f



iproute2 fwmark doesn't work (or iptables --set-mark doesn't)

Hi,

I just subscribed this group. Hello everyone!

I have a problem with setting up routing. In short, I want to mark certain 
packets with iptables and then catch these marks with iproute2. However 
Linux seems to ignore these marks.

I have a 3.11.4 kernel with CONFIG_IP_ADVANCED_ROUTER and CONFIG_IP_MULTIPLE_TABLES 
set. Here's my setup:

- eth0: LAN
  - IP 192.168.0.1, netmask /24
  - It connects to the LAN

- eth1: WAN
  - IP 192.168.1.180, netmask /24, gateway 192.168.1.1
  - It connects to the Internet

- tap0: VPN (created with OpenVPN)
  - Local IP 172.24.25.4, remote IP (and gateway) 172.24.25.2, netmask /24

I want to pass certain traffic through 192.168.1.1 (eth1) and certain through 
172.24.25.2 (tap0) - local traffic as well as routed traffic. Rules will be 
somewhat complicated (for locally-generated traffic and routed traffic), now 
just let's assume that I want to mark all packets to go through 192.168.1.1.

I have added two new routing tables to /etc/iproute2/rt_tables:

#v+
2 vpn
3 wan
#v-

I've created two of them, so the main table will not have a default gateway. 
This way I can avoid errors - if I make a mistake and traffic goes through 
the main table, it won't get out.

Tables are then populated:

#v+
ip route flush table main
ip route add 192.168.0.0/24 dev eth0 table main
ip route add 192.168.1.0/24 dev eth1 table main
ip route add 172.24.25.0/24 dev tap0 table main

ip route flush table wan
ip route add 192.168.0.0/24 dev eth0 table wan
ip route add 192.168.1.0/24 dev eth1 table wan
ip route add 172.24.25.0/24 dev tap0 table wan
ip route add default via 192.168.1.1 dev eth1 table wan

ip route flush table vpn
ip route add 192.168.0.0/24 dev eth0 table vpn
ip route add 192.168.1.0/24 dev eth1 table vpn
ip route add 172.24.25.0/24 dev tap0 table vpn
ip route add default via 172.24.25.2 dev tap0 table vpn
#v-

And now rules. I want packets marked with 2 going through WAN and packets 
marked with 3 going through VPN.

#v+
ip rule flush

# restore default rules (deleted by flush)
ip rule add from all lookup main prio 32766
ip rule add from all lookup default prio 32767

ip rule add fwmark 2 table wan
ip rule add fwmark 3 table vpn
#v-

Now the cache is reloaded...

#v+
ip route flush table cache
#v-

And iptables flushed:

#v+
iptables -t filter -F
iptables -t nat -F
iptables -t mangle -F
#v-

And now the tricky part. I can't make iptables mark packets (or can't 
make iproute2 honor fwmark). I've tried different combinations of:

#v+
iptables -t mangle -A PREROUTING -j MARK --set-mark 2
iptables -t mangle -A POSTROUTING -j MARK --set-mark 2
iptables -t mangle -A OUTPUT -j MARK --set-mark 2
iptables -t mangle -A PREROUTING -j CONNMARK --restore-mark
iptables -t mangle -A POSTROUTING -j CONNMARK --restore-mark
iptables -t mangle -A OUTPUT -j CONNMARK --restore-mark
iptables -t mangle -A PREROUTING -m connmark --mark 2 -j CONNMARK --restore-mark
iptables -t mangle -A POSTROUTING -m connmark --mark 2 -j CONNMARK --restore-mark
iptables -t mangle -A OUTPUT -m connmark --mark 2 -j CONNMARK --restore-mark
iptables -t mangle -A PREROUTING -p tcp --dport 80 -j MARK --set-mark 2
iptables -t mangle -A PREROUTING -p tcp --dport 80 -j CONNMARK --set-mark 2
iptables -t mangle -A PREROUTING -m connmark --mark 2 -j CONNMARK --restore-mark
iptables -t mangle -A OUTPUT -j CONNMARK --restore-mark
#v-

And nothing. All commands succeeed, but traffic still gets through the 
main table. Regarding to this:

http://tldp.org/HOWTO/Adv-Routing-HOWTO/lartc.netfilter.html

it should work. What am I missing?

Kernel doesn't have CONFIG_IP_ROUTE_FWMARK (it's completely absent), but 
I've read that in new kernels it is enabled by default and not found in 
config.

Thanks for your time.

Cheers.

