Re: xt_NFQUEUE and netfilter_queue inside container not supported? [message #44169 is a reply to message #40984] |
Tue, 22 November 2011 21:25 |
derbot
Messages: 1 Registered: November 2011
|
Junior Member |
|
|
hi,
has anyone succeded to use iptables NFQUEUE target inside VE ?
Bug-ID 1677 seems stalled.
Using:
2.6.26-2-openvz-686 (debian)
running the user-space program inside VE I'm getting:
strace:
bind(3, {sa_family=AF_NETLINK, pid=476, groups=00000000}, 12) = 0
write(1, "bind\n"..., 5bind
) = 5
sendto(3, "\34\0\0\0\2\3\5\0\0\0\0\0\0\0\0\0\0\0\0\0\10\0\1\0\3\0\0\2"..., 28, 0, {sa_family=AF_NETLINK, pid=0, groups=00000000}, 12) = -1 ECONNREFUSED (Connection refused)
--- SIGSEGV (Segmentation fault) @ 0 (0) ---
+++ killed by SIGSEGV +++
running it in HN works as expected:
bind(3, {sa_family=AF_NETLINK, pid=16928, groups=00000000}, 12) = 0
write(1, "bind\n", 5bind
) = 5
sendto(3, " \34\0\0\0\2\3\5\0\0\0\0\0\0\0\0\0\0\0\0\0\10\0\1\0\3\204\0\2 ", 28, 0, {sa_family=AF_NETLINK, pid=0, groups=00000000}, 12) = 28
recvfrom(3, "$\0\0\0\2\0\0\0\0\0\0\0 B\0\0\0\0\0\0\34\0\0\0\2\3\5\0\0\0\0\0\0\0\0\0", 8192, 0, {sa_family=AF_NETLINK, pid=0, groups=00000000}, [12]) = 36
Thanks,
Bogdan.
|
|
|