2002-09-27 15:58:54

by Nathan

[permalink] [raw]
Subject: PING: Failed to install socket filter after kernel update

Okay I finally made it through my kernel recompile with iptables 1.2.7a in
there, and it seems to be working (I can do a #iptables -L and it lists my
default chains) but there's about a 10-second delay with anything
network-related now. When I ssh to the box, it used to come up immediately,
now there's the delay. When I lynx to a site, delay. When I ping, I get
useful info, then a delay.

The is the output of a simple ping apple.com:

PING apple.com ( from : 56(84) bytes of data.
WARNING: failed to install socket filter
: Protocol not available
64 bytes from apple.com ( icmp_seq=1 ttl=51 time=49.8 ms
64 bytes from apple.com ( icmp_seq=2 ttl=51 time=50.5 ms
64 bytes from apple.com ( icmp_seq=3 ttl=51 time=56.7 ms
64 bytes from apple.com ( icmp_seq=4 ttl=51 time=58.8 ms

--- apple.com ping statistics ---
4 packets transmitted, 4 received, 0% loss, time 15398ms
rtt min/avg/max/mdev = 49.835/53.987/58.830/3.877 ms

Notice the time 15398ms... It comes up after a couple seconds with the
WARNING, then delays about 5 seconds, then spits out the ping info slowly,
even though the return times may be under 10ms.

So what's up with the failing to install socket filter stuff? What did I do
to my kernel? :-)

Machine info: RH 7.3 on a Dell PE 350, with a newly compiled 2.4.19 kernel
and compiled iptables 1.2.7a (tried 1.2.6a with same results). I have
completely removed ipchains.

If anyone wants to see my kernel config file, or some of the flags from it,
lemme know.

# Nathan