NetFilter
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

ipt_error_target in kernel difers from that in user space and causing "i

from [David Wu] [Permanent Link][Original]
To: netfilter@lists.netfilter.org
Subject: ipt_error_target in kernel difers from that in user space and causing "ip_tables: ERROR target: invalid size 30 != 32"
From: "David Wu" <davidwu@arcturusnetworks.com>
Date: Wed, 04 Apr 2007 15:32:54 -0400
Cc: Michael Durrant <mdurrant@arcturusnetworks.com>
Delivered-to: sp-com-lists@consult.net
Delivered-to: netfilter-list1@securepoint.com
List-archive: </pipermail/netfilter>
List-help: <mailto:netfilter-request@lists.netfilter.org?subject=help>
List-id: General discussion and user questions <netfilter.lists.netfilter.org>
List-post: <mailto:netfilter@lists.netfilter.org>
List-subscribe: <https://lists.netfilter.org/mailman/listinfo/netfilter>, <mailto:netfilter-request@lists.netfilter.org?subject=subscribe>
List-unsubscribe: <https://lists.netfilter.org/mailman/listinfo/netfilter>, <mailto:netfilter-request@lists.netfilter.org?subject=unsubscribe>
Organization: Arcturus Networks Inc.
Sender: netfilter-bounces@lists.netfilter.org
User-agent: Opera M2/8.51 (Linux, build 1462) 
Hello all,
I came across this problem when runing iptables-1.3.7 on 2.6.19 and 2.6.20 kernel(MCF5329): 
   ip_tables: ERROR target: invalid size 30 != 32
which comes from:
        xt_check_target() (net/netfilter/x_tables.c)

        if (XT_ALIGN(target->targetsize) != size) {
                printk("%s_tables: %s target: invalid size %Zu != %u\n",
                       xt_prefix[family], target->name,
                       XT_ALIGN(target->targetsize), size);
                return -EINVAL;
        }
I noticed that in libiptc/libiptc.c(iptables-1.3.7) ipt_error_target is defined as: 
   struct ipt_error_target
   {
        STRUCT_ENTRY_TARGET t;
        char error[TABLE_MAXNAMELEN];
   };

while in the kernel it defined as:
   struct ipt_error_target
   {
        struct ipt_entry_target target;
        char errorname[IPT_FUNCTION_MAXNAMELEN];
   };

in net/ipv4/netfilter/ip_tables.c there is another:
   static struct ipt_target ipt_error_target = {
        .name           = IPT_ERROR_TARGET,
        .target         = ipt_error,
        .targetsize     = IPT_FUNCTION_MAXNAMELEN,
        .family         = AF_INET,
   };

TABLE_MAXNAMELEN and IPT_FUNCTION_MAXNAMELEN are not equal!!!

Is this a bug? Who can tell me which one is correct?

thanks,

--
David
davidwu@arcturusnetworks.com
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
  • ipt_error_target in kernel difers from that in user space and causing "ip_tables: ERROR target: invalid size 30 != 32", David Wu <=
Previous by Date:  Re: Debian 2.6.8/bridge/iptables/passive ftp, Pascal Hambourg
Next by Date:  Does iptables support VLANs, Elvir Kuric
Previous by Thread:  Debian 2.6.8/bridge/iptables/passive ftp, spaminator
Next by Thread:  Does iptables support VLANs, Elvir Kuric
Indexes:  [Date] [Thread] [Top] [All Lists]