[Ebtables-devel] Segfaults with user-defined chains
Brought to you by:
bdschuym
Menu
▾
▴
[Ebtables-devel] Segfaults with user-defined chains
|
From: Alf <al...@my...> - 2006-07-27 19:56:16
|
I am experiencing segfaults when trying to add rules to user-defined chains in ebtables v2.0.8-rc2. I saw some similar problems were fixed between rc1 and rc2, but apparently some still exist. I provide the details further down. I am using a custom-built system based on DIY-Linux (www.diy-linux.org) using kernel 2.6.17.6, glibc 2.4 and GCC 4.1.1 (definitely a bleeding-edge build). Here are the details on reproducing the problem. You create a new chain, you add a rule to a default chain to jump to the new chain, then you add a rule to the new chain. Adding a new rule to the new chain will segfault: ------------------------------------------------- [root@slim-dev ~]# ebtables --version ebtables v2.0.8-rc2 (March 2006) [root@slim-dev ~]# ebtables -L Bridge table: filter Bridge chain: INPUT, entries: 0, policy: ACCEPT Bridge chain: FORWARD, entries: 0, policy: ACCEPT Bridge chain: OUTPUT, entries: 0, policy: ACCEPT [root@slim-dev ~]# ebtables -N MY-NEW-CHAIN [root@slim-dev ~]# ebtables -L Bridge table: filter Bridge chain: INPUT, entries: 0, policy: ACCEPT Bridge chain: FORWARD, entries: 0, policy: ACCEPT Bridge chain: OUTPUT, entries: 0, policy: ACCEPT Bridge chain: MY-NEW-CHAIN, entries: 0, policy: ACCEPT [root@slim-dev ~]# ebtables -A FORWARD -j MY-NEW-CHAIN [root@slim-dev ~]# ebtables -L Bridge table: filter Bridge chain: INPUT, entries: 0, policy: ACCEPT Bridge chain: FORWARD, entries: 1, policy: ACCEPT -j MY-NEW-CHAIN Bridge chain: OUTPUT, entries: 0, policy: ACCEPT Bridge chain: MY-NEW-CHAIN, entries: 0, policy: ACCEPT [root@slim-dev ~]# ebtables -A MY-NEW-CHAIN -j DROP Segmentation fault [root@slim-dev ~]# ebtables -L Bridge table: filter Bridge chain: INPUT, entries: 0, policy: ACCEPT Bridge chain: FORWARD, entries: 1, policy: ACCEPT -j MY-NEW-CHAIN Bridge chain: OUTPUT, entries: 0, policy: ACCEPT Bridge chain: MY-NEW-CHAIN, entries: 0, policy: ACCEPT [root@slim-dev ~]# ------------------------------------------------- I then tried it in a slightly different manner. Create the new chain, add the rule to the new chain, then add the rule to the default chain. The result is a segfault when trying to add a rule to the default chain (skipping the "ebtables -L" for brevity): ------------------------------------------------- [root@slim-dev ~]# ebtables -N MY-NEW-CHAIN [root@slim-dev ~]# ebtables -A MY-NEW-CHAIN -j DROP [root@slim-dev ~]# ebtables -A FORWARD -j MY-NEW-CHAIN Segmentation fault [root@slim-dev ~]# ------------------------------------------------- Thinking my rules might be the problem, I tried one of the examples on the website (Associate IP addresses to MAC addresses) with the same results: ------------------------------------------------- [root@slim-dev ~]# ebtables -N MATCHING-MAC-IP-PAIR [root@slim-dev ~]# ebtables -A FORWARD -p IPv4 --among-dst 00:11:22:33:44:55=172.16.1.4,00:11:33:44:22:55=172.16.1.5 -j MATCHING-MAC-IP-PAIR [root@slim-dev ~]# ebtables -A MATCHING-MAC-IP-PAIR -j DROP Segmentation fault [root@slim-dev ~]# ------------------------------------------------- Changing the order did not resolve the issue: ------------------------------------------------- [root@slim-dev ~]# ebtables -N MATCHING-MAC-IP-PAIR [root@slim-dev ~]# ebtables -A MATCHING-MAC-IP-PAIR -j DROP [root@slim-dev ~]# ebtables -A FORWARD -p IPv4 --among-dst 00:11:22:33:44:55=172.16.1.4,00:11:33:44:22:55=172.16.1.5 -j MATCHING-MAC-IP-PAIR Segmentation fault [root@slim-dev ~]# ------------------------------------------------- Any help with this issue would be appreciated. -- Alf @ |
