From: Eugene <john@sakh.com> To: sisyphus@lists.altlinux.org Subject: [sisyphus] и снова el-smp & ipset Date: Sun, 2 Oct 2011 20:13:18 +1100 Message-ID: <201110022013.18949.john@sakh.com> (raw) [-- Attachment #1: Type: text/plain, Size: 1083 bytes --] Добрый день Снова наткнулся на нездоровую вешь с ipset Имеем: # uname -a Linux asterisk.sakh.com 2.6.32-el-smp-alt27 #1 SMP Tue Sep 20 19:38:45 UTC 2011 x86_64 GNU/Linux # rpm -qa | grep ipset kernel-modules-ipset-el-smp-6.9.1-alt1.132640.27 ipset-6.9.1-alt2 Выполняем # ipset create TEST hash:ip # ipset list Name: TEST Type: hash:ip Header: family inet hashsize 1024 maxelem 65536 Size in memory: 16504 References: 0 Members: # ipset add TEST 192.168.0.1 # ipset list Name: TEST Type: hash:ip Header: family inet hashsize 1024 maxelem 65536 Size in memory: 16536 References: 0 Members: 192.168.0.1 # /sbin/iptables -N TEST_IPSET # /sbin/iptables -A TEST_IPSET -m set --match-set TEST dst -j ACCEPT iptables: Invalid argument. Run `dmesg' for more information. запуск dmesg ничего не дал, в /var/log/kernel пусто Пришлось снова откатиться на el-smp-alt24 -- С уважением, Серов Евгений E-mail: john@sakh.com UIN: 17777140 JID: Rep@sakhalin.name [-- Attachment #2: ipset.strace --] [-- Type: text/plain, Size: 6290 bytes --] execve("/sbin/iptables", ["/sbin/iptables", "-A", "TEST_IPSET", "-m", "set", "--match-set", "TEST", "dst", "-j", "ACCEPT"], [/* 31 vars */]) = 0 brk(0) = 0x1e13000 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f64efd9b000 access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory) open("/etc/ld.so.cache", O_RDONLY) = 3 fstat(3, {st_mode=S_IFREG|0644, st_size=55419, ...}) = 0 mmap(NULL, 55419, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f64efd8d000 close(3) = 0 open("/lib64/libip4tc.so.0", O_RDONLY) = 3 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0@\27\0\0\0\0\0\0"..., 832) = 832 fstat(3, {st_mode=S_IFREG|0644, st_size=26568, ...}) = 0 mmap(NULL, 2121936, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f64ef977000 fadvise64(3, 0, 2121936, POSIX_FADV_WILLNEED) = 0 mprotect(0x7f64ef97d000, 2093056, PROT_NONE) = 0 mmap(0x7f64efb7c000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x5000) = 0x7f64efb7c000 close(3) = 0 open("/lib64/libxtables.so.5", O_RDONLY) = 3 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\340&\0\0\0\0\0\0"..., 832) = 832 fstat(3, {st_mode=S_IFREG|0644, st_size=31200, ...}) = 0 mmap(NULL, 2127904, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f64ef76f000 fadvise64(3, 0, 2127904, POSIX_FADV_WILLNEED) = 0 mprotect(0x7f64ef776000, 2093056, PROT_NONE) = 0 mmap(0x7f64ef975000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x6000) = 0x7f64ef975000 close(3) = 0 open("/lib64/libc.so.6", O_RDONLY) = 3 read(3, "\177ELF\2\1\1\3\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0p\355\1\0\0\0\0\0"..., 832) = 832 fstat(3, {st_mode=S_IFREG|0755, st_size=1465744, ...}) = 0 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f64efd8c000 mmap(NULL, 3575400, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f64ef406000 fadvise64(3, 0, 3575400, POSIX_FADV_WILLNEED) = 0 mprotect(0x7f64ef565000, 2097152, PROT_NONE) = 0 mmap(0x7f64ef765000, 20480, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x15f000) = 0x7f64ef765000 mmap(0x7f64ef76a000, 20072, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f64ef76a000 close(3) = 0 open("/lib64/libdl.so.2", O_RDONLY) = 3 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\340\r\0\0\0\0\0\0"..., 832) = 832 fstat(3, {st_mode=S_IFREG|0755, st_size=14704, ...