* Re: ULOG: invalid argument
@ 2004-02-20 5:53 T. Take
2004-02-20 9:02 ` ip_queue question Ahmad Almulhem
2004-02-20 14:16 ` ULOG: invalid argument William Stearns
0 siblings, 2 replies; 14+ messages in thread
From: T. Take @ 2004-02-20 5:53 UTC (permalink / raw)
To: netfilter
Hi, Mr. Stearns.
thank you for replying me.
> The command you're using would normally be run from a script.
>Would you please check the values of $OUTER_PORT and $INNER_IP and make
>sure they're valid?
> The rest looks good, assuming your kernel and iptables binary have
>ULOG support.
> Cheers,
> - Bill
>
I checked the values by changing $OUTER_PORT and $INNER_PORT to eth0 and
192.168.1.0/24 respectively. But, I got the same output "invalid argument"
I'm sure that I set "ULOG target support" as a module when I compiled
kernel, so I think my kernel have ULOG support. And I don't know how to
check the iptalbe binary have ULOG support.
_________________________________________________________________
友達と24時間ホットライン「MSN メッセンジャー」、今すぐダウンロード!
http://messenger.msn.co.jp
^ permalink raw reply [flat|nested] 14+ messages in thread
* ip_queue question
2004-02-20 5:53 ULOG: invalid argument T. Take
@ 2004-02-20 9:02 ` Ahmad Almulhem
2004-02-20 14:16 ` ULOG: invalid argument William Stearns
1 sibling, 0 replies; 14+ messages in thread
From: Ahmad Almulhem @ 2004-02-20 9:02 UTC (permalink / raw)
To: netfilter
Hi all,
I am trying to run 2 program to
use ip_queue module at the same time.
I basically start the first program
and it runs fine receiving packets
correctly. I then run the second
program, which prints the following
error:
"Received error message 16"
and keeps running without receiving
any packets!
The two programs that I am running are
snort inline and my code based on the
sample which comes with libipq(3).
Both programs runs fine when run alone.
I only get this problem when I try to run
them together.
My question: does libipq module support
more than one program at one time? is
there any options I should set when
modprobe ip_queue?
thank u for ur help,
ahamd
__________________________________
Do you Yahoo!?
Yahoo! Mail SpamGuard - Read only the mail you want.
http://antispam.yahoo.com/tools
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: ULOG: invalid argument
2004-02-20 5:53 ULOG: invalid argument T. Take
2004-02-20 9:02 ` ip_queue question Ahmad Almulhem
@ 2004-02-20 14:16 ` William Stearns
1 sibling, 0 replies; 14+ messages in thread
From: William Stearns @ 2004-02-20 14:16 UTC (permalink / raw)
To: T. Take; +Cc: ML-netfilter, William Stearns
Good day, T.,
On Fri, 20 Feb 2004, T. Take wrote:
> Hi, Mr. Stearns.
>
> thank you for replying me.
You're quite welcome.
> > The command you're using would normally be run from a script.
> >Would you please check the values of $OUTER_PORT and $INNER_IP and make
> >sure they're valid?
> > The rest looks good, assuming your kernel and iptables binary have
> >ULOG support.
>
> I checked the values by changing $OUTER_PORT and $INNER_PORT to eth0 and
> 192.168.1.0/24 respectively. But, I got the same output "invalid argument"
>
> I'm sure that I set "ULOG target support" as a module when I compiled
> kernel, so I think my kernel have ULOG support. And I don't know how to
> check the iptalbe binary have ULOG support.
One quick check is to type:
iptables -j ULOG -h
which should show the help text for the ULOG module at the end if
your binary has support for ULOG.
The iptables binary support is generally provided as a module.
Where this is found depends on the compile time options used, but on a
Redhat stock system it's found as /lib/iptables/libipt_ULOG.so (worst
case, do a "locate libipt_ULOG.so"). That module not only provides the
help text but also all the code necessary to parse command line options
and actually insert your request to _use_ the ULOG kernel module into the
kernel.
If you don't have that file, you'll need to compile the iptables
binary. The source code is available from
ftp://ftp.netfilter.org/pub/iptables/ (I personally get the snapshots, but
for critical systems you might want to stick with the last released
1.2.9). The INSTALL file should provide enough hints of what you need to
do.
Cheers,
- Bill
---------------------------------------------------------------------------
"Absence diminishes mediocre passions and increases great ones,
as the wind blows out candles and fans fires."
