.so

  /usr/lib/x86_64-linux-gnu/xtables/libxt_gradm.so

  /usr/lib/x86_64-linux-gnu/xtables/libxt_iface.so

  /usr/lib/x86_64-linux-gnu/xtables/libxt_IPMARK.so

  /usr/lib/x86_64-linux-gnu/xtables/libxt_ipp2p.so

  /usr/lib/x86_64-linux-gnu/xtables/libxt_ipv4options.so

  /usr/lib/x86_64-linux-gnu/xtables/libxt_length2.so

  /usr/lib/x86_64-linux-gnu/xtables/libxt_LOGMARK.so

  /usr/lib/x86_64-linux-gnu/xtables/libxt_lscan.so

  /usr/lib/x86_64-linux-gnu/xtables/libxt_pknock.so

  /usr/lib/x86_64-linux-gnu/xtables/libxt_PROTO.so

  /usr/lib/x86_64-linux-gnu/xtables/libxt_psd.so

  /usr/lib/x86_64-linux-gnu/xtables/libxt_quota2.so

  /usr/lib/x86_64-linux-gnu/xtables/libxt_SYSRQ.so

  /usr/lib/x86_64-linux-gnu/xtables/libxt_TARPIT.so



Make sure you're not using the xt_ipp2p.ko kernel module:



  $ sudo ip6tables-legacy -F -t mangle

  $ sudo iptables-legacy -F -t mangle



Make sure you don't have xt_ipp2p.ko loaded:



  $ sudo modprobe -r xt_ipp2p



Make sure the files don't exists on your box:



  $ sudo rm /lib/modules/4.19.0-17-amd64/extra/xt_ipp2p.ko

  $ sudo rm /usr/lib/x86_64-linux-gnu/xtables/libxt_ipp2p.so



Run depmod:



  $ sudo depmod -av | awk '$1 ~ /xt_ipp2p/'



Make sure you've got the latest source checked out and pristine:



  $ git clean -d -f -x

  $ git reset --hard master

  HEAD is now at f144c2e xt_ipp2p: replace redundant ipp2p_addr

  $ git pull --rebase origin master

  From https://git.inai.de/xtables-addons

   * branch            master     -> FETCH_HEAD

  Already up to date.

  Current branch master is up to date.

  $ git log -1

  commit f144c2ebba17aa4c6b8d402623d53b655945be76 (HEAD -> master, origin/master, origin/HEAD)

  Author: Jan Engelhardt <jengelh@inai.de>

  Date:   Tue Sep 14 17:07:58 2021 +0200



      xt_ipp2p: replace redundant ipp2p_addr



Build and install it:



  $ ./autogen.sh

  $ ./configure

  $ make -j3

  $ sudo make install



Run depmod:



  $ sudo depmod -av | awk '$1 ~ /xt_ipp2p/'

  /lib/modules/4.19.0-17-amd64/extra/xt_ipp2p.ko needs "xt_unregister_matches": /lib/modules/4.19.0-17-amd64/kernel/net/netfilter/x_tables.ko

  /lib/modules/4.19.0-17-amd64/extra/xt_ipp2p.ko needs "HX_memmem": /lib/modules/4.19.0-17-amd64/extra/compat_xtables.ko



Use the extension:



  $ sudo ip6tables-legacy -t mangle -A PREROUTING -m ipp2p --dc -j ACCEPT

  $ sudo ip6tables-legacy -t mangle -L PREROUTING

  Chain PREROUTING (policy ACCEPT)

  target     prot opt source               destination

  ACCEPT     all      anywhere             anywhere             -m ipp2p  --dc



J.


[-- Attachment #2: Výstřižek.PNG --]
[-- Type: image/png, Size: 31889 bytes --]

  parent reply	other threads:[~2021-10-01 19:40 UTC|newest]

Thread overview: 8+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-09-14 14:09 [xtables-addons] xt_ipp2p: add ipv6 module alias Jeremy Sowden
2021-09-14 15:08 ` Jan Engelhardt
     [not found] ` <33D.aVMp.3L4gqjighB0.1XGFsS@seznam.cz>
2021-09-15 14:55   ` Jeremy Sowden
     [not found]     ` <FA.Zu6V.5ytypyKnDSO.1XGXsj@seznam.cz>
2021-09-15 17:24       ` Jan Engelhardt
     [not found]         ` <14d.aVM5.6eKrJXfu}0l.1XGpUS@seznam.cz>
2021-09-16 19:08           ` Jeremy Sowden
2021-09-17 17:02             ` kaskada
2021-10-01 19:39             ` kaskada [this message]
2021-10-01 19:48               ` Jeremy Sowden

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=6px.aVLX.4UiUlbqe9QP.1XLsGC@seznam.cz \
    --to=kaskada@email.cz \
    --cc=jengelh@inai.de \
    --cc=jeremy@azazel.net \
    --cc=netfilter-devel@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.