From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 1BF8E15812D for ; Thu, 02 Jan 2025 08:14:42 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 7EE14E07D7; Thu, 02 Jan 2025 08:14:35 +0000 (UTC) Received: from n.hanft.de (n.hanft.de [IPv6:2001:780:125:1::e4]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 2BB1EE07B2 for ; Thu, 02 Jan 2025 08:14:34 +0000 (UTC) Received: from home01.hanft.de (home01.hanft.de [IPv6:2003:a:1137:e000:a:f:5:15]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by n.hanft.de (Postfix) with ESMTPS id DD5B4966C41; Thu, 02 Jan 2025 09:14:32 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=hanft.de; s=231024; t=1735805672; bh=fqak66Uykh/XD47uJTVg/mJwu6tzhlrOLBRcX8ixUsU=; h=Subject:To:References:From:Date:In-Reply-To:From; b=VOIKaUcDiiogziYJk4ia/tiGha8/bjpOljxSdQ6ZKT05q2vfKDg0WxivxJtB8V4CF pidTqGqf+WFavzUaU/ZkpV/8hIE1BaUTkmBzQLHN9VTat9guX6WomRX7PoMHxRa91L H2gwzuPbzz71guusUDi7/GGq2F/J5pE64E5JghQmyOlzSOjGiSDwsAZ/yBYuRTcqvx GqxtFzJ7NTbO/2ZqicxQdCPlHdQC8VEw2p7b/KIzcwPGZjrHE55/xYWpoB0K55TqKE hrXLygl4ZE8PZFeDUessKlOCtDXI33NRMaxj98MXLt3KQirPRHGBbUav7sSYcd10wW Zmre3fsfhI0kw== Subject: Re: [gentoo-user] Strange behaviour of iptables To: gentoo-user@lists.gentoo.org References: <673fdadaaa7de7e12ac8d0f4c3443b18c0751ecc.camel@connell.tech> From: Matthias Hanft Message-ID: <58bbb33e-8a76-9634-0ceb-dd2520d9cd13@hanft.de> Date: Thu, 2 Jan 2025 09:13:08 +0100 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0 SeaMonkey/2.53.19 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply MIME-Version: 1.0 In-Reply-To: <673fdadaaa7de7e12ac8d0f4c3443b18c0751ecc.camel@connell.tech> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-Archives-Salt: 88349818-b5b9-4c55-9e50-86a1975867fd X-Archives-Hash: 05e71a6b7ba0b991ad0b4b0f51ce50ed Matt Connell schrieb: > > I noticed that your path to iptables is in /usr/bin/, but `which` on my > system says /sbin/. Are you running this as root? What version of PHP > are you using? Yes, everything is run as root. Indeed I had /sbin/iptables in my PHP script. Getting this error, I tried "which iptables" in a root bash which showed /usr/bin/iptables. So I changed this (and even to "/usr/bin/iptables-legacy", but with no effect, presumably because of... n ~ # ls -l /sbin/iptables lrwxrwxrwx 1 root root 20 Apr 18 2024 /sbin/iptables -> xtables-legacy-multi n ~ # ls -l /usr/bin/iptables lrwxrwxrwx 1 root root 20 Apr 18 2024 /usr/bin/iptables -> xtables-legacy-multi n ~ # ls -l /usr/bin/iptables-legacy lrwxrwxrwx 1 root root 20 Dec 21 09:30 /usr/bin/iptables-legacy -> xtables-legacy-multi So everything seems to call "xtables-legacy-multi" anyway. Your "foo.php" does run here, too. I wonder what's the difference?! PHP is 8.2.24. The only difference is that my "exec" is in a class method in a PHP file which is included by "require_once". And it has worked for years... don't know exactly when it got broken ("cron @monthly" to count monthly IP traffic). -Matt