[prev in list] [next in list] [prev in thread] [next in thread] 

List:       tproxy
Subject:    [tproxy] Couldn't load match
From:       "Tim Feld" <zolists () gmx ! de>
Date:       2008-05-21 8:17:40
Message-ID: 20080521081740.17990 () gmx ! net
[Download RAW message or body]

Hi,

i am trying to set up tproxy to use zorp. The tproxy and iptables patches were \
applied cleanly. I configured the kernel to include netfilter_tproxy, \
netfilter_xt_target_tproxy and netfilter_xt_match_socket as modules. Compile and \
install ran fine.  But when I try the example commands from the readme I get several \
error messages as if tproxy is not installed at all. 

For example: iptables -t mangle -A PREROUTING -p tcp --dport 80 -j TPROXY --on-port \
                50080 --tproxy-mark 0x1/0x1
returns: iptables v1.4.0: Unknown arg `--on-port'
without the port argument: iptables v1.4.0: Unknown arg `--tproxy-mark'
without the tproxy-mark argument: iptables v1.4.0: Couldn't load target \
`TPROXY':/usr/local/lib/iptables/libipt_TPROXY.so: cannot open shared object file: No \
such file or directory

command: iptables -t mangle -A PREROUTING -p tcp -m socket -j DIVERT
returns: iptables v1.4.0: Couldn't load match \
`socket':/usr/local/lib/iptables/libipt_socket.so: cannot open shared object file: No \
such file or directory

Why is it looking for libipt_TPROXY.so and libipt_socket.so? As far as I know in the \
newer releases there is just xt_TPROXY respectively xt_socket.

My setup:
Kernel: (Ubuntu) 2.6.24-16-xen, tried 2.6.24.7 from kernel.org too in case the xen \
                patches cause the trouble
tproxy: tproxy-2.6.24-20080509
iptables: 1.4.0 (from netfilter.org)
tproxy-iptables-svn-r7519-20080509-165158-1210344718.patch 

I also tried to build tproxy into the kernel instead of using modules. Building fails \
in that case with the following message:

net/built-in.o: In function `socket_mt':
/usr/src/linux-2.6.24.7/net/netfilter/xt_socket.c:60: undefined reference to \
`nf_conntrack_untracked' make[2]: *** [.tmp_vmlinux1] Error 1
make[1]: *** [sub-make] Error 2

I have attached the network part of both kernel configs. I guess I must be missing \
something. Any help is greatly appreciated!

Tim

-- 
Psssst! Schon vom neuen GMX MultiMessenger gehört?
Der kann`s mit allen: http://www.gmx.net/de/go/multimessenger


["configModule" (application/octet-stream)]
["configBuiltIn" (application/octet-stream)]

_______________________________________________
tproxy mailing list
tproxy@lists.balabit.hu
https://lists.balabit.hu/mailman/listinfo/tproxy


[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic