Re: [mpls-linux-general] iptables+mpls
Status: Beta
Brought to you by:
jleu
Menu
▾
▴
Re: [mpls-linux-general] iptables+mpls
|
From: James R. L. <jl...@mi...> - 2004-03-19 15:25:40
|
On Fri, Mar 19, 2004 at 01:26:08PM +0100, Zordan Arres wrote: > $ rpm -qa | grep iptables > iptables-ipv6-1.2.9-1.2spec_nh1 > iptables-1.2.9-1.2spec_nh1 > > $rpm -ql iptables-1.2.9-1.2spec_nh1 > ... > /sbin/iptables > /sbin/iptables-restore > /sbin/iptables-save > ... > > $which iptables > /usr/local/sbin/iptables > > but even when i used > $ /sbin/iptables -t mangle -A OUTPUT -j MPLS --set-key 0x2 You are running a 2.6 kernel? The format of the iptables and iproute commands have changed (with respect to MPLS). I have implemented a non-MPLS specific nexthop system called (SPEC NH for special nexthop). The SPEC NH system is implemented in the 2.6 kernels and not in the 2.4 kernels. Try this command instead: /sbin/iptables -A OUTPUT -d 1.1.1.2/32 -j spec_nh --spec_nh 0x8847:0x2 Where 1.1.1.2/32 is some destination you want mapped to the LSP and 0x2 is the key for the out-going label. > the same error occured: > couldn't load target: /usr/local/lib/iptables/libipt_MPLS.so: cannot open > shared object file > > $iptables --version > iptables-1.2.9 > > > Today i checked your P4-dir and i found a libipt_MPLS.c . I tried to copy > that file > into my extension dir and recompile it. but then it stopped because the > lib6ipt_MPLS.c > wasn't found ... and that file isn't in the p4-dir. > > first i used the rpm (even that doesn't work), then i found another > extension for > iptables that i want to use (layer 7 filter at sourceforge) and so i get > your sources and patch them. > the result is that the new extension works very well, but not the mpls ... > did i forget anything ? > > hope you can help me > > zordan > > -- > +++ NEU bei GMX und erstmalig in Deutschland: T?V-gepr?fter Virenschutz +++ > 100% Virenerkennung nach Wildlist. Infos: http://www.gmx.net/virenschutz -- James R. Leu jl...@mi... |
