Re: ULOG: invalid argument

Re: ULOG: invalid argument

[T. Take]

Hi, Mr. Stearns.

thank you for replying me.

>	The command you're using would normally be run from a script.
>Would you please check the values of $OUTER_PORT and $INNER_IP and make
>sure they're valid?
>	The rest looks good, assuming your kernel and iptables binary have
>ULOG support.
>	Cheers,
>	- Bill
>

I checked the values by changing $OUTER_PORT and $INNER_PORT to eth0 and 
192.168.1.0/24 respectively. But, I got the same output "invalid argument"

I'm sure that I set "ULOG target support" as a module when I compiled 
kernel, so I think my kernel have ULOG support. And I don't know how to 
check the iptalbe binary have ULOG support.

_________________________________________________________________
友達と24時間ホットライン「MSN メッセンジャー」、今すぐダウンロード！  
http://messenger.msn.co.jp 

ip_queue question

[Ahmad Almulhem]

Hi all,

I am trying to run 2 program to
use ip_queue module at the same time. 

I basically start the first program 
and it runs fine receiving packets 
correctly. I then run the second 
program, which prints the following 
error:

"Received error message 16"

and keeps running without receiving
any packets!

The two programs that I am running are
snort inline and my code based on the
sample which comes with libipq(3).
Both programs runs fine when run alone.
I only get this problem when I try to run
them together.

My question: does libipq module support
more than one program at one time? is
there any options I should set when
modprobe ip_queue?

thank u for ur help,

ahamd



__________________________________
Do you Yahoo!?
Yahoo! Mail SpamGuard - Read only the mail you want.
http://antispam.yahoo.com/tools

Re: ULOG: invalid argument

[William Stearns]

Good day, T.,

On Fri, 20 Feb 2004, T. Take wrote:

> Hi, Mr. Stearns.
> 
> thank you for replying me.

	You're quite welcome.

> >	The command you're using would normally be run from a script.
> >Would you please check the values of $OUTER_PORT and $INNER_IP and make
> >sure they're valid?
> >	The rest looks good, assuming your kernel and iptables binary have
> >ULOG support.
> 
> I checked the values by changing $OUTER_PORT and $INNER_PORT to eth0 and 
> 192.168.1.0/24 respectively. But, I got the same output "invalid argument"
> 
> I'm sure that I set "ULOG target support" as a module when I compiled 
> kernel, so I think my kernel have ULOG support. And I don't know how to 
> check the iptalbe binary have ULOG support.

	One quick check is to type:

iptables -j ULOG -h

	which should show the help text for the ULOG module at the end if 
your binary has support for ULOG.
	The iptables binary support is generally provided as a module.  
Where this is found depends on the compile time options used, but on a 
Redhat stock system it's found as /lib/iptables/libipt_ULOG.so (worst 
case, do a "locate libipt_ULOG.so").  That module not only provides the 
help text but also all the code necessary to parse command line options 
and actually insert your request to _use_ the ULOG kernel module into the 
kernel.

	If you don't have that file, you'll need to compile the iptables
binary.  The source code is available from
ftp://ftp.netfilter.org/pub/iptables/ (I personally get the snapshots, but
for critical systems you might want to stick with the last released
1.2.9).  The INSTALL file should provide enough hints of what you need to 
do.
	Cheers,
	- Bill

---------------------------------------------------------------------------
        "Absence diminishes mediocre passions and increases great ones,
as the wind blows out candles and fans fires."
        -- La Rochefoucauld
--------------------------------------------------------------------------
William Stearns (wstearns@pobox.com).  Mason, Buildkernel, freedups, p0f,
rsync-backup, ssh-keyinstall, dns-check, more at:   http://www.stearns.org
--------------------------------------------------------------------------

Re: ULOG: invalid argument

[T. Take]

Hi. Thank you for your answers.

On Fri, 5 Mar 2004, Michelle Konzack wrote:
>
> > Am 2004-03-05 18:51:06, schrieb Jozsef Kadlecsik:
> > >On Fri, 5 Mar 2004, Michelle Konzack wrote:
> > >
> > >> >> # iptables: Invalid argment (the same error)
> > >> >
> > >> >Please make sure there is no iptables binary from your distribution 
which
> > >> >precedes in PATH the iptables binary installed from source.
> > >                        ^^^^^^^^^^^^^^^
> > >> This is not possibel, because he use the Debian nativ-system.
> > >> ...he has not written that he has used
> > >> apt-get install ulogd
> > >                  ^^^^^
> >
> > False, you have overread the line above...
> > He has done an
> >
> > apt-get build-dep ulogd
> > apt-get -b source ulogd
> >
> > which I was talking about. The 'iptables' from WOODY are working fine
>
>Please, an error message returned by iptables has nothing to do with the
>ulog daemon, let it run on the system at all or not.
>
>Best regards,
>Jozsef

I didn't write about installing ulogd, but I have done it.

#apt-get build-dep ulogd
#apt-get -b source ulogd
#dpkg -i ulogd-1.0.2.deb
(sometimes i used "-f" option.)

And then, I have installed iptable-1.2.9 in the same way.
(I checked the messages by "#iptables -V" and "#ulogd -V", and they are 
1.2.9 and 1.0.2)

In other words, maybe i succeded the version up of ulogd and iptables. But 
I cannot use ULOG
target.

Best regards,
T.Take

_________________________________________________________________
友達と24時間ホットライン「MSN メッセンジャー」、今すぐダウンロード！  
http://messenger.msn.co.jp 

Re: ULOG: invalid argument

[Jozsef Kadlecsik]

On Fri, 5 Mar 2004, Michelle Konzack wrote:

> Am 2004-03-05 18:51:06, schrieb Jozsef Kadlecsik:
> >On Fri, 5 Mar 2004, Michelle Konzack wrote:
> >
> >> >> # iptables: Invalid argment (the same error)
> >> >
> >> >Please make sure there is no iptables binary from your distribution which
> >> >precedes in PATH the iptables binary installed from source.
> >                        ^^^^^^^^^^^^^^^
> >> This is not possibel, because he use the Debian nativ-system.
> >> ...he has not written that he has used
> >> apt-get install ulogd
> >                  ^^^^^
>
> False, you have overread the line above...
> He has done an
>
> apt-get build-dep ulogd
> apt-get -b source ulogd
>
> which I was talking about. The 'iptables' from WOODY are working fine

Please, an error message returned by iptables has nothing to do with the
ulog daemon, let it run on the system at all or not.

Best regards,
Jozsef
-
E-mail  : kadlec@blackhole.kfki.hu, kadlec@sunserv.kfki.hu
PGP key : http://www.kfki.hu/~kadlec/pgp_public_key.txt
Address : KFKI Research Institute for Particle and Nuclear Physics
          H-1525 Budapest 114, POB. 49, Hungary

Re: ULOG: invalid argument

[Michelle Konzack]

Am 2004-03-05 18:51:06, schrieb Jozsef Kadlecsik:
>On Fri, 5 Mar 2004, Michelle Konzack wrote:
>
>> >> # iptables: Invalid argment (the same error)
>> >
>> >Please make sure there is no iptables binary from your distribution which
>> >precedes in PATH the iptables binary installed from source.
>                        ^^^^^^^^^^^^^^^
>
>> This is not possibel, because he use the Debian nativ-system.
>> ...he has not written that he has used
>> apt-get install ulogd
>                  ^^^^^

False, you have overread the line above...
He has done an 

apt-get build-dep ulogd
apt-get -b source ulogd

which I was talking about. The 'iptables' from WOODY are working fine

Maybe he has gorgotten to install it ;-)

Like me  =8<O

If you use the iptables-HOWTO and try the Target 'ULOG' it does not 
work, because the version of Debian GNU/Linux WOODY is to old. There 
is a lib missing. So you need to compile the source from SID which 
is the latest version of 'ulogd' and understand the options you give 
the Target 'ULOG'.

>> whitch will replace the originating version.
>
>Best regards,
>Jozsef

Greetings
Michelle

-- 
Registered Linux-User #280138 with the Linux Counter, http://counter.li.org/ 

Re: ULOG: invalid argument

[Jozsef Kadlecsik]

On Fri, 5 Mar 2004, Michelle Konzack wrote:

> >> # iptables: Invalid argment (the same error)
> >
> >Please make sure there is no iptables binary from your distribution which
> >precedes in PATH the iptables binary installed from source.
                        ^^^^^^^^^^^^^^^

> This is not possibel, because he use the Debian nativ-system.
> ...he has not written that he has used
> apt-get install ulogd
                  ^^^^^
> whitch will replace the originating version.

Best regards,
Jozsef
-
E-mail  : kadlec@blackhole.kfki.hu, kadlec@sunserv.kfki.hu
PGP key : http://www.kfki.hu/~kadlec/pgp_public_key.txt
Address : KFKI Research Institute for Particle and Nuclear Physics
          H-1525 Budapest 114, POB. 49, Hungary

Re: ULOG: invalid argument

[Michelle Konzack]

Am 2004-03-05 11:01:18, schrieb Jozsef Kadlecsik:
>On Fri, 5 Mar 2004, T. Take wrote:

>> As you explained to me, I have made the version of ulogd up to 1.02.
>> # apt-get build-dep ulogd
>> # .....
>> # apt-get -b source ulogd
>>
>> But, I cannot use target "ULOG".
>> # iptables: Invalid argment (the same error)
>
>Please make sure there is no iptables binary from your distribution which
>precedes in PATH the iptables binary installed from source.

This is not possibel, because he use the Debian nativ-system.
;-)

...he has not written that he has used 

apt-get install ulogd
;-)

whitch will replace the originating version.

>Best regards,
>Jozsef

Greetings
Michelle

-- 
Registered Linux-User #280138 with the Linux Counter, http://counter.li.org/ 

Re: ULOG: invalid argument

[Jozsef Kadlecsik]

On Fri, 5 Mar 2004, T. Take wrote:

> Thank you for replying to me, and I'm sorry that I'm late fo answer to you.
>
> As you explained to me, I have made the version of ulogd up to 1.02.
> # apt-get build-dep ulogd
> # .....
> # apt-get -b source ulogd
>
> But, I cannot use target "ULOG".
> # iptables: Invalid argment (the same error)

Please make sure there is no iptables binary from your distribution which
precedes in PATH the iptables binary installed from source.

Best regards,
Jozsef
-
E-mail  : kadlec@blackhole.kfki.hu, kadlec@sunserv.kfki.hu
PGP key : http://www.kfki.hu/~kadlec/pgp_public_key.txt
Address : KFKI Research Institute for Particle and Nuclear Physics
          H-1525 Budapest 114, POB. 49, Hungary

Re: ULOG: invalid argument

[T. Take]

Hi, Mr. Konzack.

Thank you for replying to me, and I'm sorry that I'm late fo answer to you.

As you explained to me, I have made the version of ulogd up to 1.02.
# apt-get build-dep ulogd
# .....
# apt-get -b source ulogd

But, I cannot use target "ULOG".
# iptables: Invalid argment (the same error)

Besides, I have made the version of iptables up to 1.2.9, but cannot.

Greetings
T.Take

>From: Michelle Konzack <linux4michelle@freenet.de>
>To: netfilter@lists.netfilter.org
>CC: netfilter@lists.netfilter.org
>Subject: Re: ULOG:  invalid argument
>Date: Thu, 26 Feb 2004 02:40:18 +0100
>
>Am 2004-02-19 20:46:12, schrieb T. Take:
> >I cannot use "ULOG".
> >
> >#iptables -A INPUT -i $OUTER_PORT -s $INNER_IP -j ULOG --ulog-nlgroup 32
> >--ulog-prefix "spoofed packet "
> >#iptables: Invalid argument
> >
> >Although I updated iptables to version 1.2.9 and installed ulogd by 
apt-get
> >install (Debian),  I have not used ULOG yet. And there is ipt_ULOG.o in
> >"/lib/modules/2.4.24/kernel/net/ipv4/netfilter".
> >
> >Did you have the same problem about ULOG?
> >I hope your advises.
>
>I had he same problem...
>
>It is NOT an iptables problem/bug !!!
>
>It is the ULOG Package from WOODY !!!
>
>It is too old. put the source from unstable
>in your /etc/apt/sources.list like
>
>deb-src ftp://ftp.debian.org/debian unstable main
>
>Then make a
>
>apt-get build-dep ulogd
>
>and last not least a
>
>apt-get -b source ulogd
>
>It will compile automaticly and install ist.
>
>Have fun with 'iptables' and 'ulogd'
>
>Greetings
>Michelle
>
>--
>Registered Linux-User #280138 with the Linux Counter, 
http://counter.li.org/
>

_________________________________________________________________
友達と24時間ホットライン「MSN メッセンジャー」、今すぐダウンロード！  
http://messenger.msn.co.jp 

Re: ULOG: invalid argument

[Michelle Konzack]

Am 2004-02-19 20:46:12, schrieb T. Take:
>I cannot use "ULOG".
>
>#iptables -A INPUT -i $OUTER_PORT -s $INNER_IP -j ULOG --ulog-nlgroup 32 
>--ulog-prefix "spoofed packet "
>#iptables: Invalid argument
>
>Although I updated iptables to version 1.2.9 and installed ulogd by apt-get 
>install (Debian),  I have not used ULOG yet. And there is ipt_ULOG.o in 
>"/lib/modules/2.4.24/kernel/net/ipv4/netfilter".
>
>Did you have the same problem about ULOG?
>I hope your advises.

