LinuxQuestions.org
Visit the LQ Articles and Editorials section
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Mobile
User Name
Password
Linux - Mobile This forum is for the discussion of all topics relating to Mobile Linux. This includes Android, Tizen, LiMo, Maemo, MeeGo, Openmoko, Ubuntu Mobile, WebOS, Firefox OS, Open Mobile Alliance and other similar projects and products.
A reminder that LQ now has a dedicated Android sister site: AndroidQuestions.org

Notices

Reply
 
Search this Thread
Old 04-04-2011, 12:24 PM   #1
preetb123
LQ Newbie
 
Registered: Jan 2011
Posts: 28

Rep: Reputation: 0
iptables error in android: iptables-save and iptables-restore not working


I have compiled Linux for android emulator with full netfilter functionality enabled. And got a iptables binary after building android from source.

When i push this binary to the emulator

i can execute commands like below successfully.

iptables -L
iptables -F
iptables -A INPUT -s www.google.com -j DROP


with this error:

# # iptables -L
getsockopt for multiport failed strangely: No such file or directory
getsockopt for multiport failed strangely: No such file or directory
Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination
#


and

# iptables -A INPUT -s www.google.com -j DROP
getsockopt for multiport failed strangely: No such file or directory
getsockopt for multiport failed strangely: No such file or directory
FIX ME! implement getgrnam() bionic/libc/bionic/stubs.c:344

but atleast the above commands they work!

but when i try

iptables-save or
iptables-restore


i get error saying

iptables-save: not found

In my config file

CONFIG_NETFILTER_XT_MATCH_MULTIPORT=m

what is the problem..?? and how can i enable full iptables functionality in android or how can i save the current active iptables rules safely and reload them when next reboot.

please help. thank you!
 
Old 04-08-2011, 09:03 AM   #2
archtoad6
Senior Member
 
Registered: Oct 2004
Location: Houston, TX (usa)
Distribution: MEPIS, Debian, Knoppix,
Posts: 4,727
Blog Entries: 15

Rep: Reputation: 230Reputation: 230Reputation: 230
4 days & no answers, I can move this to Linux - Networking, Linux - Wireless Networking, or Linux - Security if you think you'd get better exposure. Meanwhile, consider adding "Code:" blocks to your OP:
Quote:
Please put code, command line output, config files, etc. inside [CODE] tags, aka "Code:" blocks.

It will make your posts easier to read, & that will get you more, faster, better answers. -- Help us help you.
BTW, You can edit your post(s) to do this retroactively.

Thank you.
 
Old 04-08-2011, 11:10 AM   #3
preetb123
LQ Newbie
 
Registered: Jan 2011
Posts: 28

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by archtoad6 View Post
4 days & no answers, I can move this to Linux - Networking, Linux - Wireless Networking, or Linux - Security if you think you'd get better exposure. Meanwhile, consider adding "Code:" blocks to your OP:

Actually i didn't know how to put code blocks. And regarding the question:

I think android team has modified iptables source, to exclude iptables-save than they must have modified some source files which call functions in iptables-save. May be because of that, the error comes
and also i checked iptables 1.3.7 sourcecode from netfilter. It seems that android source has its own modified iptables. Like, the file iptables-1.3.7/extension/libipt_connmark.c is changed to libipt_2connmark.c

I don't think this can be done, if also i want to i will have to modify the source again for android specific iptables...

Last edited by preetb123; 04-08-2011 at 11:12 AM.
 
Old 04-09-2011, 08:06 AM   #4
archtoad6
Senior Member
 
Registered: Oct 2004
Location: Houston, TX (usa)
Distribution: MEPIS, Debian, Knoppix,
Posts: 4,727
Blog Entries: 15

Rep: Reputation: 230Reputation: 230Reputation: 230
Quote:
BTW, You can edit your post(s) to do this retroactively.
I really think you'd improve your chances of getting someone knows something about your question to take the time to read it thoroughly & reply. OTOH, it's your post, & your choice. Good luck.
 
Old 04-09-2011, 10:13 AM   #5
preetb123
LQ Newbie
 
Registered: Jan 2011
Posts: 28

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by archtoad6 View Post
I really think you'd improve your chances of getting someone knows something about your question to take the time to read it thoroughly & reply. OTOH, it's your post, & your choice. Good luck.
Thank you very much! I'll do it from now.
 
Old 04-11-2011, 01:56 PM   #6
archtoad6
Senior Member
 
Registered: Oct 2004
Location: Houston, TX (usa)
Distribution: MEPIS, Debian, Knoppix,
Posts: 4,727
Blog Entries: 15

Rep: Reputation: 230Reputation: 230Reputation: 230
Quote:
Originally Posted by preetb123 View Post
I'll do it from now.
I assume you mean "from now on"

That's good, thank you; but I was asking you to fix your 1st post in this thread:
http://www.linuxquestions.org/questi...6/#post4313606
 
  


Reply

Tags
android, iptables, kernel config, kernel module, linux


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Restore iptables Rules that have been saved with iptables-save tiuz Linux - Security 4 08-14-2010 05:50 PM
Iptables-restore not working Thaidog Linux - General 2 03-05-2009 12:21 AM
iptables-restore not working with SELinux cdhgee Linux - Software 3 05-02-2008 12:01 PM
iptables-save, iptables-restore, how to set up them in some script sarajevo Linux - Networking 1 03-24-2008 11:39 PM
iptables v1.2.9: Unknown arg `/sbin/iptables' Try `iptables -h' or 'iptables --help' Niceman2005 Linux - Security 4 12-29-2005 08:20 PM


All times are GMT -5. The time now is 03:44 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration