[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ipfilter
Subject:    Re: ip_rcmd_pxy on LINUX
From:       Darren Reed <darrenr () reed ! wattle ! id ! au>
Date:       2008-01-07 14:51:55
Message-ID: 47823C8B.4070406 () reed ! wattle ! id ! au
[Download RAW message or body]

David Stes wrote:
> As a followup to my previous post, I could add that I get some
> explicit errors in the case of the loopback interface:
>
> root@gecko:/opt/ip_fil4.1.27-stes# ipnat -l
> List of active MAP/Redirect filters:
> map lo 0.0.0.0/0 -> 0.0.0.0/0 proxy port shell rcmd/tcp
> map eth0 0.0.0.0/0 -> 0.0.0.0/0 proxy port shell rcmd/tcp
>
> List of active sessions:
> MAP 127.0.0.1       1018  <- -> 127.0.0.1       1018  [127.0.0.1 1017]
> MAP 127.0.0.1       1019  <- -> 127.0.0.1       1019  [127.0.0.1 514]
> pos=0xf75a8bc0 kmemcpy:read: Invalid argument
> MAP 127.0.0.1       1021  <- -> 127.0.0.1       1021  [127.0.0.1 1020]
> MAP 127.0.0.1       1022  <- -> 127.0.0.1       1022  [127.0.0.1 514]
> pos=0xf75a8640 kmemcpy:read: Invalid argument
>
>
> Any idea what the kmemcpy errors are about ?
>   

From the above, it looks like the right thing is happening.
Can you confirm with "ipmon -oNS" that NAT/state entries
get created and expire for the rcmd sessions/

I suspect, but can't confirm, that they're coming from printaps().
What does strace say happens?

Darren

[prev in list] [next in list] [prev in thread] [next in thread]