AW
0
gof
12/3/2013 1:45:33 PM
comp.os.linux.networking 15677 articles. 0 followers. Post Follow

9 Replies
2190 Views

Similar Articles

[PageSpeed] 29

On 3.12.13 15:45, Adam Wysocki wrote:
> Hi,
>
> I just subscribed this group. Hello everyone!
>
> I have a problem with setting up routing. In short, I want to mark certain
> packets with iptables and then catch these marks with iproute2. However
> Linux seems to ignore these marks.
>
> I have a 3.11.4 kernel with CONFIG_IP_ADVANCED_ROUTER and CONFIG_IP_MULTIPLE_TABLES
> set. Here's my setup:
>
> - eth0: LAN
>    - IP 192.168.0.1, netmask /24
>    - It connects to the LAN
>
> - eth1: WAN
>    - IP 192.168.1.180, netmask /24, gateway 192.168.1.1
>    - It connects to the Internet
>
> - tap0: VPN (created with OpenVPN)
>    - Local IP 172.24.25.4, remote IP (and gateway) 172.24.25.2, netmask /24
>
> I want to pass certain traffic through 192.168.1.1 (eth1) and certain through
> 172.24.25.2 (tap0) - local traffic as well as routed traffic. Rules will be
> somewhat complicated (for locally-generated traffic and routed traffic), now
> just let's assume that I want to mark all packets to go through 192.168.1.1.
>
> I have added two new routing tables to /etc/iproute2/rt_tables:
>
> #v+
> 2 vpn
> 3 wan
> #v-
>
> I've created two of them, so the main table will not have a default gateway.
> This way I can avoid errors - if I make a mistake and traffic goes through
> the main table, it won't get out.
>
> Tables are then populated:
>
> #v+
> ip route flush table main
> ip route add 192.168.0.0/24 dev eth0 table main
> ip route add 192.168.1.0/24 dev eth1 table main
> ip route add 172.24.25.0/24 dev tap0 table main
>
> ip route flush table wan
> ip route add 192.168.0.0/24 dev eth0 table wan
> ip route add 192.168.1.0/24 dev eth1 table wan
> ip route add 172.24.25.0/24 dev tap0 table wan
> ip route add default via 192.168.1.1 dev eth1 table wan
>
> ip route flush table vpn
> ip route add 192.168.0.0/24 dev eth0 table vpn
> ip route add 192.168.1.0/24 dev eth1 table vpn
> ip route add 172.24.25.0/24 dev tap0 table vpn
> ip route add default via 172.24.25.2 dev tap0 table vpn
> #v-
>
> And now rules. I want packets marked with 2 going through WAN and packets
> marked with 3 going through VPN.
>
> #v+
> ip rule flush
>
> # restore default rules (deleted by flush)
> ip rule add from all lookup main prio 32766
> ip rule add from all lookup default prio 32767
>
> ip rule add fwmark 2 table wan
> ip rule add fwmark 3 table vpn
> #v-
>
> Now the cache is reloaded...
>
> #v+
> ip route flush table cache
> #v-
>
> And iptables flushed:
>
> #v+
> iptables -t filter -F
> iptables -t nat -F
> iptables -t mangle -F
> #v-
>
> And now the tricky part. I can't make iptables mark packets (or can't
> make iproute2 honor fwmark). I've tried different combinations of:
>
> #v+
> iptables -t mangle -A PREROUTING -j MARK --set-mark 2
> iptables -t mangle -A POSTROUTING -j MARK --set-mark 2
> iptables -t mangle -A OUTPUT -j MARK --set-mark 2
> iptables -t mangle -A PREROUTING -j CONNMARK --restore-mark
> iptables -t mangle -A POSTROUTING -j CONNMARK --restore-mark
> iptables -t mangle -A OUTPUT -j CONNMARK --restore-mark
> iptables -t mangle -A PREROUTING -m connmark --mark 2 -j CONNMARK --restore-mark
> iptables -t mangle -A POSTROUTING -m connmark --mark 2 -j CONNMARK --restore-mark
> iptables -t mangle -A OUTPUT -m connmark --mark 2 -j CONNMARK --restore-mark
> iptables -t mangle -A PREROUTING -p tcp --dport 80 -j MARK --set-mark 2
> iptables -t mangle -A PREROUTING -p tcp --dport 80 -j CONNMARK --set-mark 2
> iptables -t mangle -A PREROUTING -m connmark --mark 2 -j CONNMARK --restore-mark
> iptables -t mangle -A OUTPUT -j CONNMARK --restore-mark
> #v-
>
> And nothing. All commands succeeed, but traffic still gets through the
> main table. Regarding to this:
>
> http://tldp.org/HOWTO/Adv-Routing-HOWTO/lartc.netfilter.html
>
> it should work. What am I missing?
>
> Kernel doesn't have CONFIG_IP_ROUTE_FWMARK (it's completely absent), but
> I've read that in new kernels it is enabled by default and not found in
> config.
>
> Thanks for your time.
>
> Cheers.
>
> AW


Iptables and routing apply to layer 3 (network).
Your tunnel interface (tap0) is a layer 2 (data link) device.

If you're tunneling at data link layer, the firewall does
not do anything at it.

I'd start by changing the VPN to use tun0 instead.

-- 

Tauno Voipio

0
Tauno
12/3/2013 2:46:23 PM
Tauno Voipio <tauno.voipio@notused.fi.invalid> wrote:

> Iptables and routing apply to layer 3 (network).
> Your tunnel interface (tap0) is a layer 2 (data link) device.
> 
> If you're tunneling at data link layer, the firewall does
> not do anything at it.
> 
> I'd start by changing the VPN to use tun0 instead.

Hi,

Thanks for the reply, but I don't think it's the case here. Why:

1. For now I'm dealing only with two tables - "main" and "wan".
I'll use "vpn" table when I'll be able to correctly mark packets
to pass through "wan" table instead of "main" table. For now we
can assume that VPN doesn't exist, it will come into play later.

2. tap0 is on layer 2, but it's only an interface, I want to
redirect layer 3 traffic to this tunnel in the same way it
would be done with other, physical datalink interfaces (e.g.
Ethernet), basing on their assigned IP addresses.

Once again thanks for the reply.

Cheers.

AW
0
gof
12/3/2013 6:07:01 PM
Tauno Voipio a �crit :
> 
> Iptables and routing apply to layer 3 (network).
> Your tunnel interface (tap0) is a layer 2 (data link) device.

So what ? eth0 and eth1 are layer 2 devices too.

> If you're tunneling at data link layer, the firewall does
> not do anything at it.
> 
> I'd start by changing the VPN to use tun0 instead.

Total nonsense. Iptables and ip do not care about the type of interface.
As you wrote, they work at the layer 3.
0
Pascal
12/3/2013 10:58:31 PM
Adam Wysocki a �crit :
> 
> And now the tricky part. I can't make iptables mark packets (or can't 
> make iproute2 honor fwmark). I've tried different combinations of:

Which combinations exactly ? You cannot have all those rules together,
it just does not make sense.

> #v+
> iptables -t mangle -A PREROUTING -j MARK --set-mark 2

Fine, that should mark all incoming packets.

> iptables -t mangle -A POSTROUTING -j MARK --set-mark 2

Useless : POSTROUTING is after the routing decision, so it will have no
effet.

> iptables -t mangle -A OUTPUT -j MARK --set-mark 2

Fine, that should mark all locally generated packets.
I'd start with just the above two rules in PREROUTING and OUTPUT, append
a couple of LOG rules to print the packet mark in the kernel log and see
what happens.

> iptables -t mangle -A PREROUTING -j CONNMARK --restore-mark
> iptables -t mangle -A POSTROUTING -j CONNMARK --restore-mark
> iptables -t mangle -A OUTPUT -j CONNMARK --restore-mark
> iptables -t mangle -A PREROUTING -m connmark --mark 2 -j CONNMARK --restore-mark
> iptables -t mangle -A POSTROUTING -m connmark --mark 2 -j CONNMARK --restore-mark
> iptables -t mangle -A OUTPUT -m connmark --mark 2 -j CONNMARK --restore-mark
> iptables -t mangle -A PREROUTING -p tcp --dport 80 -j MARK --set-mark 2
> iptables -t mangle -A PREROUTING -p tcp --dport 80 -j CONNMARK --set-mark 2
> iptables -t mangle -A PREROUTING -m connmark --mark 2 -j CONNMARK --restore-mark
> iptables -t mangle -A OUTPUT -j CONNMARK --restore-mark

There are a lot of rules with --restore-mark (copy the connection mark
to the packet mark), but only one rule setting the connection mark.

> And nothing. All commands succeeed,

Did you check the actual results by printing the routing tables, routing
rules and iptables ruleset ?

> but traffic still gets through the main table.

How do you know ?
0
Pascal
12/3/2013 11:13:17 PM
Pascal Hambourg <boite-a-spam@plouf.fr.eu.org> wrote:

Hi,

Sorry for the late reply, but I finally found some time to fiddle with it...

