Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
ipt_owner crippled
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Kernel & Hardware
View previous topic :: View next topic  
Author Message
Oxidative
n00b
n00b


Joined: 25 Jun 2003
Posts: 33

PostPosted: Fri Nov 25, 2005 6:40 pm    Post subject: ipt_owner crippled Reply with quote

After upgrading my 2.6.12 kernel to 2.6.14 my iptables script stopped working. Kernel is shouting

Quote:
ipt_owner: pid, sid and command matching not supported anymore


I was using the ipt_owner command filter to limit network traffic for specific applications. Looks like the kernel devs decided to strip this very useful functionality because it didn't work with SMP. How am I supposed to use filters on a per-application base without "command" support in ipt_owner? I've looked around but no one seems to miss this except me :?
_________________
wormux ebuild: https://bugs.gentoo.org/show_bug.cgi?id=52679
Back to top
View user's profile Send private message
kos
n00b
n00b


Joined: 28 May 2003
Posts: 63
Location: Mountain View, CA

PostPosted: Sat Nov 26, 2005 1:09 pm    Post subject: Reply with quote

I'm also interested in any solution..
_________________
/KoS
Back to top
View user's profile Send private message
Oxidative
n00b
n00b


Joined: 25 Jun 2003
Posts: 33

PostPosted: Mon Nov 28, 2005 11:14 am    Post subject: Reply with quote

bump :?
_________________
wormux ebuild: https://bugs.gentoo.org/show_bug.cgi?id=52679
Back to top
View user's profile Send private message
alligator421
Apprentice
Apprentice


Joined: 30 Jul 2003
Posts: 191

PostPosted: Mon Dec 05, 2005 3:48 am    Post subject: Reply with quote

I also found it quite odd so few complaints about that kernel move.
It took me some time to figure out why iptables exploded at me with such an obscure error like bad argument (to iptables) after kernel upgrade to 2.6.14
I quickly dowgraded to 2.6.12
2.6.14 no go :evil:
Back to top
View user's profile Send private message
alligator421
Apprentice
Apprentice


Joined: 30 Jul 2003
Posts: 191

PostPosted: Fri Dec 09, 2005 5:46 am    Post subject: Reply with quote

bump
Back to top
View user's profile Send private message
alligator421
Apprentice
Apprentice


Joined: 30 Jul 2003
Posts: 191

PostPosted: Fri Feb 10, 2006 5:16 pm    Post subject: Reply with quote

Any news about that or a workaround ?
Back to top
View user's profile Send private message
assaf
Apprentice
Apprentice


Joined: 14 Feb 2005
Posts: 152
Location: http://localhost

PostPosted: Fri Feb 10, 2006 6:26 pm    Post subject: Reply with quote

I'm using this feature too (it gives me personal firewall capabilities). It didn't explode anything though (i'm using iptables through shorewall), I suppose it simply stopped filtering.
Anyway, how do you know that the feature was dropped due to problems with SMP? If this is the case, someone might be working on fixing it for a future kernel release.
Back to top
View user's profile Send private message
Oxidative
n00b
n00b


Joined: 25 Jun 2003
Posts: 33

PostPosted: Sat Feb 11, 2006 12:41 pm    Post subject: Reply with quote

Just take a look at the changes:

Code:
-               printk("ipt_owner: pid, sid and command matching is broken "
-                      "on SMP.\n");
+               printk("ipt_owner: pid, sid and command matching "
+                      "not supported anymore\n");

Since this has been bemoved on 2.6.13 and we're at 2.6.16 already without seeing anything in that direction I doubt that someone is working on this problem.
_________________
wormux ebuild: https://bugs.gentoo.org/show_bug.cgi?id=52679
Back to top
View user's profile Send private message
alligator421
Apprentice
Apprentice


Joined: 30 Jul 2003
Posts: 191

PostPosted: Tue Apr 24, 2007 2:33 pm    Post subject: Reply with quote

Any news about that stuff lately ?
I'm getting tired of messing/backporting kernel code on every stable gentoo-sources releases.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Kernel & Hardware All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum