Menu
▾
▴
Re: [Iptperl-general] $table->commit() bug with latest cvs version of "0.98"?
|
From: <dp...@ds...> - 2003-08-17 18:08:20
|
On Tue, Aug 12, 2003 at 02:11:38PM -0400, Suzor, Greg wrote: > I started off using IPTables::IPv4 0.97b from CPAN. Everything was fine > until I noticed a memory leak. Long story short, the latest version from > cvs, which I'll call "0.98", fixed the problem. However, a new problem has > emerged. > > Assuming that 'custom_mangle_chain' and 'custom_filter_chain' already exist > with some rules, the following code will work with 0.97b, but fail with > "0.98": > With 0.97b, both rules are properly deleted. However, with "0.98", only > "mangle->custom_mangle_chain->rule_3" is deleted. If the last two lines > above are switched, then only "filter->custom_filter_chain->rule_7" is > deleted. I'm guessing that the problem has something to do with the new > commit() and DESTROY semantics as described in the README for "0.98". > > The code that I'm writing is in an infinite loop (it does sleep for some > time), so the memory leak from 0.97b will add up after time. So I'd like to > use "0.98" if commit() could be "fixed" for it. Any help with this would be > appreciated. Ok, I've discovered the problem. It's yet another case of libiptc not taking programs other than the command-line 'iptables' tool into account. I've added code into libiptc to refcount the netlink socket file descriptor, so it doesn't leak fd's, or blindly close them when other open tables need them. Try the current CVS. Also, check the return values from calls like commit() and delete_num_entry(). The return values are documented in the POD pages, and I always put error strings into $!. -- Derrik Pates dp...@ds... dp...@vo... |