}) = 0 mmap(NULL, 2109704, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f64ef202000 fadvise64(3, 0, 2109704, POSIX_FADV_WILLNEED) = 0 mprotect(0x7f64ef204000, 2097152, PROT_NONE) = 0 mmap(0x7f64ef404000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2000) = 0x7f64ef404000 close(3) = 0 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f64efd8b000 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f64efd8a000 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f64efd89000 arch_prctl(ARCH_SET_FS, 0x7f64efd8a700) = 0 mprotect(0x7f64ef404000, 4096, PROT_READ) = 0 mprotect(0x7f64ef765000, 16384, PROT_READ) = 0 mprotect(0x7f64ef975000, 4096, PROT_READ) = 0 mprotect(0x7f64efb7c000, 4096, PROT_READ) = 0 mprotect(0x60b000, 4096, PROT_READ) = 0 mprotect(0x7f64efd9c000, 4096, PROT_READ) = 0 munmap(0x7f64efd8d000, 55419) = 0 brk(0) = 0x1e13000 brk(0x1e34000) = 0x1e34000 open("/lib64/iptables/libxt_set.so", O_RDONLY) = 3 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\360\v\0\0\0\0\0\0"..., 832) = 832 fstat(3, {st_mode=S_IFREG|0644, st_size=14560, ...}) = 0 mmap(NULL, 2109840, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f64eeffe000 fadvise64(3, 0, 2109840, POSIX_FADV_WILLNEED) = 0 mprotect(0x7f64ef000000, 2097152, PROT_NONE) = 0 mmap(0x7f64ef200000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2000) = 0x7f64ef200000 close(3) = 0 mprotect(0x7f64ef200000, 4096, PROT_READ) = 0 socket(PF_INET, SOCK_RAW, IPPROTO_RAW) = 3 open("/proc/sys/kernel/modprobe", O_RDONLY) = 4 read(4, "/sbin/modprobe\n", 4096) = 15 close(4) = 0 vfork() = 7495 wait4(-1, [{WIFEXITED(s) && WEXITSTATUS(s) == 1}], 0, NULL) = 7495 --- {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7495, si_status=1, si_utime=0, si_stime=0} (Child exited) --- getsockopt(3, SOL_IP, 0x42 /* IP_??? */, "set\0\0\0\0\0\217\372\377\356d\177\0\0\217\372\377\356d\177\0\0\217\372\377\356d\1", [30]) = 0 close(3) = 0 socket(PF_INET, SOCK_RAW, IPPROTO_RAW) = 3 getsockopt(3, SOL_IP, 0x53 /* IP_??? */, "\0\1\0\0\6\0\0\0", [8]) = 0 getsockopt(3, SOL_IP, 0x53 /* IP_??? */, "\6\0\0\0\6\0\0\0\0\0ST\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., [40]) = 0 close(3) = 0 open("/lib64/iptables/libxt_standard.so", O_RDONLY) = 3 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\360\5\0\0\0\0\0\0"..., 832) = 832 fstat(3, {st_mode=S_IFREG|0644, st_size=6152, ...}) = 0 mmap(NULL, 2101432, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f64eedfc000 fadvise64(3, 0, 2101432, POSIX_FADV_WILLNEED) = 0 mprotect(0x7f64eedfd000, 2093056, PROT_NONE) = 0 mmap(0x7f64eeffc000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0) = 0x7f64eeffc000 close(3) = 0 mprotect(0x7f64eeffc000, 4096, PROT_READ) = 0 socket(PF_INET, SOCK_RAW, IPPROTO_RAW) = 3 getsockopt(3, SOL_IP, 0x40 /* IP_??? */, "filter\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., [84]) = 0 getsockopt(3, SOL_IP, 0x41 /* IP_??? */, "filter\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., [13872]) = 0 setsockopt(3, SOL_IP, 0x40 /* IP_??? */, "filter\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 14120) = -1 EINVAL (Invalid argument) close(3) = 0 write(2, "iptables: Invalid argument. Run "..., 62) = 62 exit_group(1) = ?
next reply other threads:[~2011-10-02 9:13 UTC|newest] Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top 2011-10-02 9:13 Eugene [this message] 2011-10-03 10:33 ` Anton Farygin 2011-10-03 10:36 ` john 2011-10-03 10:59 ` Anton Farygin
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=201110022013.18949.john@sakh.com \ --to=john@sakh.com \ --cc=sisyphus@lists.altlinux.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: link
ALT Linux Sisyphus discussions This inbox may be cloned and mirrored by anyone: git clone --mirror http://lore.altlinux.org/sisyphus/0 sisyphus/git/0.git # If you have public-inbox 1.1+ installed, you may # initialize and index your mirror using the following commands: public-inbox-init -V2 sisyphus sisyphus/ http://lore.altlinux.org/sisyphus \ sisyphus@altlinux.ru sisyphus@altlinux.org sisyphus@lists.altlinux.org sisyphus@lists.altlinux.ru sisyphus@lists.altlinux.com sisyphus@linuxteam.iplabs.ru sisyphus@list.linux-os.ru public-inbox-index sisyphus Example config snippet for mirrors. Newsgroup available over NNTP: nntp://lore.altlinux.org/org.altlinux.lists.sisyphus AGPL code for this site: git clone https://public-inbox.org/public-inbox.git