Iptables DNS Resolve Problem....in CHROOT

**dashang** · 10-12-2011

Hi Everyone

i am trying to execute the the iptables rule

iptables -t mangle -I PREROUTING -d google.com -j ACCEPT

its give error...

Code:

[root@manage /root]#chroot /var/iptablespackaging/ sbin/iptables -t mangle -I PREROUTING -d google.com -j ACCEPT
iptables v1.4.10: host/network `google.com' not found
Try `iptables -h' or 'iptables --help' for more information.

for that my DNS is also correct

Code:

[root@manage /root]# vi /etc/resolv.conf 
nameserver      203.88.135.194
nameserver      127.0.0.1

MY ALL IPTABLES RULES IS WORKING BUT just this rule is not going to work...

i have take STRACE command output...

Code:

[root@manage /root]# chroot /var/iptablespackaging/ sbin/iptables -t mangle -I PREROUTING -d google.com -j ACCEPT
iptables v1.4.10: host/network `google.com' not found
Try `iptables -h' or 'iptables --help' for more information.
[root@manage /root]# strace chroot /var/iptablespackaging/ sbin/iptables -t mangle -I PREROUTING -d google.com -j ACCEPT
execve("/usr/sbin/chroot", ["chroot", "/var/iptablespackaging/", "sbin/iptables", "-t", "mangle", "-I", "PREROUTING", "-d", "google.com", "-j", "ACCEPT"], [/* 19 vars */]) = 0
uname({sys="Linux", node="manage", ...}) = 0
brk(0)                                  = 0x804b000
old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb78ad000
open("/etc/ld.so.preload", O_RDONLY)    = -1 ENOENT (No such file or directory)
open("/etc/ld.so.cache", O_RDONLY)      = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=8840, ...}) = 0
old_mmap(NULL, 8840, PROT_READ, MAP_PRIVATE, 3, 0) = 0xb78aa000
close(3)                                = 0
open("/lib/libc.so.6", O_RDONLY)        = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0 \304\1\0004\0\0\0"..., 1024) = 1024
fstat64(3, {st_mode=S_IFREG|0755, st_size=5737218, ...}) = 0
old_mmap(NULL, 1267240, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) = 0xb7774000
mprotect(0xb78a0000, 38440, PROT_NONE)  = 0
old_mmap(0xb78a0000, 24576, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3, 0x12b000) = 0xb78a0000
old_mmap(0xb78a6000, 13864, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0xb78a6000
close(3)                                = 0
munmap(0xb78aa000, 8840)                = 0
brk(0)                                  = 0x804b000
brk(0x804b028)                          = 0x804b028
brk(0x804c000)                          = 0x804c000
open("/usr/share/locale/locale.alias", O_RDONLY) = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=2601, ...}) = 0
old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb78ac000
read(3, "# Locale name alias data base.\n#"..., 4096) = 2601
read(3, "", 4096)                       = 0
close(3)                                = 0
munmap(0xb78ac000, 4096)                = 0
open("/usr/lib/locale/en_US/LC_IDENTIFICATION", O_RDONLY) = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=370, ...}) = 0
old_mmap(NULL, 370, PROT_READ, MAP_PRIVATE, 3, 0) = 0xb78ac000
close(3)                                = 0
open("/usr/lib/locale/en_US/LC_MEASUREMENT", O_RDONLY) = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=28, ...}) = 0
old_mmap(NULL, 28, PROT_READ, MAP_PRIVATE, 3, 0) = 0xb78ab000
close(3)                                = 0
open("/usr/lib/locale/en_US/LC_TELEPHONE", O_RDONLY) = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=64, ...}) = 0
old_mmap(NULL, 64, PROT_READ, MAP_PRIVATE, 3, 0) = 0xb78aa000
close(3)                                = 0
open("/usr/lib/locale/en_US/LC_ADDRESS", O_RDONLY) = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=160, ...}) = 0
old_mmap(NULL, 160, PROT_READ, MAP_PRIVATE, 3, 0) = 0xb7773000
close(3)                                = 0
open("/usr/lib/locale/en_US/LC_NAME", O_RDONLY) = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=82, ...}) = 0
old_mmap(NULL, 82, PROT_READ, MAP_PRIVATE, 3, 0) = 0xb7772000
brk(0x804d000)                          = 0x804d000
