| 1 |
How do you get the TRACE target to work in iptables? |
| 2 |
|
| 3 |
north ~ # /sbin/iptables -t raw -A PREROUTING -j TRACE |
| 4 |
iptables v1.3.8: Couldn't load target |
| 5 |
`TRACE':/lib/iptables/libipt_TRACE.so: cannot open shared object file: |
| 6 |
No such file or directory |
| 7 |
|
| 8 |
Try `iptables -h' or 'iptables --help' for more information. |
| 9 |
|
| 10 |
Sure enough, libipt_TRACE.so is not there: |
| 11 |
|
| 12 |
north ~ # ls -la /lib/iptables/*TRACE* |
| 13 |
ls: cannot access /lib/iptables/*TRACE*: No such file or directory |
| 14 |
|
| 15 |
TRACE is enables in the kernel config and extensions use flag is enabled |
| 16 |
for iptables: |
| 17 |
north ~ # uname -r |
| 18 |
2.6.23-gentoo-r1 |
| 19 |
north ~ # zgrep NETFILTER /proc/config.gz |
| 20 |
CONFIG_NETFILTER=y |
| 21 |
# CONFIG_NETFILTER_DEBUG is not set |
| 22 |
CONFIG_BRIDGE_NETFILTER=y |
| 23 |
CONFIG_NETFILTER_NETLINK=y |
| 24 |
CONFIG_NETFILTER_NETLINK_QUEUE=y |
| 25 |
CONFIG_NETFILTER_NETLINK_LOG=y |
| 26 |
CONFIG_NETFILTER_XTABLES=y |
| 27 |
CONFIG_NETFILTER_XT_TARGET_CLASSIFY=y |
| 28 |
CONFIG_NETFILTER_XT_TARGET_CONNMARK=y |
| 29 |
# CONFIG_NETFILTER_XT_TARGET_DSCP is not set |
| 30 |
CONFIG_NETFILTER_XT_TARGET_MARK=y |
| 31 |
CONFIG_NETFILTER_XT_TARGET_NFQUEUE=m |
| 32 |
CONFIG_NETFILTER_XT_TARGET_NFLOG=m |
| 33 |
CONFIG_NETFILTER_XT_TARGET_NOTRACK=m |
| 34 |
CONFIG_NETFILTER_XT_TARGET_TRACE=y |
| 35 |
CONFIG_NETFILTER_XT_TARGET_TCPMSS=y |
| 36 |
CONFIG_NETFILTER_XT_MATCH_COMMENT=m |
| 37 |
CONFIG_NETFILTER_XT_MATCH_CONNBYTES=m |
| 38 |
CONFIG_NETFILTER_XT_MATCH_CONNLIMIT=m |
| 39 |
CONFIG_NETFILTER_XT_MATCH_CONNMARK=y |
| 40 |
CONFIG_NETFILTER_XT_MATCH_CONNTRACK=m |
| 41 |
CONFIG_NETFILTER_XT_MATCH_DCCP=m |
| 42 |
CONFIG_NETFILTER_XT_MATCH_DSCP=m |
| 43 |
CONFIG_NETFILTER_XT_MATCH_ESP=m |
| 44 |
CONFIG_NETFILTER_XT_MATCH_HELPER=m |
| 45 |
CONFIG_NETFILTER_XT_MATCH_LENGTH=y |
| 46 |
CONFIG_NETFILTER_XT_MATCH_LIMIT=y |
| 47 |
CONFIG_NETFILTER_XT_MATCH_MAC=m |
| 48 |
CONFIG_NETFILTER_XT_MATCH_MARK=y |
| 49 |
CONFIG_NETFILTER_XT_MATCH_POLICY=m |
| 50 |
CONFIG_NETFILTER_XT_MATCH_MULTIPORT=m |
| 51 |
CONFIG_NETFILTER_XT_MATCH_PHYSDEV=m |
| 52 |
CONFIG_NETFILTER_XT_MATCH_PKTTYPE=m |
| 53 |
CONFIG_NETFILTER_XT_MATCH_QUOTA=m |
| 54 |
CONFIG_NETFILTER_XT_MATCH_REALM=m |
| 55 |
CONFIG_NETFILTER_XT_MATCH_SCTP=m |
| 56 |
CONFIG_NETFILTER_XT_MATCH_STATE=y |
| 57 |
CONFIG_NETFILTER_XT_MATCH_STATISTIC=m |
| 58 |
CONFIG_NETFILTER_XT_MATCH_STRING=m |
| 59 |
CONFIG_NETFILTER_XT_MATCH_TCPMSS=y |
| 60 |
CONFIG_NETFILTER_XT_MATCH_U32=m |
| 61 |
CONFIG_NETFILTER_XT_MATCH_HASHLIMIT=m |
| 62 |
north ~ # emerge -vp iptables |
| 63 |
These are the packages that would be merged, in order: |
| 64 |
|
| 65 |
Calculating dependencies... done! |
| 66 |
[ebuild R ] net-firewall/iptables-1.3.8-r2 USE="extensions -imq |
| 67 |
-ipv6 -l7filter -static" 0 kB |
| 68 |
|
| 69 |
Total: 1 package (1 reinstall), Size of downloads: 0 kB |
| 70 |
|
| 71 |
Any ideas? Thank you |
| 72 |
-- |
| 73 |
Eray |
| 74 |
-- |
| 75 |
gentoo-user@g.o mailing list |
Archives