Bug 205268 - iptables reporting useless errorcodes
Summary: iptables reporting useless errorcodes
Alias: None
Product: Fedora
Classification: Fedora
Component: iptables   
(Show other bugs)
Version: rawhide
Hardware: All
OS: Linux
Target Milestone: ---
Assignee: Thomas Woerner
QA Contact: Ben Levenson
Depends On:
Blocks: 261481 412441
TreeView+ depends on / blocked
Reported: 2006-09-05 17:48 UTC by Daniel Riek
Modified: 2007-12-05 17:18 UTC (History)
0 users

Fixed In Version: iptables-1.3.8-6.fc8
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2007-12-05 17:16:54 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

Description Daniel Riek 2006-09-05 17:48:20 UTC
Rawhide iptables reports a useless errorcode, e.g. when trying to operate on the
wrong table:
[root@myhost ~]# iptables -t mangle -I PREROUTING -p tcp --dport 2222 -d -j DNAT --to-destination iptables: Unknown error

Instead it should report a human readable description of what went wrong.

Package versions are:

Comment 2 Thomas Woerner 2007-08-23 10:18:15 UTC
What kind of hardware is this?

Comment 3 Daniel Riek 2007-08-28 19:06:12 UTC
cpu family      : 15
model           : 43
model name      : AMD Athlon(tm) 64 X2 Dual Core Processor 4200+
stepping        : 1

Still happens in RHEL 5.1 beta:

Comment 4 Thomas Woerner 2007-09-26 16:33:03 UTC
Can yopu please verify this with the latest iptables-1.3.8 verison in rawhide? I
do not get this cryptic error message.
BTW: This message reflacts probably a kernel module problem.

Comment 5 macker 2007-10-25 00:08:07 UTC
Related poor output (crappy error code, rather than a real error)  from
iptables-1.3.5-1.2.1 (RHEL5):

# iptables -A INPUT -p tcp -m udp -j ACCEPT
iptables: Unknown error 4294967295
# iptables -A INPUT -p tcp -m udp --dport 23 -j ACCEPT
iptables: Unknown error 4294967295

The error is easy to observe in this format, but when looking at a long list of
rules in /etc/sysconfig/iptables, it is not.  The error is introduced by
incomplete editing following copy/paste to duplicate similar rules, e.g. adding
a copy of the rule for UDP in addition to TCP.

I can move this into its own bug if needed, but makes sense to append it here,
if it still occurs in the affected version.

Comment 6 Daniel Riek 2007-12-05 17:16:54 UTC
iptables-1.3.8-6.fc8 on x86-64 now reports:
iptables: Invalid argument

Not a bug anymore, but makes yo uthink about an RFE for meaningful error
reporting in iptables.

E.g. if you use a non-existing table, it should say so. Will file a separate bug
for that.

Note You need to log in before you can comment on or make changes to this bug.