close(3)                                = 0
open("/usr/lib/locale/en_US/LC_PAPER", O_RDONLY) = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=39, ...}) = 0
old_mmap(NULL, 39, PROT_READ, MAP_PRIVATE, 3, 0) = 0xb7771000
close(3)                                = 0
open("/usr/lib/locale/en_US/LC_MESSAGES", O_RDONLY) = 3
fstat64(3, {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0
close(3)                                = 0
open("/usr/lib/locale/en_US/LC_MESSAGES/SYS_LC_MESSAGES", O_RDONLY) = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=57, ...}) = 0
old_mmap(NULL, 57, PROT_READ, MAP_PRIVATE, 3, 0) = 0xb7770000
close(3)                                = 0
open("/usr/lib/locale/en_US/LC_MONETARY", O_RDONLY) = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=291, ...}) = 0
old_mmap(NULL, 291, PROT_READ, MAP_PRIVATE, 3, 0) = 0xb776f000
close(3)                                = 0
open("/usr/lib/locale/en_US/LC_COLLATE", O_RDONLY) = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=21499, ...}) = 0
old_mmap(NULL, 21499, PROT_READ, MAP_PRIVATE, 3, 0) = 0xb7769000
close(3)                                = 0
open("/usr/lib/locale/en_US/LC_TIME", O_RDONLY) = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=2456, ...}) = 0
old_mmap(NULL, 2456, PROT_READ, MAP_PRIVATE, 3, 0) = 0xb7768000
close(3)                                = 0
open("/usr/lib/locale/en_US/LC_NUMERIC", O_RDONLY) = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=59, ...}) = 0
old_mmap(NULL, 59, PROT_READ, MAP_PRIVATE, 3, 0) = 0xb7767000
close(3)                                = 0
open("/usr/lib/locale/en_US/LC_CTYPE", O_RDONLY) = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=173408, ...}) = 0
old_mmap(NULL, 173408, PROT_READ, MAP_PRIVATE, 3, 0) = 0xb773c000
close(3)                                = 0
chroot("/var/iptablespackaging/")       = 0
chdir("/")                              = 0
execve("sbin/iptables", ["sbin/iptables"..., "-t"..., "mangle"..., "-I"..., "PREROUTING"..., "-d"..., "google.com"..., "-j"..., "ACCEPT"...], [/* 19 vars */]) = 0
brk(0)                                  = 0x809c000
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb776c000
access("/etc/ld.so.preload", R_OK)      = -1 ENOENT (No such file or directory)
open("/usr/local/lib/tls/i686/sse2/libip4tc.so.0", O_RDONLY) = -1 ENOENT (No such file or directory)
stat64("/usr/local/lib/tls/i686/sse2", 0xbf99ca78) = -1 ENOENT (No such file or directory)
open("/usr/local/lib/tls/i686/libip4tc.so.0", O_RDONLY) = -1 ENOENT (No such file or directory)
stat64("/usr/local/lib/tls/i686", 0xbf99ca78) = -1 ENOENT (No such file or directory)
open("/usr/local/lib/tls/sse2/libip4tc.so.0", O_RDONLY) = -1 ENOENT (No such file or directory)
stat64("/usr/local/lib/tls/sse2", 0xbf99ca78) = -1 ENOENT (No such file or directory)
open("/usr/local/lib/tls/libip4tc.so.0", O_RDONLY) = -1 ENOENT (No such file or directory)
stat64("/usr/local/lib/tls", 0xbf99ca78) = -1 ENOENT (No such file or directory)
open("/usr/local/lib/i686/sse2/libip4tc.so.0", O_RDONLY) = -1 ENOENT (No such file or directory)
stat64("/usr/local/lib/i686/sse2", 0xbf99ca78) = -1 ENOENT (No such file or directory)
open("/usr/local/lib/i686/libip4tc.so.0", O_RDONLY) = -1 ENOENT (No such file or directory)
stat64("/usr/local/lib/i686", 0xbf99ca78) = -1 ENOENT (No such file or directory)
open("/usr/local/lib/sse2/libip4tc.so.0", O_RDONLY) = -1 ENOENT (No such file or directory)
stat64("/usr/local/lib/sse2", 0xbf99ca78) = -1 ENOENT (No such file or directory)
open("/usr/local/lib/libip4tc.so.0", O_RDONLY) = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\320\r\0\0004\0\0\0"..., 512) = 512
fstat64(3, {st_mode=S_IFREG|0755, st_size=68168, ...}) = 0
mmap2(NULL, 21252, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb7766000
mmap2(0xb776b000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x5) = 0xb776b000
close(3)                                = 0
