I know this may be entirely my fault but I have tried reversing
all of my _own_ patches I applied to 2.6.19.2 but can't find what broke this.
I did three times "netcat 127.0.0.69 42", notice the different
port numbers.
First, if someone could attempt this on 2.6.19.2 or 2.6.20-rc* ,
and tell it works, I shut up.
2007-01-15 23:42:05.833636 IP (tos 0x0, ttl 61, id 34230, offset 0, flags [DF], proto: TCP (6), length: 60) 127.0.0.69.23287 > 127.0.0.69.42: SWE, cksum 0x0281 (correct), 674651575:674651575(0) win 32792 <mss 16396,sackOK,timestamp 1616544 0,nop,wscale 4>
2007-01-15 23:42:05.833673 IP (tos 0x0, ttl 61, id 0, offset 0, flags [DF], proto: TCP (6), length: 40) 127.0.0.69.42 > 127.0.0.69.52935: R, cksum 0x5c66 (correct), 0:0(0) ack 674651576 win 0
2007-01-15 23:42:06.009245 IP (tos 0x0, ttl 61, id 11189, offset 0, flags [DF], proto: TCP (6), length: 60) 127.0.0.69.20161 > 127.0.0.69.42: SWE, cksum 0x96b3 (correct), 678941897:678941897(0) win 32792 <mss 16396,sackOK,timestamp 1616720 0,nop,wscale 4>
2007-01-15 23:42:06.009289 IP (tos 0x0, ttl 61, id 0, offset 0, flags [DF], proto: TCP (6), length: 40) 127.0.0.69.42 > 127.0.0.69.52936: R, cksum 0xe511 (correct), 0:0(0) ack 678941898 win 0
2007-01-15 23:42:06.169587 IP (tos 0x0, ttl 61, id 36607, offset 0, flags [DF], proto: TCP (6), length: 60) 127.0.0.69.52470 > 127.0.0.69.42: SWE, cksum 0x15b5 (correct), 681498315:681498315(0) win 32792 <mss 16396,sackOK,timestamp 1616880 0,nop,wscale 4>
2007-01-15 23:42:06.169624 IP (tos 0x0, ttl 61, id 0, offset 0, flags [DF], proto: TCP (6), length: 40) 127.0.0.69.42 > 127.0.0.69.52937: R, cksum 0xe2e7 (correct), 0:0(0) ack 681498316 win 0
If something was listening on port 42, it would see the wrong port,
e.g. 23287, 20161 or 52470, not 52935, 52936 or 52937.
--
On Mon, Jan 15, 2007 at 23:55:15 +0200, Sami Farin wrote:
> I know this may be entirely my fault but I have tried reversing
> all of my _own_ patches I applied to 2.6.19.2 but can't find what broke this.
> I did three times "netcat 127.0.0.69 42", notice the different
> port numbers.
Hmm... when I do "rmmod iptable_nat ip_nat", it works.
# iptables -t nat --list -nvx
Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
I didn't know functions in ip_nat_proto_tcp.o were called
when I have empty nat table. Oops...
without iptable_nat ip_nat:
64 bytes from 127.0.0.1: icmp_seq=3 ttl=61 time=0.053 ms
with them:
64 bytes from 127.0.0.1: icmp_seq=3 ttl=61 time=0.065 ms
*shrug* live and learn.
