Re: [mpls-linux-devel] [mpls-linux-general] cannot remove iptables rule with mpls target / cannot r
Status: Beta
Brought to you by:
jleu
Menu
▾
▴
Re: [mpls-linux-devel] [mpls-linux-general] cannot remove iptables rule with mpls target / cannot remove nhlfe key used by iptables.
|
From: James R. L. <jl...@mi...> - 2007-12-12 14:31:29
|
On Wed, Dec 12, 2007 at 02:12:30PM +0100, Tom Kleiberg wrote: > Hello, >=20 > I came across a problem with removing an mpls target from iptables. > Apparently, the problem was found previously and posted on the mailing li= st: > http://sourceforge.net/mailarchive/message.php?msg_id=3D58990.192.168.1.7= 2.1177109560.squirrel%40webmail.larces.uece.br > http://sourceforge.net/mailarchive/message.php?msg_id=3D1801039839.200704= 21093542%40s2001.tu-chemnitz.de > http://sourceforge.net/mailarchive/message.php?msg_id=3D4631EBCD.8090708%= 40gmail.com Completely different problem. In those posts they couldn't even create ipt= ables rules. It was due to a change in kernel structures for netfilter targets. This is the first I'm hearing of your issue. Can you please provide details about the MPLS version, iptables version, an= d linux distribution you are using. > The target can be removed from iptables only by using the rule number > instead of the complete rule description. >=20 > Unfortunately, I encountered another issue, which could be related to this > one. Namely, when a nhfle key has been used by an iptables target and the > iptables rule is later removed, > then the key can no longer be removed from the nhlfe table. The key can n= ow > only be removed from the nhlfe table by > rebooting the pc. >=20 > The following commands will show the error. > mpls nhlfe add key 0 > iptables -t mangle -A OUTPUT <some rule> -j mpls --nhlfe <key> > iptables -t mangle -D OUTPUT <#some rule> > mpls nhlfe del key <key> >=20 > The last command will report the error: > RTNETLINK answers: Device or resource busy What happens if you do a iptables -F instead of trying to remove just the single rule? > dmesg reports: > MPLS DEBUG net/mpls/mpls_nhlfe.c:468:mpls_del_out_label: enter > MPLS DEBUG net/mpls/mpls_nhlfe.c:492:mpls_del_out_label: Node 4 is being > used > MPLS DEBUG net/mpls/mpls_nhlfe.c:493:mpls_del_out_label: exit > MPLS DEBUG net/mpls/mpls_netlink.c:346:genl_mpls_nhlfe_del: Exit: -16 >=20 > Can anyone confirm this problem and is there a solution/workaround? >=20 > Kind regards, >=20 > Tom > t.k...@gm... > ------------------------------------------------------------------------- > SF.Net email is sponsored by:=20 > Check out the new SourceForge.net Marketplace. > It's the best place to buy or sell services for > just about anything Open Source. > http://sourceforge.net/services/buy/index.php > _______________________________________________ > mpls-linux-general mailing list > mpl...@li... > https://lists.sourceforge.net/lists/listinfo/mpls-linux-general --=20 James R. Leu jl...@mi... |
