Red Hat Bugzilla – Bug 188137
CLUSTERIP module of iptables does not work
Last modified: 2007-11-30 17:11:29 EST
Description of problem:
Target CLUSTERIP in a iptables rule does not work. It seems that the nescessary
library is missing.
Version-Release number of selected component (if applicable):
FC5 (xen, dom0) fully patched (yum update)
Fully reproducably (on my xen system on dom0 and domU)
Steps to Reproduce:
1. iptables -I INPUT -i eth0 -p tcp --dport 80 -d 192.168.188.1 -j CLUSTERIP
2. iptables -I INPUT ... with all nescessary options of the CLUSTERIP target
1. Error message: iptables v1.3.5: Couldn't load target
`CLUSTERIP':/lib/iptables/libipt_CLUSTERIP.so: cannot open shared object file:
No such file or directory
2. Error message: "-" not allowed as target
See: man iptables
The CLUSTERIP netfilter header file is missing (others too).
Assigning to glibc-kernheaders.
any plans to fix that bug? It is still there in fedora 6. Error message:
iptables v1.3.5: chain name not allowed to start with `-'
One year is quite a long time ...
The headers are there in FC6. Reassigning to iptables.
Hi, I just check F7 live. It still does not work with the same error message.
Any plans to fix it? WHEN? This bug exists for more than a year now.
Fixed in updates in package iptables-1.3.8-2 or newer.