>> And now the tricky part. I can't make iptables mark packets (or can't 
>> make iproute2 honor fwmark). I've tried different combinations of:
> 
> Which combinations exactly ? You cannot have all those rules together,
> it just does not make sense.

Ok, I left only these rules that you said.

> I'd start with just the above two rules in PREROUTING and OUTPUT, append
> a couple of LOG rules to print the packet mark in the kernel log and see
> what happens.

It seems that marking is done properly, but iproute2 does not direct 
matched packets to proper tables.

iptables -t mangle -A PREROUTING -j MARK --set-mark 2
iptables -t mangle -A PREROUTING -j LOG --log-prefix "prerouting "

iptables -t mangle -A OUTPUT -j MARK --set-mark 2
iptables -t mangle -A OUTPUT -j LOG --log-prefix "output "

It gave log lines with MARK=0x02:

Dec  7 13:27:32 somewhere kernel: [71053.449380] output IN= OUT=eth1 SRC=192.168.1.180 DST=89.72.158.60 LEN=107 TOS=0x00 PREC=0x00 TTL=64 ID=3020 DF PROTO=TCP SPT=43104 DPT=443 WINDOW=28723 RES=0x00 ACK PSH URGP=0 MARK=0x2
Dec  7 13:27:35 somewhere kernel: [71056.520793] prerouting IN=eth1 OUT= MAC=00:50:04:30:e1:90:74:ea:3a:bd:5d:10:08:00 SRC=89.72.158.60 DST=192.168.1.180 LEN=52 TOS=0x00 PREC=0x00 TTL=51 ID=59395 DF PROTO=TCP SPT=443 DPT=44304 WINDOW=12600 RES=0x00 ACK URGP=0 MARK=0x2
Dec  7 13:27:38 somewhere kernel: [71059.616705] output IN= OUT=eth0 SRC=192.168.0.1 DST=192.168.0.3 LEN=116 TOS=0x10 PREC=0x00 TTL=64 ID=14433 DF PROTO=TCP SPT=22 DPT=33868 WINDOW=330 RES=0x00 ACK PSH URGP=0 MARK=0x2
Dec  7 13:27:38 somewhere kernel: [71059.617382] prerouting IN=eth0 OUT= MAC=00:0a:5e:60:ce:b0:00:19:7e:19:1e:10:08:00 SRC=192.168.0.3 DST=192.168.0.1 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=58487 DF PROTO=TCP SPT=33868 DPT=22 WINDOW=1001 RES=0x00 ACK URGP=0 MARK=0x2

>> And nothing. All commands succeeed,
> 
> Did you check the actual results by printing the routing tables, routing
> rules and iptables ruleset ?

Yes:

[gof@raid ~]$ ip r s
172.24.25.0/24 dev tap0  scope link
192.168.0.0/24 dev eth0  scope link
192.168.1.0/24 dev eth1  scope link

[gof@raid ~]$ ip r s t vpn
default via 172.24.25.2 dev tap0
172.24.25.0/24 dev tap0  scope link
192.168.0.0/24 dev eth0  scope link
192.168.1.0/24 dev eth1  scope link

[gof@raid ~]$ ip r s t wan
default via 192.168.1.1 dev eth1
172.24.25.0/24 dev tap0  scope link
192.168.0.0/24 dev eth0  scope link
192.168.1.0/24 dev eth1  scope link

[gof@raid ~]$ ip ru s
0:      from all lookup local
32764:  from all fwmark 0x3 lookup vpn
32765:  from all fwmark 0x2 lookup wan
32766:  from all lookup main
32767:  from all lookup default

[gof@raid ~]$ sudo iptables -t mangle -L -n
Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination
MARK       all  --  0.0.0.0/0            0.0.0.0/0           MARK set 0x2
LOG        all  --  0.0.0.0/0            0.0.0.0/0           LOG flags 0 level 4 prefix `prerouting '

Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
MARK       all  --  0.0.0.0/0            0.0.0.0/0           MARK set 0x2
LOG        all  --  0.0.0.0/0            0.0.0.0/0           LOG flags 0 level 4 prefix `output '

Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination

>> but traffic still gets through the main table.
> 
> How do you know ?

Main table doesn't have default route, so:

[gof@raid ~]$ ping 1.2.3.4
connect: Network is unreachable

[gof@raid ~]$ telnet 1.2.3.4 1234
Trying 1.2.3.4...
telnet: Unable to connect to remote host: Network is unreachable

AW
0
gof
12/7/2013 12:36:10 PM
Adam Wysocki a �crit :
> 
>>> but traffic still gets through the main table.
>> How do you know ?
> 
> Main table doesn't have default route, so:
> 
> [gof@raid ~]$ ping 1.2.3.4
> connect: Network is unreachable
> 
> [gof@raid ~]$ telnet 1.2.3.4 1234
> Trying 1.2.3.4...
> telnet: Unable to connect to remote host: Network is unreachable

That's the result of the first routing decision which happens while the
packet is being built, before it is passed to iptables' OUTPUT chains
and marked. Thus the main routing table must have a default route
(possibly with a nonexistent gateway so that packets won't actually be
sent out using it) to avoid this error. However routing of incoming
packets should have worked.
0
Pascal
12/7/2013 3:14:26 PM
Pascal Hambourg a �crit :
> 
> That's the result of the first routing decision which happens while the
> packet is being built, before it is passed to iptables' OUTPUT chains
> and marked.

One more side note about this : you can see in the OUTPUT chain log that
locally generated packets have an initial source address and output
interface as a result of this routing decision. The rerouting after the
OUTPUT chain will update the output interface, but not the source
address. So you may need to update it with SNAT or MASQUERADE.
0
Pascal
12/7/2013 3:21:26 PM
I am facing similar issue.

Does locally generated packets reach the OUTPUT chain after routing decision?
Should there be any entries in main table always
Any good solution.

=============
 ip route flush cache
 ip route flush table main

 iptables -t nat -A POSTROUTING -o wlan0 -j MASQUERADE
 iptables -t mangle -A OUTPUT -m owner --uid-owner squid -j MARK --set-mark 0x5
 iptables -t mangle -A OUTPUT -j LOG --log-prefix "IPtab: "

 ip route add 192.168.1.0/24 dev wlan0 src 192.168.1.103 table logu
 ip route add default via 192.168.1.1 dev wlan0 table logu
 ip rule add fwmark 0x5 table logu

 ip route flush cache

========================
As squid user

$ ping 74.125.236.39
connect: Network is unreachable

Adding an entry like this in main table works
$ route add -net 0.0.0.0/0 dev wlan0

Regards
Logu
0
logsnaath
8/3/2014 8:06:28 PM
logsnaath@gmail.com a �crit :
> I am facing similar issue.

Similar to what ? That thread is so old that my news server does not
have the messages any more.

> Does locally generated packets reach the OUTPUT chain after routing decision?

Yes. There is always a routing decision before the OUTPUT chains. There
may be a rerouting decision after the OUTPUT chains.

> Should there be any entries in main table always

Not necessarily, but the routing rules and routes must be able to route
the original packets before it is mangled in the OUTPUT chains,
otherwise it is discarded immediately.

Anyway, what would be the purpose of flushing the main routing table ?
0
Pascal
8/3/2014 9:22:11 PM
Reply:

Similar Artilces:

PS3: doesn't come with Linux, doesn't even run Linux by default
What other cola claims have been dashed by reality? In fact, you can install on the PS3 any OS that's been designed for it. I don't expect MS to port Vista, but you never know... http://www.playstation.com/ps3-openplatform/faq.html Q. What types of "Other OSs" can be installed? A. You can install any system software that is designed to run on PLAYSTATION�3. Unfortunately we cannot provide you with specific information about what types of "Other OSs" are available because "Other OS" and the boot loader programs are produced and distributed by third-par...

Jeff Doesn't Like Pizza; Jeff Doesn't Like In-House Working Peripherals
Jeff sits in a tangle of trackball wires. Jeff can't order a delicious pizza from the Web. He won't call the Geek Squad to fix his broken trackball. Meanwhile, Linux service explodes with In-Home Fixit People. Get these People to Fix the Track Ball ! Jeff (!) begin Steve Zissou (JBailo) nymshifted: > > Jeff sits in a tangle of trackball wires. > < snip > Fine, JBailo. So this idiot has felt the need to be mentioned again. You, in your infinite idiocy, naturally did his wishes. Idiot -- Warning: 10 days have passed since your last Windows reinstall. Hi ...

why 'for' doesn't works as it should?
hi, i've got a little code: for ii=4:5 % splines in p-form splineP = GlobalData.SplineFit{ii}; % splines in B-form splineB = fn2fm(splineP, 'B-'); z(ii) = {splineB} z(1) end and what is strange in this is that this 'for' counts from 1:5! z shows me: z = [] [] [] [1x1 struct] [1x1 struct] and z(1) shows {[]} but splineB and splineP shows me only things for ii=4 and ii=5 then i need to put them in one 'thing' so i made: z(ii)= ...

'do over' doesn't work
hi, why my code doesn't work with 'do over'. thanks. ash007. DATA TABLE_BIDON; INPUT X1 X2 X3 X4 X5 $; CARDS; 2 . 5 1161 AB=C9LIEN 35 6 3 1336 ALM=C9RIC 82 1 5 1499 ;RUN; DATA TABLE_BIDON (DROP =3D _I); SET TABLE_BIDON; ARRAY A_VARNUM[*] _NUMERIC_; ARRAY A_VARCAR[*] _CHARACTER_; DO OVER A_VARNUM[*]; IF A_VARNUM[*] =3D . THEN A_VARNUM[*] =3D 0; END; DO OVER A_VARCAR[*]; IF COMPRESS(A_VARCAR[*]) IN (".","") THEN A_VARCAR[*] =3D "Z"; END; RUN; ...

Linux
http://www.murrayc.com/blog/permalink/2008/03/28/webcams-that-just-work-with-ubuntu/ <quote> As I've said before, I think the hardware lists on the Ubuntu wiki are mostly useless for real users because nobody is insisting that "just works" really means "just works", and nobody is flagging the ones that really do just work. </quote> And if you finally can get it to work with linux.... <quote> got a Pro 9000 around Christmas because I read that it "Just Works". It did not work in Ubuntu 7.04. I chased and chased and could not solve i...

__getattribute__ doesn't work on 'type' type for '__class__'
I'm running this version of Python: Python 2.4.3 (#1, May 18 2006, 07:40:45) [GCC 3.3.3 (cygwin special)] on cygwin I read in the documentation that these two expressions are interchangeable: x.__getattribute__('name') <==> x.name From "pydoc __getattribute__": ---8<--- Help on method-wrapper object: __getattribute__ = class method-wrapper(object) | Methods defined here: | | __call__(...) | x.__call__(...) <==> x(...) | | __getattribute__(...) | x.__getattribute__('name') <==> x.name --->8--- Yet when I...

Can't get sqlite3.Row working: keyword lookup doesn't work
Hello, using Python 2.7.6 I try to access a sqlite database using keyword lookup instead of position (much more easy to maintain code), but it always fail, with the error: Index must be int or string I have created the database, populated it, and here is the code that tries to retrieve the information: with sqlite3.connect(mydbPath) as db: # open the database db.row_factory = sqlite3.Row cursor = db.cursor() cursor.execute("SELECT * FROM files") for row in cursor.fetchall(): print(row.keys()) print(row["filename&qu...

Mail merge doesn't mail and/or doesn't merge
Mail merge doesn't mail and/or doesn't merge With me at least it doesn't. We are getting too many false positives on our bcc-mailing lists, so I decided to give the mail merge feature in PM 4.41 a go. The goal was to simultaneously send messages addressed to multiple recipients. I made a csv file containing nine of my own addresses in a column called ~kemail~, made this the data file, checked the box for the first field to be the fieldname and sent the email with the string ~kemail~ in the address box. I also attached a pdf file. PM reported a successful transaction, b...

OCI-8, Oracle : 'ORDER BY' doesn't work with 'bind_param'
Hello, I'm testing the gem 'ruby-oci8'/oci8 (1.0.4) under Windows with Ruby 1.8.6 patchlevel 287. I play with the user SCOTT and the table EMP of ORACLE. First, the table : --------------- Schema = SCOTT, Name =EMP Columns8 EMPNO | NUMBER(4) NOT NULL ENAME | VARCHAR2(10) JOB | VARCHAR2(9) MGR | NUMBER(4) HIREDATE | DATE SAL | NUMBER(7,2) COMM | NUMBER(7,2) DEPTNO | NUMBER(2) NOT NULL --------------- The rows : --------------- 7876,ADAMS,CLERK,7788,1983/01/12 00:00:00,1100.0,,20 7499,ALLEN,SALESMAN,7698,1981/02/20 00:00:00,1600.0,300.0,30 7698,BLAKE,MANAGER,7839,1981/05/01 00:00:0...

Why doesn't 'uiwait' work?
UI with button. When I execute this: .... set (hButton, 'Callback', 'uiresume(hFigure)'); .... disp('A') uiwait(hFigure) disp('B') .... I get 'A'. But when I press the button I get: ??? Error using ==> waitfor Undefined function or variable 'hFigure'. Why don't I get 'B' ? NOTE: hFigure is the handles of the figure where Button is placed. hButton is the handles of Button. Thanks. ...

'=' command doesn't work?
Hi, i have a strange problem. It seems so simple, but : disp(['temp2=',num2str(temp2(end))]); Ergebnis(j) = temp2(end); disp(['Ergebnis=',num2str(Ergebnis(j))]); the result is : temp2=184.37 Ergebnis=1 why is Ergebnis(j) still 1? It should be 184.37. Where is the problem, i am quite confused right now. ...

Why doesn't this 'next if' work?
Hi All, I'm fairly new to perl, and have already fixed this problem, but I want to understand why it didn't work before. This is the original, non-working code: @o_list = (); foreach my $o ( @{$stuff->{thingys}} ) { # Exclude if no match $match = 'n'; foreach $thingy (@test_thingys) { if ($o->{thingy} == $thingy) { $match = 'y'; last; } } next if ($match != 'y'); push @o_list, $o; } Basically, its running through a list of "thingys", checking to see if the item matches any of a list of test "thingy...

Re: 'do over' doesn't work
Ash As I recall, the first SAS arrays were not subscripted and did not use direct array references. The do over statement simply said, go through the variables listed in the array starting with the first and going to the last. The erro messages that you received were telling you that you should not use the brackets on the array names. From my standpoint, the beauty of the do over is that it makes coding simpler and, given my clumsy fingers, anything that reduces my chances of screwing up are a help. However, these days, I would not choose to use a do over expression in code that was going t...

Can't figure it out why my code doesn't work
My program needs to select the microphone as the default input, but I can't figure it out why my code doesn't work. (I've been able to set the mic's recording volume) I have been thinking about that for a whole day I post some of the code here, and hope somebody could help me, pls...I'm so tired { MIXERLINE mxl; MIXERCONTROL mxc; MIXERLINECONTROLS mxlc; mxl.cbStruct = sizeof(MIXERLINE); mxl.dwComponentType = MIXERLINE_COMPONENTTYPE_DST_WAVEIN; if (::mixerGetLineInfo(reinterpret_cast<HMIXEROBJ>(mixer), &mxl, MIXE...

Help!!! Help!!! Doesn't Boot.... Doesn't get installed
I have just purchased a used custom touch screen PC (more like a laptop, processor and screen are in one unit). It had no OS, but had a new IBM travel star hard disk (laptop hard drive). I took that disk out and loaded operating system into it and re-sintalled. When I start the PC, it doesn't boot and says NO OS found. But it recognizes the hard drive (as a Secondary master). BOIS setting sequence was C and A. On the motherboard, there was one slot for primary hard drive, unused and another slot for laptop hard drive, which I just installed. Even when I connect external CD dri...

IE doesn't work if ZoneAlarm isn't running
I have Release 2.6 of Zonealarm on my laptops. I've found that i have to have ZoneAlarm running to surf the net. If ZoneAlarm is not running I get the page not found message in IE. I can't even receive/send emails via Outlook Express. Is there a setting in ZoneAlarm that does this? > I have Release 2.6 of Zonealarm on my laptops. I've found that i have > to have ZoneAlarm running to surf the net. If ZoneAlarm is not > running I get the page not found message in IE. I can't even > receive/send emails via Outlook Express. Is there a setting in > ZoneAlarm th...

tkdesk on fedora core 5 -- doesn't run, doesn't compile
Hello, all: I've been using TkDesk for years. It's my favorite file manager. But after upgrading to Fedora Core 5, it doesn't run anymore: *** glibc detected *** tkdesksh: munmap_chunk(): invalid pointer: 0x0853dd18 *** ======= Backtrace: ========= /lib/libc.so.6(__libc_free+0x17b)[0xb7c1751f] tkdesksh[0x8051f04] /usr/lib/libtcl8.4.so(TclInvokeStringCommand+0x6e)[0xb7e29c7e] <snip> /usr/lib/libtk8.4.so(Tk_MainEx+0x40d)[0xb7eff57d] tkdesksh[0x804fb00] /lib/libc.so.6(__libc_start_main+0xdc)[0xb7bc57e4] tkdesksh(sinh+0x61)[0x804f9e1] ======= Memory map: ======== 08048000-0...

