Bug 205268 - iptables reporting useless errorcodes
iptables reporting useless errorcodes
Product: Fedora
Classification: Fedora
Component: iptables (Show other bugs)
All Linux
low Severity medium
: ---
: ---
Assigned To: Thomas Woerner
Ben Levenson
Depends On:
Blocks: 261481 412441
  Show dependency treegraph
Reported: 2006-09-05 13:48 EDT by Daniel Riek
Modified: 2007-12-05 12:18 EST (History)
0 users

See Also:
Fixed In Version: iptables-1.3.8-6.fc8
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2007-12-05 12:16:54 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Daniel Riek 2006-09-05 13:48:20 EDT
Rawhide iptables reports a useless errorcode, e.g. when trying to operate on the
wrong table:
[root@myhost ~]# iptables -t mangle -I PREROUTING -p tcp --dport 2222 -d -j DNAT --to-destination iptables: Unknown error

Instead it should report a human readable description of what went wrong.

Package versions are:
Comment 2 Thomas Woerner 2007-08-23 06:18:15 EDT
What kind of hardware is this?
Comment 3 Daniel Riek 2007-08-28 15:06:12 EDT
cpu family      : 15
model           : 43
model name      : AMD Athlon(tm) 64 X2 Dual Core Processor 4200+
stepping        : 1

Still happens in RHEL 5.1 beta:
Comment 4 Thomas Woerner 2007-09-26 12:33:03 EDT
Can yopu please verify this with the latest iptables-1.3.8 verison in rawhide? I
do not get this cryptic error message.
BTW: This message reflacts probably a kernel module problem.
Comment 5 macker 2007-10-24 20:08:07 EDT
Related poor output (crappy error code, rather than a real error)  from
iptables-1.3.5-1.2.1 (RHEL5):

# iptables -A INPUT -p tcp -m udp -j ACCEPT
iptables: Unknown error 4294967295
# iptables -A INPUT -p tcp -m udp --dport 23 -j ACCEPT
iptables: Unknown error 4294967295

The error is easy to observe in this format, but when looking at a long list of
rules in /etc/sysconfig/iptables, it is not.  The error is introduced by
incomplete editing following copy/paste to duplicate similar rules, e.g. adding
a copy of the rule for UDP in addition to TCP.

I can move this into its own bug if needed, but makes sense to append it here,
if it still occurs in the affected version.
Comment 6 Daniel Riek 2007-12-05 12:16:54 EST
iptables-1.3.8-6.fc8 on x86-64 now reports:
iptables: Invalid argument

Not a bug anymore, but makes yo uthink about an RFE for meaningful error
reporting in iptables.

E.g. if you use a non-existing table, it should say so. Will file a separate bug
for that.

Note You need to log in before you can comment on or make changes to this bug.