Rawhide iptables reports a useless errorcode, e.g. when trying to operate on the wrong table: [root@myhost ~]# iptables -t mangle -I PREROUTING -p tcp --dport 2222 -d 192.168.1.1 -j DNAT --to-destination 192.168.1.2:22 iptables: Unknown error 18446744073709551615 Instead it should report a human readable description of what went wrong. Package versions are: iptables-1.3.5-1.2.1 kernel-xen-2.6.17-1.2600.fc6
What kind of hardware is this?
x86_64: cpu family : 15 model : 43 model name : AMD Athlon(tm) 64 X2 Dual Core Processor 4200+ stepping : 1 Still happens in RHEL 5.1 beta: kernel-xen-2.6.18-37.el5 iptables-1.3.5-1.2.1
Can yopu please verify this with the latest iptables-1.3.8 verison in rawhide? I do not get this cryptic error message. BTW: This message reflacts probably a kernel module problem.
Related poor output (crappy error code, rather than a real error) from iptables-1.3.5-1.2.1 (RHEL5): # iptables -A INPUT -p tcp -m udp -j ACCEPT iptables: Unknown error 4294967295 # iptables -A INPUT -p tcp -m udp --dport 23 -j ACCEPT iptables: Unknown error 4294967295 The error is easy to observe in this format, but when looking at a long list of rules in /etc/sysconfig/iptables, it is not. The error is introduced by incomplete editing following copy/paste to duplicate similar rules, e.g. adding a copy of the rule for UDP in addition to TCP. I can move this into its own bug if needed, but makes sense to append it here, if it still occurs in the affected version.
iptables-1.3.8-6.fc8 on x86-64 now reports: iptables: Invalid argument Not a bug anymore, but makes yo uthink about an RFE for meaningful error reporting in iptables. E.g. if you use a non-existing table, it should say so. Will file a separate bug for that.