I had he same problem...

It is NOT an iptables problem/bug !!!

It is the ULOG Package from WOODY !!! 

It is too old. put the source from unstable 
in your /etc/apt/sources.list like

deb-src ftp://ftp.debian.org/debian unstable main

Then make a 

apt-get build-dep ulogd

and last not least a 

apt-get -b source ulogd

It will compile automaticly and install ist.

Have fun with 'iptables' and 'ulogd'

Greetings
Michelle

-- 
Registered Linux-User #280138 with the Linux Counter, http://counter.li.org/ 

Re: ULOG: invalid argument

[T. Take]

Hi, Mr Stearns. 

Thank you for explaining it in detail.

>	One quick check is to type:
>
>iptables -j ULOG -h
>
>	which should show the help text for the ULOG module at the end if
>your binary has support for ULOG.

As you write above,  the command shows the help.

>	The iptables binary support is generally provided as a module.
>Where this is found depends on the compile time options used, but on a
>Redhat stock system it's found as /lib/iptables/libipt_ULOG.so (worst
>case, do a "locate libipt_ULOG.so").  That module not only provides the
>help text but also all the code necessary to parse command line options
>and actually insert your request to _use_ the ULOG kernel module into the
>kernel.

I checked that there was /lib/iptables/libipt_ULOG.so.

Judging from the two points that you teached me, iptables in my system 
seems to support ULOG.

>
>	If you don't have that file, you'll need to compile the iptables
>binary.  The source code is available from
>ftp://ftp.netfilter.org/pub/iptables/ (I personally get the snapshots, but
>for critical systems you might want to stick with the last released
>1.2.9).  The INSTALL file should provide enough hints of what you need to
>do.

The other day, I updated iptables to 1.2.9. But, I haven't resolved the 
problem yet.

Best regards.

_________________________________________________________________
友達と24時間ホットライン「MSN メッセンジャー」、今すぐダウンロード！  
http://messenger.msn.co.jp 

Re: ULOG: invalid argument

[William Stearns]

Good morning, T.,

On Thu, 19 Feb 2004, T. Take wrote:

> I cannot use "ULOG".
> 
> #iptables -A INPUT -i $OUTER_PORT -s $INNER_IP -j ULOG --ulog-nlgroup 32 
> --ulog-prefix "spoofed packet "
> #iptables: Invalid argument
> 
> Although I updated iptables to version 1.2.9 and installed ulogd by apt-get 
> install (Debian),  I have not used ULOG yet. And there is ipt_ULOG.o in 
> "/lib/modules/2.4.24/kernel/net/ipv4/netfilter".
> 
> Did you have the same problem about ULOG?
> I hope your advises.

	The command you're using would normally be run from a script.  
Would you please check the values of $OUTER_PORT and $INNER_IP and make 
sure they're valid?
	The rest looks good, assuming your kernel and iptables binary have
ULOG support.
	Cheers,
	- Bill

---------------------------------------------------------------------------
	"As a computer I find your faith in technology amusing."
(Courtesy of Gerhard Mack <gmack@imag.net>)
--------------------------------------------------------------------------
William Stearns (wstearns@pobox.com).  Mason, Buildkernel, freedups, p0f,
rsync-backup, ssh-keyinstall, dns-check, more at:   http://www.stearns.org
--------------------------------------------------------------------------

ULOG: invalid argument

[T. Take]

I cannot use "ULOG".

#iptables -A INPUT -i $OUTER_PORT -s $INNER_IP -j ULOG --ulog-nlgroup 32 
--ulog-prefix "spoofed packet "
#iptables: Invalid argument

Although I updated iptables to version 1.2.9 and installed ulogd by apt-get 
install (Debian),  I have not used ULOG yet. And there is ipt_ULOG.o in 
"/lib/modules/2.4.24/kernel/net/ipv4/netfilter".

Did you have the same problem about ULOG?
I hope your advises.

_________________________________________________________________
友達と24時間ホットライン「MSN メッセンジャー」、今すぐダウンロード！  
http://messenger.msn.co.jp