[mdlug] iptables question

David Relson relson at osagesoftware.com
Thu Mar 22 23:46:17 EDT 2007 

On Thu, 22 Mar 2007 22:13:30 -0400 (EDT)
Carl T. Miller wrote:

> David Relson wrote:
> > Any further ideas?
> 
> Of course the first thing I want to ask is if you changed anything.
> Perhaps installed a new patch or update for anything to do with
> the kernel, networking, drivers or iptables?
> 
> Why don't you try running:
> 
> sh -x /usr/sbin/netmasq > netmasq.log 2>&1
> 
> It might give a clue to know which line is causing the problem.
> 
> c

Hi Carl,

The problem line was in my original post. It's:

  /sbin/iptables -t nat -A masq_eth1 -o eth1 -j MASQUERADE

and the strace output (posted earlier) shows the point at which things
fail.

As a test, I just restarted eth1 and reran netmasq, i.e.:

  netmasq -q ; ifdown eth1 ; ifup eth1 ; netmasq

Below is (somewhat) cleaned up strace output (with the full strace
output (from MASQUERADE onwards) in the attached file.  Interestingly,
the strace man page says "EINVAL" is returned for a bad parameter
length.  I wonder how _that_ could occur.

execve("/sbin/iptables", ["/sbin/iptables", "-t", "nat", "-A",
"masq_eth1", "-o", "eth1", "-j", "MASQUERADE"], [/* 52 vars */]) = 0

uname({sys="Linux", node="nic.osagesoftware.com", ...}) = 0

...[snip]...

open("/lib/iptables/libipt_MASQUERADE.so", O_RDONLY) = 3
read(3, "\177ELF\1\1\1\0", 512) = 512
fstat64(3, {st_mode=S_IFREG|0755, st_size=3152, ...}) = 0
old_mmap(NULL, 6592, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3,
0) = 0x40018000 
old_mmap(0x40019000, 4096, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0) = 0x40019000
close(3)                                = 0 
socket(PF_INET, SOCK_RAW,
IPPROTO_RAW)  = 3 
getsockopt(3, SOL_IP, 0x40 /* IP_??? */, "nat\0",
[84]) = 0 
getsockopt(3, SOL_IP, 0x41 /* IP_??? */, "nat\0", [1748]) = 0
setsockopt(3, SOL_IP, 0x40 /* IP_??? */, "nat\0", 1968) = -1 EINVAL
(Invalid argument) write(2, "iptables: Invalid argument\n", 27) = 27
exit_group(1)                           = ?


You asked about system updates.  The machine has been up for 279 days.
Some packages were updated in January.  I'll check the package lists to
see what was done.

David
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: strace.0322.2307.txt
URL: <http://mdlug.org/pipermail/mdlug/attachments/20070322/4f0b7a02/attachment-0001.txt>

More information about the mdlug mailing list