|Summary:||IP Masquerading broken|
|Product:||[Retired] Red Hat Linux||Reporter:||jhohertz|
|Component:||distribution||Assignee:||David Lawrence <dkl>|
|Status:||CLOSED WORKSFORME||QA Contact:|
|Fixed In Version:||Doc Type:||Bug Fix|
|Doc Text:||Story Points:||---|
|Last Closed:||1998-11-19 16:25:39 UTC||Type:||---|
|oVirt Team:||---||RHEL 7.3 requirements from Atomic Host:|
|Cloudforms Team:||---||Target Upstream Version:|
Description jhohertz 1998-11-10 13:02:27 UTC
Trying to follow the HOWTO to add a subnet for IP Masqurade results in and error stating setsockopt recieved an invalid parameter. I have recompiled the kernel, as well as the source RPM of ipfwadm with no lock. I first noticed this when I updated my system to RawHide 1.0.6 and it persists even after an upgrade to 5.2. I flag this as major, as this is a very common feature used by those with a SOHO on their hands. Thanks. Please contact me if you want more info.
Comment 1 Preston Brown 1998-11-13 17:01:59 UTC
Please provide the exact text of the commands that you are trying to do, and the failure messages.
Comment 2 ddionne 1998-11-19 16:01:59 UTC
I have the exact same problem on my 5.1 system. I have also noted that my modules do not load correctly. I think this is because of the rc.sysinit file that has a reference to /sbin/lilo (this is on an alpha) in order to get the kernel version to create the link to preferred.
Comment 3 ddionne 1998-11-19 16:06:59 UTC
This is what I am using Redhat 5.1 Kern. 2.0.34, and this is what I type. ipfwadm -F -p deny <cr> works fine ipfwadm -F -a m -S 192.168.1.0/24 -D 0.0.0.0/0 <cr> returns ipfwadm: setsocketopt failed: Invalid argument
Comment 4 David Lawrence 1998-11-19 16:25:59 UTC
5.2 no longer uses cmdline stuff from LILO to create the preferred link in /lib/modules. Therefor there is no longer reference in rc.sysinit for /sbin/lilo. It sounds like you may have forgot to run make modules and make modules_install after compiling the kernel with IP firewalling as a module. If you do this and everything goes properly, the depmod -a in rc.sysint should find the modules.
Comment 5 jhohertz 1998-11-20 13:48:59 UTC
I don't think this is fixed yet, as the resolution is NOT for the problem as initially described. IP Masqurading is not a module (but there are helper modules.) The ipfwadm problem is still outstanding, and I have recently found two emails related to it with workarounds in my Inbox. The first is a quick fix, and the second gets to the heart of the matter. ---[First: Quick fix]---------- Date: Fri, 20 Nov 1998 11:43:22 -0500 (EST) From: Michael <email@example.com> To: firstname.lastname@example.org Subject: Re: Anyone else have problems with ip_masq and Alpha Linux kernel 2.0.35?? The problem is the ipfwadm rpm that ships with 5.1 & 5.2 . Uninstall it and grab the one in the 5.0 dist. and it will work fine (assuming the kernel is built for it). ---[Second: Heart of the matter]----- Date: Fri, 20 Nov 1998 10:29:03 -0500 From: Bob Fahey <email@example.com> To: firstname.lastname@example.org Subject: RE: Anyone else have problems with ip_masq and Alpha Linux kernel 2.0.35?? GREAT question. I spent about the last 3 days on my Alpha trying to figure out the exact same problem. The problem is that, from what I can tell, one of the includes with glibc 2.0.7 is incorrect, since it assumes you're running on a 32-bit machine. This problem still exists even in 2.0.7-29, and needs to be fixed in the next release, IMHO. Comments? I changed /usr/include/netinet/ip_fw.h, and recompiled ipfwadm. Now it works just fine. The change is in the struct ip_fw -- there are 2 arguments, fw_pcnt and fw_bcnt that are defined as u_int32_t. If you change these to long, and recompile ipfwadm, it should work fine. On the same note, when you set up masquerading, don't forget to change /etc/sysconfig/network, setting FORWARD_IPV4 to true. I didn't find a reference to this in the IP-Masquerading HOWTO, but maybe it is in some other documentation somewhere.... -bob fahey (email@example.com)