Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

iptables error in android: iptables-save and iptables-restore not working

I have compiled Linux for android emulator with full netfilter functionality enabled. And got a iptables binary after building android from source.

When i push this binary to the emulator

i can execute commands like below successfully.

iptables -L
iptables -F
iptables -A INPUT -s www.google.com -j DROP 

with this error:

# # iptables -L
getsockopt for multiport failed strangely: No such file or directory
getsockopt for multiport failed strangely: No such file or directory
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         
# 

and

# iptables -A INPUT -s www.google.com -j DROP
getsockopt for multiport failed strangely: No such file or directory
getsockopt for multiport failed strangely: No such file or directory
FIX ME! implement getgrnam() bionic/libc/bionic/stubs.c:344

but atleast the above commands they work!

but when i try

iptables-save     or
iptables-restore

i get error saying

iptables-save: not found

In my config file

CONFIG_NETFILTER_XT_MATCH_MULTIPORT=m

what is the problem..?? and how can i enable full iptables functionality in android or how can i save the current active iptables rules safely and reload them when next reboot.

please help. thank you!

like image 411
Preetam Avatar asked Oct 24 '22 15:10

Preetam


1 Answers

The iptables-save and iptables-restore binaries are not built by the default Android system makefiles.

You'll need to add rules to the Android.mk file in $mydroid/external/iptables/ to build them. The source files, iptables-save.c and iptables-restore.c are already in that directory.

Untested, but to build iptables-save, add something like this to the end of Android.mk. Rinse and repeat for iptables-restore:

#
# Build iptables-save
#

include $(CLEAR_VARS)

LOCAL_C_INCLUDES:= \
    $(LOCAL_PATH)/include/ \
    $(KERNEL_HEADERS)

LOCAL_CFLAGS:=-DNO_SHARED_LIBS
LOCAL_CFLAGS+=-DIPTABLES_VERSION=\"1.3.7\"

LOCAL_SRC_FILES:= \
    iptables-save.c 

LOCAL_MODULE_TAGS:=debug
LOCAL_MODULE:=iptables-save

LOCAL_STATIC_LIBRARIES := \
    libiptc \
    libext

include $(BUILD_EXECUTABLE)
like image 157
David B. Avatar answered Oct 27 '22 09:10

David B.