[clug] "target problem" with iptables and TARPIT
Alex Satrapa
grail at goldweb.com.au
Wed Dec 1 22:22:43 GMT 2004
I've got a strange problem with iptables from Debian testing - I
compiled in TARPIT support for a 2.4.27 kernel, but when I try to
implement a rule using TARPIT I get a message that simply says,
"iptables: Target problem":
> [root at here]# strace iptables -I FORWARD 8 --source 203.210.128.0/17 -j
> TARPIT
> execve("/sbin/iptables", ["iptables", "-I", "FORWARD", "8",
> "--source", "203.210.128.0/17", "-j", "TARPIT"], [/* 22 vars */]) = 0
> uname({sys="Linux", node="pauling", ...}) = 0
> brk(0) = 0x80548d0
> old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS,
> -1, 0) = 0x40017000
> access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or
> directory)
> open("/etc/ld.so.preload", O_RDONLY) = -1 ENOENT (No such file or
> directory)
> open("/etc/ld.so.cache", O_RDONLY) = 3
> fstat64(3, {st_mode=S_IFREG|0644, st_size=15728, ...}) = 0
> old_mmap(NULL, 15728, PROT_READ, MAP_PRIVATE, 3, 0) = 0x40018000
> close(3) = 0
> access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or
> directory)
> open("/lib/libdl.so.2", O_RDONLY) = 3
> read(3,
> "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0p\34\0\000"..., 512) =
> 512
> fstat64(3, {st_mode=S_IFREG|0644, st_size=9872, ...}) = 0
> old_mmap(NULL, 8632, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) =
> 0x4001c000
> old_mmap(0x4001e000, 4096, PROT_READ|PROT_WRITE,
> MAP_PRIVATE|MAP_FIXED, 3, 0x2000) = 0x4001e000
> close(3) = 0
> access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or
> directory)
> open("/lib/libnsl.so.1", O_RDONLY) = 3
> read(3,
> "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0000<\0\000"..., 512) =
> 512
> fstat64(3, {st_mode=S_IFREG|0644, st_size=73528, ...}) = 0
> old_mmap(NULL, 84864, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) =
> 0x4001f000
> old_mmap(0x40031000, 4096, PROT_READ|PROT_WRITE,
> MAP_PRIVATE|MAP_FIXED, 3, 0x11000) = 0x40031000
> old_mmap(0x40032000, 7040, PROT_READ|PROT_WRITE,
> MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x40032000
> close(3) = 0
> access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or
> directory)
> open("/lib/libc.so.6", O_RDONLY) = 3
> read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\200^\1"...,
> 512) = 512
> fstat64(3, {st_mode=S_IFREG|0644, st_size=1244080, ...}) = 0
> old_mmap(NULL, 1254244, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) =
> 0x40034000
> old_mmap(0x4015c000, 32768, PROT_READ|PROT_WRITE,
> MAP_PRIVATE|MAP_FIXED, 3, 0x127000) = 0x4015c000
> old_mmap(0x40164000, 9060, PROT_READ|PROT_WRITE,
> MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x40164000
> close(3) = 0
> old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS,
> -1, 0) = 0x40167000
> munmap(0x40018000, 15728) = 0
> brk(0) = 0x80548d0
> brk(0x80758d0) = 0x80758d0
> brk(0) = 0x80758d0
> brk(0x8076000) = 0x8076000
> open("/lib/iptables/libipt_TARPIT.so", O_RDONLY) = 3
> read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\260\3\0"...,
> 512) = 512
> fstat64(3, {st_mode=S_IFREG|0644, st_size=2104, ...}) = 0
> old_mmap(NULL, 5564, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) =
> 0x40018000
> old_mmap(0x40019000, 4096, PROT_READ|PROT_WRITE,
> MAP_PRIVATE|MAP_FIXED, 3, 0) = 0x40019000
> close(3) = 0
> socket(PF_INET, SOCK_RAW, IPPROTO_RAW) = 3
> getsockopt(3, SOL_IP, 0x40 /* IP_??? */, "filter\0\0\0
> \351\342\0\0\0\0\263\22\22\300\5\0\0\0\0\0"..., [84]) = 0
> getsockopt(3, SOL_IP, 0x41 /* IP_??? */,
> "filter\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., [17532])
> = 0
> setsockopt(3, SOL_IP, 0x40 /* IP_??? */,
> "filter\0@\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 17732) =
> -1 EINVAL (Invalid argument)
> write(2, "iptables: Target problem\n", 25iptables: Target problem
> ) = 25
> exit_group(1) = ?
Other rules/modules work fine - I've got ipt_MASQUERADE, ipt_REDIRECT
and ipt_REJECT loaded and they're actually being used.
Any suggestions as to what could be causing the problem?
Alex
More information about the linux
mailing list