Xen users - Oct 2006 - iptables not working. dom0, CentOS 4.4 domU, Debian 3.1 Xen 3.0.3-0 from source

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I have a CentOS 4.4 dom0 with Xen 3.0.3-0 installed from source.

Iptables works in the dom0 but not in domU

In the domU, Debian 3.1 (Sarge)

mharlow@shell:~$ dpkg -l module-init-tools iptables
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Installed/Config-files/Unpacked/Failed-config/Half-installed
|/ Err?=(none)/Hold/Reinst-required/X=both-problems (Status,Err: uppercase=bad)
||/ Name                              Version
Description
+++-=================================-=================================-=================================================================================ii
module-init-tools                 3.2.2-3~bpo.1                     tools for
managing Linux kernel modules
ii  iptables                          1.3.5.0debian1-1~bpo.1            Linux
kernel 2.4+ iptables administration tools
mharlow@shell:~$ uname -a
Linux shell 2.6.16.29-xen #1 SMP Sat Oct 28 05:59:34 CDT 2006 x86_64 GNU/Linux
mharlow@shell:~$ sudo iptables -L
iptables v1.3.5: can''t initialize iptables table `filter'': Bad
file descriptor
Perhaps iptables or your kernel needs to be upgraded.
mharlow@shell:~$ lsmod
Module                  Size  Used by
quota_v2               13056  0
iptable_filter          7296  0
ip_tables              16984  1 iptable_filter
x_tables               17160  1 ip_tables
ipv6                  259200  14
uhci_hcd               34208  0
ohci_hcd               23044  0
ehci_hcd               33288  0
usbcore               127912  3 uhci_hcd,ohci_hcd,ehci_hcd
ext3                  122128  5
jbd                    58664  1 ext3
dm_mod                 52688  0
ide_disk               17280  0
sata_nv                13444  0
libata                 61720  1 sata_nv
sd_mod                 19712  0
scsi_mod              140816  2 libata,sd_mod

Yes I copied /lib/modules/2.6.16.29-xen to the domU.

I have tried using both the 1.3.5 iptables and 1.2.11-10

Any ideas or suggestions for how to resolve this?

- -- 
Matt Okeson-Harlow
Sen gutoj malgrandaj maro ne ekzistus
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)

iD8DBQFFROXcIC6c4rRklDURAs4dAJ0Sg1Pkl7JgUuHltYh+N+CRPqD+/QCgiOzu
wM1bUEgRH0HSHLu7ovznUYY=i+Im
-----END PGP SIGNATURE-----

_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I think I found my problem.

I have an x86_64 system, however the iptables packages are i386.  I compiled
iptables 1.3.5 from source on dom0 and copied it to the domU and all appears
to be working.

On Sun, Oct 29, 2006 at 11:33:17AM -0600, Matt Okeson-Harlow
wrote:
> I have a CentOS 4.4 dom0 with Xen 3.0.3-0 installed from source.
> 
> Iptables works in the dom0 but not in domU
> 
> In the domU, Debian 3.1 (Sarge)
> 
> mharlow@shell:~$ dpkg -l module-init-tools iptables
> Desired=Unknown/Install/Remove/Purge/Hold
> | Status=Not/Installed/Config-files/Unpacked/Failed-config/Half-installed
> |/ Err?=(none)/Hold/Reinst-required/X=both-problems (Status,Err:
uppercase=bad)
> ||/ Name                              Version
> Description
>
+++-=================================-=================================-=================================================================================>
ii  module-init-tools                 3.2.2-3~bpo.1                     tools
for managing Linux kernel modules
> ii  iptables                          1.3.5.0debian1-1~bpo.1           
Linux kernel 2.4+ iptables administration tools
> mharlow@shell:~$ uname -a
> Linux shell 2.6.16.29-xen #1 SMP Sat Oct 28 05:59:34 CDT 2006 x86_64
GNU/Linux
> mharlow@shell:~$ sudo iptables -L
> iptables v1.3.5: can''t initialize iptables table
`filter'': Bad file descriptor
> Perhaps iptables or your kernel needs to be upgraded.
> mharlow@shell:~$ lsmod
> Module                  Size  Used by
> quota_v2               13056  0
> iptable_filter          7296  0
> ip_tables              16984  1 iptable_filter
> x_tables               17160  1 ip_tables
> ipv6                  259200  14
> uhci_hcd               34208  0
> ohci_hcd               23044  0
> ehci_hcd               33288  0
> usbcore               127912  3 uhci_hcd,ohci_hcd,ehci_hcd
> ext3                  122128  5
> jbd                    58664  1 ext3
> dm_mod                 52688  0
> ide_disk               17280  0
> sata_nv                13444  0
> libata                 61720  1 sata_nv
> sd_mod                 19712  0
> scsi_mod              140816  2 libata,sd_mod
> 
> Yes I copied /lib/modules/2.6.16.29-xen to the domU.
> 
> I have tried using both the 1.3.5 iptables and 1.2.11-10
> 
> Any ideas or suggestions for how to resolve this?
> 
> -- 
> Matt Okeson-Harlow
> Sen gutoj malgrandaj maro ne ekzistus
> 
> _______________________________________________
> Xen-users mailing list
> Xen-users@lists.xensource.com
> http://lists.xensource.com/xen-users
- -- 
Matt Okeson-Harlow
Sen gutoj malgrandaj maro ne ekzistus
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)

iD8DBQFFRby4IC6c4rRklDURAv/IAJ9Hh8G7q8m5NflYkhGjsO2JCWMDrQCfbU/J
PJJz9bYtQV8uFWyIFaYRPT0=KHi0
-----END PGP SIGNATURE-----

_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users