open("/usr/local/lib/libxtables.so.5", O_RDONLY) = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0@\31\0\0004\0\0\0"..., 512) = 512
fstat64(3, {st_mode=S_IFREG|0755, st_size=64549, ...}) = 0
mmap2(NULL, 26720, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb775f000
mmap2(0xb7765000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x6) = 0xb7765000
close(3)                                = 0
open("/usr/local/lib/libm.so.6", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/etc/ld.so.cache", O_RDONLY)      = -1 ENOENT (No such file or directory)
open("/lib/tls/i686/sse2/libm.so.6", O_RDONLY) = -1 ENOENT (No such file or directory)
stat64("/lib/tls/i686/sse2", 0xbf99ca40) = -1 ENOENT (No such file or directory)
open("/lib/tls/i686/libm.so.6", O_RDONLY) = -1 ENOENT (No such file or directory)
stat64("/lib/tls/i686", 0xbf99ca40)     = -1 ENOENT (No such file or directory)
open("/lib/tls/sse2/libm.so.6", O_RDONLY) = -1 ENOENT (No such file or directory)
stat64("/lib/tls/sse2", 0xbf99ca40)     = -1 ENOENT (No such file or directory)
open("/lib/tls/libm.so.6", O_RDONLY)    = -1 ENOENT (No such file or directory)
stat64("/lib/tls", 0xbf99ca40)          = -1 ENOENT (No such file or directory)
open("/lib/i686/sse2/libm.so.6", O_RDONLY) = -1 ENOENT (No such file or directory)
stat64("/lib/i686/sse2", 0xbf99ca40)    = -1 ENOENT (No such file or directory)
open("/lib/i686/libm.so.6", O_RDONLY)   = -1 ENOENT (No such file or directory)
stat64("/lib/i686", 0xbf99ca40)         = -1 ENOENT (No such file or directory)
open("/lib/sse2/libm.so.6", O_RDONLY)   = -1 ENOENT (No such file or directory)
stat64("/lib/sse2", 0xbf99ca40)         = -1 ENOENT (No such file or directory)
open("/lib/libm.so.6", O_RDONLY)        = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0`\364K\0004\0\0\0"..., 512) = 512
fstat64(3, {st_mode=S_IFREG|0755, st_size=206204, ...}) = 0
mmap2(0x4bc000, 159872, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x4bc000
mmap2(0x4e2000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x25) = 0x4e2000
close(3)                                = 0
open("/usr/local/lib/libc.so.6", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/lib/libc.so.6", O_RDONLY)        = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\340\v6\0004\0\0\0"..., 512) = 512
fstat64(3, {st_mode=S_IFREG|0755, st_size=1799176, ...}) = 0
mmap2(0x34a000, 1505576, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x34a000
mmap2(0x4b4000, 12288, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x16a) = 0x4b4000
mmap2(0x4b7000, 10536, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x4b7000
close(3)                                = 0
open("/usr/local/lib/libdl.so.2", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/lib/libdl.so.2", O_RDONLY)       = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0`jN\0004\0\0\0"..., 512) = 512
fstat64(3, {st_mode=S_IFREG|0755, st_size=20464, ...}) = 0
mmap2(0x4e6000, 16500, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x4e6000
mmap2(0x4e9000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2) = 0x4e9000
close(3)                                = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb775e000
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb775d000
set_thread_area({entry_number:-1 -> 6, base_addr:0xb775d6c0, limit:1048575, seg_32bit:1, contents:0, read_exec_only:0, limit_in_pages:1, seg_not_present:0, useable:1}) = 0
mprotect(0x4e9000, 4096, PROT_READ)     = 0
mprotect(0x4b4000, 8192, PROT_READ)     = 0
mprotect(0x4e2000, 4096, PROT_READ)     = 0
mprotect(0x346000, 4096, PROT_READ)     = 0
brk(0)                                  = 0x809c000
brk(0x80bd000)                          = 0x80bd000
open("/usr/local/libexec/xtables/libxt_standard.so", O_RDONLY) = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\340\3\0\0004\0\0\0"..., 512) = 512
fstat64(3, {st_mode=S_IFREG|0755, st_size=8723, ...}) = 0
mmap2(NULL, 6032, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb775b000