How to determine whether a file doesn't exist or doesn't have enough permissions
Hello everone, I am stuck in determining whether a file does not exist or does not have enough permissions so that access to this file is denied?". I am using java.io.File.exists() or java.io.File.canRead() methods to check this but both of them just return false in both above mentioned cases. In the documentation however its mentioned that these method throw SecurityException - If a security manager exists and its SecurityManager.checkRead(java.lang.String) method denies read access to the file. But then problem is to write a security manager which denies read access if the file does not...

How to determine whether a file doesn't exist or doesn't have enough permissions
Hello everone, I am stuck in determining whether a file does not exist or does not have enough permissions so that access to this file is denied?". I am using java.io.File.exists() or java.io.File.canRead() methods to check this but both of them just return false in both above mentioned cases. In the documentation however its mentioned that these method throw SecurityException - If a security manager exists and its SecurityManager.checkRead(java.lang.String) method denies read access to the file. But then problem is to write a security manager which denies read access if the fi...

Yosemite: Can't add a space (+ doesn't work)
Can't add a new space with Mission Control. CTRL-up-arrow works, thence "+" should allow adding a space - but doesn't= =2E Full screen Fusion 7 does go into a new space (or one per VM) and=20 CTRL-left/right arrows works for that. But not "+" a space. I restored the default shortcuts to be sure. No change. --=20 << Among Broad Outlines, conception is far more pleasurable than =93carrying [the children] to fruition.=94 Sadly, =93there=92s a high infant mortality rate among Broad Outlines=97they often fall prey to Nonstarters.=94 ...

Yosemite: Can't add a space (+ doesn't work)
Can't add a new space with Mission Control. CTRL-up-arrow works, thence "+" should allow adding a space - but doesn't= =2E Full screen Fusion 7 does go into a new space (or one per VM) and=20 CTRL-left/right arrows works for that. But not "+" a space. I restored the default shortcuts to be sure. No change. --=20 << Among Broad Outlines, conception is far more pleasurable than =93carrying [the children] to fruition.=94 Sadly, =93there=92s a high infant mortality rate among Broad Outlines=97they often fall prey to Nonstarters.=94 ...

World doesn't make sense (at least my IDE setup doesn't ;-))
I'm very clueless about this... I have an ASUS A7V motherboard, with an Athlon 1GHz. Have a couple of Western Digital ATA100 hard drives (40G + 80G). So, here's the puzzler: when connected to the "default" IDE connectors of the motherboard (which I'm assuming are ATA66), the speed reported is 3.5MBytes per second. (the report is produced by a software that does video capture and edition -- it evaluates the speed of the disk to see if it is enough; to my great surprise, the software complained that the disk wasn't fast enough!!! (a 7200 RPM, ATA10...

What to do if in 'putty' emulator mouse doesn't work in 'mc' if env TERM=putty
Patch the source of mc, obviously. The patch for mc-4.8.11: cd lib/tty cat >tty.patch <<DONE 111a112 > || strncmp (termvalue, "putty", 5) == 0 DONE patch -i tty.patch tty.c ...

'SYSFILETREE' doesn't work on windows
C:\Regina>regina fileLister.rexx 'SYSFILETREE' is not recognized as an internal or external command, operable program or batch file. 4 +++ do i = 1 to files.0 Error 41 running "C:\Regina\fileLister.rexx", line 4: Bad arithmetic conversion On Sep 17, 10:09 am, Mr Coffee <coryssanc...@gmail.com> wrote: > C:\Regina>regina fileLister.rexx > 'SYSFILETREE' is not recognized as an internal or external command, > operable program or batch file. > 4 +++ do i = 1 to files.0 > Error 41 running "C:\Regina\fileLister.rexx", line...

``awk ... | while read'' doesn't work.
Hi all, See my following testings: $ cat getblock.list 25 306536 13 ftp://debian.cse.msu.edu/debian/ dists/wheezy/main/installer- amd64/current/images/hd-media/boot.img.gz 34 51200 3 716760 7 ftp://debian.bononia.it/debian/ dists/jessie/main/installer- amd64/current/images/hd-media/vmlinuz 3 51200 4 734136 2 ftp://carroll.aset.psu.edu/pub/linux/distributions/debian/ dists/wheezy/main/installer-amd64/current/images/hd-media/initrd.gz 7 51200 1 787712 5 ftp://debian.balt.net/debian/ dists/jessie/main/installer- amd64/current/images/hd-media/vmlinuz 3 51200 5 419920 8 ftp://deb...

Web resources about - iproute2 fwmark doesn't work (or iptables --set-mark doesn't) - comp.os.linux.networking

Resources last updated: 3/6/2016 3:15:26 PM