-- La Rochefoucauld
--------------------------------------------------------------------------
William Stearns (wstearns@pobox.com). Mason, Buildkernel, freedups, p0f,
rsync-backup, ssh-keyinstall, dns-check, more at: http://www.stearns.org
--------------------------------------------------------------------------
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: ULOG: invalid argument
@ 2004-03-06 10:25 T. Take
0 siblings, 0 replies; 14+ messages in thread
From: T. Take @ 2004-03-06 10:25 UTC (permalink / raw)
To: netfilter
Hi. Thank you for your answers.
On Fri, 5 Mar 2004, Michelle Konzack wrote:
>
> > Am 2004-03-05 18:51:06, schrieb Jozsef Kadlecsik:
> > >On Fri, 5 Mar 2004, Michelle Konzack wrote:
> > >
> > >> >> # iptables: Invalid argment (the same error)
> > >> >
> > >> >Please make sure there is no iptables binary from your distribution
which
> > >> >precedes in PATH the iptables binary installed from source.
> > > ^^^^^^^^^^^^^^^
> > >> This is not possibel, because he use the Debian nativ-system.
> > >> ...he has not written that he has used
> > >> apt-get install ulogd
> > > ^^^^^
> >
> > False, you have overread the line above...
> > He has done an
> >
> > apt-get build-dep ulogd
> > apt-get -b source ulogd
> >
> > which I was talking about. The 'iptables' from WOODY are working fine
>
>Please, an error message returned by iptables has nothing to do with the
>ulog daemon, let it run on the system at all or not.
>
>Best regards,
>Jozsef
I didn't write about installing ulogd, but I have done it.
#apt-get build-dep ulogd
#apt-get -b source ulogd
#dpkg -i ulogd-1.0.2.deb
(sometimes i used "-f" option.)
And then, I have installed iptable-1.2.9 in the same way.
(I checked the messages by "#iptables -V" and "#ulogd -V", and they are
1.2.9 and 1.0.2)
In other words, maybe i succeded the version up of ulogd and iptables. But
I cannot use ULOG
target.
Best regards,
T.Take
_________________________________________________________________
友達と24時間ホットライン「MSN メッセンジャー」、今すぐダウンロード!
http://messenger.msn.co.jp
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: ULOG: invalid argument
2004-03-05 18:14 ` Michelle Konzack
@ 2004-03-05 19:30 ` Jozsef Kadlecsik
0 siblings, 0 replies; 14+ messages in thread
From: Jozsef Kadlecsik @ 2004-03-05 19:30 UTC (permalink / raw)
To: Michelle Konzack; +Cc: netfilter
On Fri, 5 Mar 2004, Michelle Konzack wrote:
> Am 2004-03-05 18:51:06, schrieb Jozsef Kadlecsik:
> >On Fri, 5 Mar 2004, Michelle Konzack wrote:
> >
> >> >> # iptables: Invalid argment (the same error)
> >> >
> >> >Please make sure there is no iptables binary from your distribution which
> >> >precedes in PATH the iptables binary installed from source.
> > ^^^^^^^^^^^^^^^
> >> This is not possibel, because he use the Debian nativ-system.
> >> ...he has not written that he has used
> >> apt-get install ulogd
> > ^^^^^
>
> False, you have overread the line above...
> He has done an
>
> apt-get build-dep ulogd
> apt-get -b source ulogd
>
> which I was talking about. The 'iptables' from WOODY are working fine
Please, an error message returned by iptables has nothing to do with the
ulog daemon, let it run on the system at all or not.
Best regards,
Jozsef
-
E-mail : kadlec@blackhole.kfki.hu, kadlec@sunserv.kfki.hu
PGP key : http://www.kfki.hu/~kadlec/pgp_public_key.txt
Address : KFKI Research Institute for Particle and Nuclear Physics
H-1525 Budapest 114, POB. 49, Hungary
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: ULOG: invalid argument
2004-03-05 17:51 ` Jozsef Kadlecsik
@ 2004-03-05 18:14 ` Michelle Konzack
2004-03-05 19:30 ` Jozsef Kadlecsik
0 siblings, 1 reply; 14+ messages in thread
From: Michelle Konzack @ 2004-03-05 18:14 UTC (permalink / raw)
To: netfilter
Am 2004-03-05 18:51:06, schrieb Jozsef Kadlecsik:
>On Fri, 5 Mar 2004, Michelle Konzack wrote:
>
>> >> # iptables: Invalid argment (the same error)
>> >
>> >Please make sure there is no iptables binary from your distribution which
>> >precedes in PATH the iptables binary installed from source.
> ^^^^^^^^^^^^^^^
>
>> This is not possibel, because he use the Debian nativ-system.
