Comments (20)
Can you paste the actual code?
from python-iptables.
import iptc
chain = iptc.Chain(iptc.TABLE_NAT, "POSTROUTING")
rule = iptc.Rule()
rule.protocol = "tcp"
rule.out_interface = "eth0"
target = iptc.Target(rule, "MASQUERADE")
target.to_ports = "1234"
rule.target = target
chain.insert_rule(rule)
i got the code from http://nilvec.com/stuff/python-iptables/docs/html/examples.html#simple-rule-not-using-any-match-extensions
from python-iptables.
Can you tell me the version of your OS and iptables? Do you use the latest python-iptables from github?
from python-iptables.
Ubuntu 12.04 iptables v1.4.12. yes i cloned the code from here and ran setup.py
from python-iptables.
Some of the core structures in iptables have changed. Let me take some time to figure out how python-iptables can use them without breaking compatibility with older versions.
from python-iptables.
I have this issue too, any ETA on when it's going to be fixed ?
Thanks.
from python-iptables.
Hi,
I am facing the same issue with same iptables (1.4.12) and python-iptables (0.1.1) versions on Ubuntu 12.04.
Can you please tell us if you are working on this?
I can also work on a patch... Can you give me some hint/suggestion on how to tackle this?
Thanks for putting this library out there!
from python-iptables.
See #13 for a patch (not fully functional, needs some more work it seems).
from python-iptables.
Hi,
I'm very new with git and github, can you please explain me how to get the patch for this issue ?
Thanks.
from python-iptables.
Ok, I cloned hach-que/python-iptables and tried to build it but I think it is missing a file:
[mageia@dci-laptop hach-que-python-iptables (master)]$ python setup.py build
running build
running build_py
creating build
creating build/lib.linux-x86_64-2.7
creating build/lib.linux-x86_64-2.7/iptc
copying iptc/xtables.py -> build/lib.linux-x86_64-2.7/iptc
copying iptc/version.py -> build/lib.linux-x86_64-2.7/iptc
copying iptc/init.py -> build/lib.linux-x86_64-2.7/iptc
warning: build_py: byte-compiling is disabled, skipping.
running build_ext
building 'libxtwrapper' extension
creating build/temp.linux-x86_64-2.7
creating build/temp.linux-x86_64-2.7/libxtwrapper
gcc -pthread -fno-strict-aliasing -O2 -g -pipe -Wformat -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -fstack-protector --param=ssp-buffer-size=4 -I/usr/include/ncursesw -DNDEBUG -O2 -g -pipe -Wformat -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -fstack-protector --param=ssp-buffer-size=4 -g -fPIC -I/usr/include/python2.7 -c libxtwrapper/wrapper.c -o build/temp.linux-x86_64-2.7/libxtwrapper/wrapper.o -g -O0
libxtwrapper/wrapper.c:6:44: fatal error: ../iptables/include/xtables.h.in: No such file or directory
compilation terminated.
error: command 'gcc' failed with exit status 1
from python-iptables.
Yes, modify that line to "#include <xtables.h>", and make sure the iptables-dev package (on Ubuntu) is installed.
from python-iptables.
Ok I'm not sure what you mean with "modify that line to "#include"", but I changed that include to "#include "xtables.h" and now the error changed to this:
gcc -pthread -shared -Wl,--as-needed -Wl,--no-undefined -Wl,-z,relro -Wl,-O1 -Wl,--build-id -Wl,--enable-new-dtags build/temp.linux-x86_64-2.7/libxtwrapper/wrapper.o -L/usr/lib64 -lpython2.7 -o build/lib.linux-x86_64-2.7/libxtwrapper.so -g -O0
build/temp.linux-x86_64-2.7/libxtwrapper/wrapper.o: In function wrap_mpcall': /home/mageia/git/hach-que-python-iptables/libxtwrapper/wrapper.c:71: undefined reference to
xtables_option_mpcall'
build/temp.linux-x86_64-2.7/libxtwrapper/wrapper.o: In function wrap_tpcall': /home/mageia/git/hach-que-python-iptables/libxtwrapper/wrapper.c:87: undefined reference to
xtables_option_tpcall'
collect2: ld returned 1 exit status
error: command 'gcc' failed with exit status 1
I'm on Mageia 2 with iptables-devel-1.4.12.2-2 installed.
btw, I maintain python-iptables for Mageia and I'm also have a package for OpenSUSE that I want to get included.
from python-iptables.
If you have python-iptables already installed, first remove it. You should also use '#include <xtables.h>', not '#include "xtables.h"'. Let me know if this helps - for me it compiles with iptables v1.4.12.
from python-iptables.
Yes, I had python-iptables removed, I really don't understand what you mean with the include statement, of course if I leave only:
#include
compilation will fail as it is an incomplete #include statement.
from python-iptables.
Sorry, it should be #include <xtables.h>
.
from python-iptables.
On Mon, Oct 15, 2012 at 3:34 AM, ldx [email protected] wrote:
Sorry, it should be #include <xtables.h>.
I tried that too and the error is still the same. This is with iptables
1.4.12.
from python-iptables.
Ok, the problem was a missing linker flag to link against libxtables. I created a pull request to merge this fix and the previous one about the wrong include for xtables.h on libxtwrapper/wrapper.c:
from python-iptables.
Ok, I tested again with the hach-que/python-iptables fork and this issue is still present:
chain = iptc.Chain(iptc.TABLE_FILTER, "INPUT")
rule = iptc.Rule()
rule.protocol = "tcp"
rule.in_interface = "eth+"
rule.src = "10.0.2.2"
rule.dst = "10.1.1.1"
target = iptc.Target(rule, "DROP")
target.to_ports = str(666)
rule.target = target
chain.insert_rule(rule)
Produces the same error:
Traceback (most recent call last):
File "test/iptables_add.py", line 19, in <module>
target.to_ports = str(666)
File "/usr/lib64/python2.7/site-packages/iptc/__init__.py", line 410, in __setattr__
self.parse(name.replace("_", "-"), value)
File "/usr/lib64/python2.7/site-packages/iptc/__init__.py", line 376, in parse
(self._module.name, parameter))
AttributeError: standard: invalid parameter to-ports
from python-iptables.
See the other tickets, iptables 1.4 introduced new module callbacks - we're not compatible with it yet.
from python-iptables.
Please take a look at HEAD, and open a new ticket if you still experience issues. The new iptables API is now supported by python-iptables (see http://nilvec.com/python-iptables-update/ for further info).
from python-iptables.
Related Issues (20)
- Double free on _Buffer destruction HOT 4
- Segmentation fault when create hashlimit match HOT 3
- iptables and iptables-legacy with Docker containers HOT 2
- Rules added via iptc - not found in iptables o/p HOT 5
- iptc has problem when working with syslog module.
- iptc.errors.XTablesError: can't find target response on iptc.easy.dump_table('filter', ipv6=False) and others
- Can't find target JOOL_SIIT when iptables for both ipv4 and ipv6 are used HOT 1
- A question please, not an issue
- cannot use protocol "all"
- Empty rule list returned on Rocky8 HOT 3
- ldconfig packaged in glibc-2.28 has a different out out than ldconfig in glibc-2.17
- Can I use python-iptables on Python 3.6? HOT 1
- Match_set invalid value b'ipset_name' HOT 8
- How to set match LOCAL HOT 4
- --random parameter not working with SNAT HOT 5
- is nftable not supported?
- can't dump rules
- Is it possible to create '! --dports' rule?
- iptc/ip4tc.py:261: SyntaxWarning: invalid escape sequence '\s'
- Segfault on None or 'None' for dport extension
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from python-iptables.