2007-01-16 00:44:43.616266500 <4>[ 5672.924459] [<c0103cff>] dump_trace+0x215/0x21a
2007-01-16 00:44:43.616267500 <4>[ 5672.924492] [<c0103da7>] show_trace_log_lvl+0x1a/0x30
2007-01-16 00:44:43.616269500 <4>[ 5672.924511] [<c0103dcf>] show_trace+0x12/0x14
2007-01-16 00:44:43.616270500 <4>[ 5672.924529] [<c0103ecc>] dump_stack+0x19/0x1b
2007-01-16 00:44:43.616271500 <4>[ 5672.924547] [<f8c3756f>] tcp_unique_tuple+0xd7/0x130 [ip_nat]
2007-01-16 00:44:43.616272500 <4>[ 5672.924585] [<f8c363db>] get_unique_tuple+0x5a/0x6e [ip_nat]
2007-01-16 00:44:43.616285500 <4>[ 5672.924593] [<f8c36462>] ip_nat_setup_info+0x73/0x1e6 [ip_nat]
2007-01-16 00:44:43.616287500 <4>[ 5672.924601] [<f8c3b378>] ip_nat_rule_find+0x90/0xb0 [iptable_nat]
2007-01-16 00:44:43.616288500 <4>[ 5672.924610] [<f8c3b53a>] ip_nat_fn+0xd5/0x1ac [iptable_nat]
2007-01-16 00:44:43.616289500 <4>[ 5672.924617] [<f8c3b706>] ip_nat_out+0x56/0xd3 [iptable_nat]
2007-01-16 00:44:43.616290500 <4>[ 5672.924624] [<c0443dc1>] nf_iterate+0x4b/0x77
2007-01-16 00:44:43.616295500 <4>[ 5672.925610] [<c0443e45>] nf_hook_slow+0x58/0xdf
2007-01-16 00:44:43.617058500 <4>[ 5672.926562] [<c0451065>] ip_output+0x187/0x26a
2007-01-16 00:44:43.618005500 <4>[ 5672.927511] [<c0451611>] ip_queue_xmit+0x4c9/0x5a4
2007-01-16 00:44:43.618955500 <4>[ 5672.928461] [<c04628f8>] tcp_transmit_skb+0x25b/0x466
2007-01-16 00:44:43.619911500 <4>[ 5672.929417] [<c04656ee>] tcp_connect+0x133/0x1d1
2007-01-16 00:44:43.620865500 <4>[ 5672.930371] [<c0467343>] tcp_v4_connect+0x404/0x750
2007-01-16 00:44:43.621821500 <4>[ 5672.931327] [<c0474be0>] inet_stream_connect+0x123/0x1b1
2007-01-16 00:44:43.622789500 <4>[ 5672.932295] [<c04235ed>] sys_connect+0x9c/0xbe
2007-01-16 00:44:43.623679500 <4>[ 5672.933185] [<c04240ae>] sys_socketcall+0xd2/0x272
2007-01-16 00:44:43.624612500 <4>[ 5672.934072] [<c0102e77>] syscall_call+0x7/0xb
2007-01-16 00:44:43.624614500 <4>[ 5672.934092] [<00645410>] 0x645410
2007-01-16 00:44:43.624615500 <4>[ 5672.934116] =======================
--
>Subject: Re: I broke my port numbers :(
>
>On Mon, Jan 15, 2007 at 23:55:15 +0200, Sami Farin wrote:
>> I know this may be entirely my fault but I have tried reversing
>> all of my _own_ patches I applied to 2.6.19.2 but can't find what broke this.
>> I did three times "netcat 127.0.0.69 42", notice the different
>> port numbers.
>
>Hmm... when I do "rmmod iptable_nat ip_nat", it works.
Then please show us your rulset that was loaded (iptables-save) before
you removed the modules.
-`J'
--
On Tue, Jan 16, 2007 at 14:57:56 +0100, Jan Engelhardt wrote:
>
> >Subject: Re: I broke my port numbers :(
> >
> >On Mon, Jan 15, 2007 at 23:55:15 +0200, Sami Farin wrote:
> >> I know this may be entirely my fault but I have tried reversing
> >> all of my _own_ patches I applied to 2.6.19.2 but can't find what broke this.
> >> I did three times "netcat 127.0.0.69 42", notice the different
> >> port numbers.
> >
> >Hmm... when I do "rmmod iptable_nat ip_nat", it works.
>
> Then please show us your rulset that was loaded (iptables-save) before
> you removed the modules.
For -t nat I had only
-t nat -P PREROUTING ACCEPT
-t nat -P POSTROUTING ACCEPT
-t nat -P OUTPUT ACCEPT
but due to my modifications to ip_nat_proto_tcp.c
it broke (ip_nat_proto_tcp.c wasn't supposed to get used,
anyways).
--