>> ...he has not written that he has used
>> apt-get install ulogd
> ^^^^^
False, you have overread the line above...
He has done an
apt-get build-dep ulogd
apt-get -b source ulogd
which I was talking about. The 'iptables' from WOODY are working fine
Maybe he has gorgotten to install it ;-)
Like me =8<O
If you use the iptables-HOWTO and try the Target 'ULOG' it does not
work, because the version of Debian GNU/Linux WOODY is to old. There
is a lib missing. So you need to compile the source from SID which
is the latest version of 'ulogd' and understand the options you give
the Target 'ULOG'.
>> whitch will replace the originating version.
>
>Best regards,
>Jozsef
Greetings
Michelle
--
Registered Linux-User #280138 with the Linux Counter, http://counter.li.org/
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: ULOG: invalid argument
2004-03-05 17:44 ` Michelle Konzack
@ 2004-03-05 17:51 ` Jozsef Kadlecsik
2004-03-05 18:14 ` Michelle Konzack
0 siblings, 1 reply; 14+ messages in thread
From: Jozsef Kadlecsik @ 2004-03-05 17:51 UTC (permalink / raw)
To: Michelle Konzack; +Cc: netfilter
On Fri, 5 Mar 2004, Michelle Konzack wrote:
> >> # iptables: Invalid argment (the same error)
> >
> >Please make sure there is no iptables binary from your distribution which
> >precedes in PATH the iptables binary installed from source.
^^^^^^^^^^^^^^^
> This is not possibel, because he use the Debian nativ-system.
> ...he has not written that he has used
> apt-get install ulogd
^^^^^
> whitch will replace the originating version.
Best regards,
Jozsef
-
E-mail : kadlec@blackhole.kfki.hu, kadlec@sunserv.kfki.hu
PGP key : http://www.kfki.hu/~kadlec/pgp_public_key.txt
Address : KFKI Research Institute for Particle and Nuclear Physics
H-1525 Budapest 114, POB. 49, Hungary
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: ULOG: invalid argument
2004-03-05 10:01 ` Jozsef Kadlecsik
@ 2004-03-05 17:44 ` Michelle Konzack
2004-03-05 17:51 ` Jozsef Kadlecsik
0 siblings, 1 reply; 14+ messages in thread
From: Michelle Konzack @ 2004-03-05 17:44 UTC (permalink / raw)
To: netfilter
Am 2004-03-05 11:01:18, schrieb Jozsef Kadlecsik:
>On Fri, 5 Mar 2004, T. Take wrote:
>> As you explained to me, I have made the version of ulogd up to 1.02.
>> # apt-get build-dep ulogd
>> # .....
>> # apt-get -b source ulogd
>>
>> But, I cannot use target "ULOG".
>> # iptables: Invalid argment (the same error)
>
>Please make sure there is no iptables binary from your distribution which
>precedes in PATH the iptables binary installed from source.
This is not possibel, because he use the Debian nativ-system.
;-)
...he has not written that he has used
apt-get install ulogd
;-)
whitch will replace the originating version.
>Best regards,
>Jozsef
Greetings
Michelle
--
Registered Linux-User #280138 with the Linux Counter, http://counter.li.org/
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: ULOG: invalid argument
2004-03-05 9:53 T. Take
@ 2004-03-05 10:01 ` Jozsef Kadlecsik
2004-03-05 17:44 ` Michelle Konzack
0 siblings, 1 reply; 14+ messages in thread
From: Jozsef Kadlecsik @ 2004-03-05 10:01 UTC (permalink / raw)
To: T. Take; +Cc: netfilter
On Fri, 5 Mar 2004, T. Take wrote:
> Thank you for replying to me, and I'm sorry that I'm late fo answer to you.
>
> As you explained to me, I have made the version of ulogd up to 1.02.
> # apt-get build-dep ulogd
> # .....
> # apt-get -b source ulogd
>
> But, I cannot use target "ULOG".
> # iptables: Invalid argment (the same error)
Please make sure there is no iptables binary from your distribution which
precedes in PATH the iptables binary installed from source.
Best regards,
Jozsef
-
E-mail : kadlec@blackhole.kfki.hu, kadlec@sunserv.kfki.hu
PGP key : http://www.kfki.hu/~kadlec/pgp_public_key.txt
Address : KFKI Research Institute for Particle and Nuclear Physics
H-1525 Budapest 114, POB. 49, Hungary
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: ULOG: invalid argument
@ 2004-03-05 9:53 T. Take
2004-03-05 10:01 ` Jozsef Kadlecsik
0 siblings, 1 reply; 14+ messages in thread
From: T. Take @ 2004-03-05 9:53 UTC (permalink / raw)
To: netfilter
Hi, Mr. Konzack.
Thank you for replying to me, and I'm sorry that I'm late fo answer to you.
As you explained to me, I have made the version of ulogd up to 1.02.
# apt-get build-dep ulogd
# .....
# apt-get -b source ulogd
But, I cannot use target "ULOG".
# iptables: Invalid argment (the same error)
Besides, I have made the version of iptables up to 1.2.9, but cannot.
Greetings
T.Take
>From: Michelle Konzack <linux4michelle@freenet.de>
>To: netfilter@lists.netfilter.org
>CC: netfilter@lists.netfilter.org
>Subject: Re: ULOG: invalid argument
>Date: Thu, 26 Feb 2004 02:40:18 +0100
>
>Am 2004-02-19 20:46:12, schrieb T. Take:
> >I cannot use "ULOG".
> >
> >#iptables -A INPUT -i $OUTER_PORT -s $INNER_IP -j ULOG --ulog-nlgroup 32
> >--ulog-prefix "spoofed packet "
> >#iptables: Invalid argument
> >
> >Although I updated iptables to version 1.2.9 and installed ulogd by
apt-get
> >install (Debian), I have not used ULOG yet. And there is ipt_ULOG.o in
> >"/lib/modules/2.4.24/kernel/net/ipv4/netfilter".
> >
> >Did you have the same problem about ULOG?
> >I hope your advises.
>
>I had he same problem...
>
>It is NOT an iptables problem/bug !!!
>
>It is the ULOG Package from WOODY !!!
>
>It is too old. put the source from unstable
>in your /etc/apt/sources.list like
>
>deb-src ftp://ftp.debian.org/debian unstable main
>
>Then make a
>
>apt-get build-dep ulogd
>
>and last not least a
>
>apt-get -b source ulogd
>
>It will compile automaticly and install ist.
>
>Have fun with 'iptables' and 'ulogd'
>
>Greetings
>Michelle
>
>--
>Registered Linux-User #280138 with the Linux Counter,
http://counter.li.org/
>
_________________________________________________________________
友達と24時間ホットライン「MSN メッセンジャー」、今すぐダウンロード!
http://messenger.msn.co.jp
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: ULOG: invalid argument
2004-02-19 11:46 T. Take
2004-02-19 18:38 ` William Stearns
@ 2004-02-26 1:40 ` Michelle Konzack
1 sibling, 0 replies; 14+ messages in thread
From: Michelle Konzack @ 2004-02-26 1:40 UTC (permalink / raw)
Cc: netfilter
Am 2004-02-19 20:46:12, schrieb T. Take:
>I cannot use "ULOG".
>
>#iptables -A INPUT -i $OUTER_PORT -s $INNER_IP -j ULOG --ulog-nlgroup 32
>--ulog-prefix "spoofed packet "
>#iptables: Invalid argument
>
>Although I updated iptables to version 1.2.9 and installed ulogd by apt-get
>install (Debian), I have not used ULOG yet. And there is ipt_ULOG.o in
>"/lib/modules/2.4.24/kernel/net/ipv4/netfilter".
>
>Did you have the same problem about ULOG?
>I hope your advises.
I had he same problem...
It is NOT an iptables problem/bug !!!
It is the ULOG Package from WOODY !!!
It is too old. put the source from unstable
in your /etc/apt/sources.list like
deb-src ftp://ftp.debian.org/debian unstable main
Then make a
apt-get build-dep ulogd
and last not least a
apt-get -b source ulogd
It will compile automaticly and install ist.
Have fun with 'iptables' and 'ulogd'
Greetings
Michelle
--
Registered Linux-User #280138 with the Linux Counter, http://counter.li.org/
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: ULOG: invalid argument
@ 2004-02-22 6:28 T. Take
0 siblings, 0 replies; 14+ messages in thread
From: T. Take @ 2004-02-22 6:28 UTC (permalink / raw)
To: netfilter
Hi, Mr Stearns.
Thank you for explaining it in detail.
> One quick check is to type:
>
>iptables -j ULOG -h
>
> which should show the help text for the ULOG module at the end if
>your binary has support for ULOG.
As you write above, the command shows the help.
> The iptables binary support is generally provided as a module.
>Where this is found depends on the compile time options used, but on a
>Redhat stock system it's found as /lib/iptables/libipt_ULOG.so (worst
>case, do a "locate libipt_ULOG.so"). That module not only provides the
>help text but also all the code necessary to parse command line options
>and actually insert your request to _use_ the ULOG kernel module into the
>kernel.
