[Bug 551748] New: invalid option message in iptables time module
http://bugzilla.novell.com/show_bug.cgi?id=551748 Summary: invalid option message in iptables time module Classification: openSUSE Product: openSUSE 11.2 Version: RC 2 Platform: i586 OS/Version: openSUSE 11.2 Status: NEW Severity: Normal Priority: P5 - None Component: Basesystem AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: support@microtechniques.com QAContact: qa@suse.de Found By: --- User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3 (.NET CLR 3.5.30729) One a system upgraded from SuSE 11.1 to 11.2 a number of my iptables scripts stated generating 'invalid argument' error messages. The scripts were not touched and work correctly previously. The FAQ on the iptables website has the following entry: You have just upgraded your kernel and suddenly some of the commands (especially in the 'nat' table), and you experience something like: # iptables -A POSTROUTING -t nat -o ppp0 -j MASQUERADE iptables: Invalid argument This happens when the structure size between kernel and userspace changes. You will need to recompile the iptables userspace program using the include files of your new kernel. This only happens if you (or the vendor of your kernel) has applied some patches either only to the old or only to the new kernel. It is not supposed to happen between vanilla kernel.org kernels. Reproducible: Always Steps to Reproduce: 1. 2. 3. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=551748 User meissner@novell.com added comment http://bugzilla.novell.com/show_bug.cgi?id=551748#c1 --- Comment #1 from Marcus Meissner <meissner@novell.com> 2009-11-02 03:25:56 MST --- what are "my iptables scripts". you should isolate the one line that causes this error. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=551748 User support@microtechniques.com added comment http://bugzilla.novell.com/show_bug.cgi?id=551748#c2 --- Comment #2 from Don Hughes <support@microtechniques.com> 2009-11-02 12:44:20 MST --- They just issue a number of firewall iptables commands. The following command is taken pretty much from the iptables documentation and can be entered at the command line: iptables -A FORWARD -m time --timestart 08:00 --timestop 08:30 --days Mon,Tue -d 10.168.1.1 -j DROP and in SuSE 11.2 it will respond with unknown option '--days' -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=551748 User jengelh@medozas.de added comment http://bugzilla.novell.com/show_bug.cgi?id=551748#c3 Jan Engelhardt <jengelh@medozas.de> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |jengelh@medozas.de --- Comment #3 from Jan Engelhardt <jengelh@medozas.de> 2009-11-09 06:18:01 MST --- I have no idea how you got to use --days anyway, given that the correct parameter name is --weekdays. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=551748 User jengelh@medozas.de added comment http://bugzilla.novell.com/show_bug.cgi?id=551748#c4 --- Comment #4 from Jan Engelhardt <jengelh@medozas.de> 2009-11-09 06:28:39 MST --- BTW, it also was --weekdays in openSUSE 11.1/iptables 1.4.1. In fact, it has been "--weekdays" ever since xt_time was added to iptables 1.4.x. The invalid argument error thus must stem from using (exactly one of) either an overly outdated version of iptables (< 1.3.8; 2006ish), or an overly outdated kernel. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=551748 User support@microtechniques.com added comment http://bugzilla.novell.com/show_bug.cgi?id=551748#c5 --- Comment #5 from Don Hughes <support@microtechniques.com> 2009-11-09 07:36:52 MST --- Thanks, It is possible that this has been failing for awhile and was just noticed because of a closer inspection of logs. --weekdays does work, however, the documentation accessed from the home page of netfilter.org (http://netfilter.org/documentation/HOWTO/netfilter-extensions-HOWTO-3.html), and all of the googled forums that I reviewed use --days -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=551748 User jengelh@medozas.de added comment http://bugzilla.novell.com/show_bug.cgi?id=551748#c6 --- Comment #6 from Jan Engelhardt <jengelh@medozas.de> 2009-11-09 07:42:18 MST --- Hm that HOWTO is totally outdated, and one is usually better off reading the manpage (which has improved visibly). In that regard, IMHO, SUSE should stop packaging that HOWTO. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=551748 User support@microtechniques.com added comment http://bugzilla.novell.com/show_bug.cgi?id=551748#c7 --- Comment #7 from Don Hughes <support@microtechniques.com> 2009-11-09 08:11:35 MST --- You are correct, the man page is very good, and much much better than when I tried to use it several years ago. You can close this issue. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=551748 User meissner@novell.com added comment http://bugzilla.novell.com/show_bug.cgi?id=551748#c8 Marcus Meissner <meissner@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- AssignedTo|bnc-team-screening@forge.pr |puzel@novell.com |ovo.novell.com | --- Comment #8 from Marcus Meissner <meissner@novell.com> 2009-11-12 00:52:21 MST --- but remove the HOWTO as suggested I think -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=551748 User puzel@novell.com added comment http://bugzilla.novell.com/show_bug.cgi?id=551748#c9 Petr Uzel <puzel@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |FIXED --- Comment #9 from Petr Uzel <puzel@novell.com> 2009-11-12 01:25:03 MST --- HOWTOs removed from Factory. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=551748 http://bugzilla.novell.com/show_bug.cgi?id=551748#c10 --- Comment #10 from Bernhard Wiedemann <bwiedemann@suse.com> --- This is an autogenerated message for OBS integration: This bug (551748) was mentioned in https://build.opensuse.org/request/show/24177 Factory / iptables -- You are receiving this mail because: You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@novell.com