mmap2(0xb775c000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0) = 0xb775c000
close(3)                                = 0
open("/etc/nsswitch.conf", O_RDONLY)    = -1 ELOOP (Too many levels of symbolic links)
open("/usr/local/lib/libnss_dns.so.2", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/lib/libnss_dns.so.2", O_RDONLY)  = -1 ENOENT (No such file or directory)
open("/usr/lib/tls/i686/sse2/libnss_dns.so.2", O_RDONLY) = -1 ENOENT (No such file or directory)
stat64("/usr/lib/tls/i686/sse2", 0xbf99c594) = -1 ENOENT (No such file or directory)
open("/usr/lib/tls/i686/libnss_dns.so.2", O_RDONLY) = -1 ENOENT (No such file or directory)
stat64("/usr/lib/tls/i686", 0xbf99c594) = -1 ENOENT (No such file or directory)
open("/usr/lib/tls/sse2/libnss_dns.so.2", O_RDONLY) = -1 ENOENT (No such file or directory)
stat64("/usr/lib/tls/sse2", 0xbf99c594) = -1 ENOENT (No such file or directory)
open("/usr/lib/tls/libnss_dns.so.2", O_RDONLY) = -1 ENOENT (No such file or directory)
stat64("/usr/lib/tls", 0xbf99c594)      = -1 ENOENT (No such file or directory)
open("/usr/lib/i686/sse2/libnss_dns.so.2", O_RDONLY) = -1 ENOENT (No such file or directory)
stat64("/usr/lib/i686/sse2", 0xbf99c594) = -1 ENOENT (No such file or directory)
open("/usr/lib/i686/libnss_dns.so.2", O_RDONLY) = -1 ENOENT (No such file or directory)
stat64("/usr/lib/i686", 0xbf99c594)     = -1 ENOENT (No such file or directory)
open("/usr/lib/sse2/libnss_dns.so.2", O_RDONLY) = -1 ENOENT (No such file or directory)
stat64("/usr/lib/sse2", 0xbf99c594)     = -1 ENOENT (No such file or directory)
open("/usr/lib/libnss_dns.so.2", O_RDONLY) = -1 ENOENT (No such file or directory)
stat64("/usr/lib", 0xbf99c594)          = -1 ENOENT (No such file or directory)
open("/usr/local/lib/libnss_files.so.2", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/lib/libnss_files.so.2", O_RDONLY) = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0000\32\0\0004\0\0\0"..., 512) = 512
fstat64(3, {st_mode=S_IFREG|0755, st_size=55540, ...}) = 0
mmap2(NULL, 49864, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb774e000
mmap2(0xb7759000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xa) = 0xb7759000
close(3)                                = 0
mprotect(0xb7759000, 4096, PROT_READ)   = 0
getpid()                                = 12441
open("/etc/resolv.conf", O_RDONLY)      = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=47, ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb774d000
read(3, "nameserver\t203.88.135.194\nnamese"..., 4096) = 47
read(3, "", 4096)                       = 0
close(3)                                = 0
munmap(0xb774d000, 4096)                = 0
uname({sys="Linux", node="manage", ...}) = 0
open("/etc/networks", O_RDONLY|0x80000 /* O_??? */) = -1 ENOENT (No such file or directory)
socket(PF_FILE, 0x80801 /* SOCK_??? */, 0) = 3
connect(3, {sa_family=AF_FILE, path="/var/run/nscd/socket"}, 110) = -1 ENOENT (No such file or directory)
close(3)                                = 0
socket(PF_FILE, 0x80801 /* SOCK_??? */, 0) = 3
connect(3, {sa_family=AF_FILE, path="/var/run/nscd/socket"}, 110) = -1 ENOENT (No such file or directory)
close(3)                                = 0
open("/etc/nsswitch.conf", O_RDONLY)    = -1 ELOOP (Too many levels of symbolic links)
open("/etc/host.conf", O_RDONLY)        = -1 ENOENT (No such file or directory)
open("/etc/hosts", O_RDONLY|0x80000 /* O_??? */) = -1 ELOOP (Too many levels of symbolic links)
write(2, "iptables v1.4.10: ", 18iptables v1.4.10: )      = 18
write(2, "host/network `google.com\' not fo"..., 35host/network `google.com' not found) = 35
write(2, "\n", 1
)                       = 1
write(2, "Try `iptables -h\' or \'iptables -"..., 61Try `iptables -h' or 'iptables --help' for more information.
) = 61
exit_group(2)                           = ?

Please tell me the solution....

**Lazydog** · 10-12-2011

You need to use the IP address not the name

Thread Tools

Display

Iptables DNS Resolve Problem....in CHROOT

Posting Permissions