I checked that there was /lib/iptables/libipt_ULOG.so.
Judging from the two points that you teached me, iptables in my system
seems to support ULOG.
>
> If you don't have that file, you'll need to compile the iptables
>binary. The source code is available from
>ftp://ftp.netfilter.org/pub/iptables/ (I personally get the snapshots, but
>for critical systems you might want to stick with the last released
>1.2.9). The INSTALL file should provide enough hints of what you need to
>do.
The other day, I updated iptables to 1.2.9. But, I haven't resolved the
problem yet.
Best regards.
_________________________________________________________________
友達と24時間ホットライン「MSN メッセンジャー」、今すぐダウンロード!
http://messenger.msn.co.jp
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: ULOG: invalid argument
2004-02-19 11:46 T. Take
@ 2004-02-19 18:38 ` William Stearns
2004-02-26 1:40 ` Michelle Konzack
1 sibling, 0 replies; 14+ messages in thread
From: William Stearns @ 2004-02-19 18:38 UTC (permalink / raw)
To: T. Take; +Cc: netfilter
Good morning, T.,
On Thu, 19 Feb 2004, T. Take wrote:
> I cannot use "ULOG".
>
> #iptables -A INPUT -i $OUTER_PORT -s $INNER_IP -j ULOG --ulog-nlgroup 32
> --ulog-prefix "spoofed packet "
> #iptables: Invalid argument
>
> Although I updated iptables to version 1.2.9 and installed ulogd by apt-get
> install (Debian), I have not used ULOG yet. And there is ipt_ULOG.o in
> "/lib/modules/2.4.24/kernel/net/ipv4/netfilter".
>
> Did you have the same problem about ULOG?
> I hope your advises.
The command you're using would normally be run from a script.
Would you please check the values of $OUTER_PORT and $INNER_IP and make
sure they're valid?
The rest looks good, assuming your kernel and iptables binary have
ULOG support.
Cheers,
- Bill
---------------------------------------------------------------------------
"As a computer I find your faith in technology amusing."
(Courtesy of Gerhard Mack <gmack@imag.net>)
--------------------------------------------------------------------------
William Stearns (wstearns@pobox.com). Mason, Buildkernel, freedups, p0f,
rsync-backup, ssh-keyinstall, dns-check, more at: http://www.stearns.org
--------------------------------------------------------------------------
^ permalink raw reply [flat|nested] 14+ messages in thread
* ULOG: invalid argument
@ 2004-02-19 11:46 T. Take
2004-02-19 18:38 ` William Stearns
2004-02-26 1:40 ` Michelle Konzack
0 siblings, 2 replies; 14+ messages in thread
From: T. Take @ 2004-02-19 11:46 UTC (permalink / raw)
To: netfilter
I cannot use "ULOG".
#iptables -A INPUT -i $OUTER_PORT -s $INNER_IP -j ULOG --ulog-nlgroup 32
--ulog-prefix "spoofed packet "
#iptables: Invalid argument
Although I updated iptables to version 1.2.9 and installed ulogd by apt-get
install (Debian), I have not used ULOG yet. And there is ipt_ULOG.o in
"/lib/modules/2.4.24/kernel/net/ipv4/netfilter".
Did you have the same problem about ULOG?
I hope your advises.
_________________________________________________________________
友達と24時間ホットライン「MSN メッセンジャー」、今すぐダウンロード!
http://messenger.msn.co.jp
^ permalink raw reply [flat|nested] 14+ messages in thread
end of thread, other threads:[~2004-03-06 10:25 UTC | newest]
Thread overview: 14+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2004-02-20 5:53 ULOG: invalid argument T. Take
2004-02-20 9:02 ` ip_queue question Ahmad Almulhem
2004-02-20 14:16 ` ULOG: invalid argument William Stearns
-- strict thread matches above, loose matches on Subject: below --
2004-03-06 10:25 T. Take
2004-03-05 9:53 T. Take
2004-03-05 10:01 ` Jozsef Kadlecsik
2004-03-05 17:44 ` Michelle Konzack
2004-03-05 17:51 ` Jozsef Kadlecsik
2004-03-05 18:14 ` Michelle Konzack
2004-03-05 19:30 ` Jozsef Kadlecsik
2004-02-22 6:28 T. Take
2004-02-19 11:46 T. Take
2004-02-19 18:38 ` William Stearns
2004-02-26 1:40 ` Michelle Konzack
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.