bFLT * pK * pK * pK @ #! @ c! @ c! bB? 0B2 0 filter iptables 1.2.7a iptables: %s IDDRALFZNXPEnsdpjvxiof3cset-counters modprobe line-numbers help version fragments exact verbose out-interface numeric match table jump in-interface protocol destination source policy rename-chain delete-chain new-chain zero flush list replace insert delete append icmp %s v%s: Perhaps iptables or your kernel needs to be upgraded. Try `%s -h' or '%s --help' for more information. %s v%s Usage: %s -[AD] chain rule-specification [options] %s -[RI] chain rulenum rule-specification [options] %s -D chain rulenum [options] %s -[LFZ] [chain] [options] %s -[NX] chain %s -E old-chain-name new-chain-name %s -P chain target [options] %s -h (print this help information) Commands: Either long or short options are allowed. --append -A chain Append to chain --delete -D chain Delete matching rule from chain --delete -D chain rulenum Delete rule rulenum (1 = first) from chain --insert -I chain [rulenum] Insert in chain as rulenum (default 1=first) --replace -R chain rulenum Replace rule rulenum (1 = first) in chain --list -L [chain] List the rules in a chain or all chains --flush -F [chain] Delete all rules in chain or all chains --zero -Z [chain] Zero counters in chain or all chains --new -N chain Create a new user-defined chain --delete-chain -X [chain] Delete a user-defined chain --policy -P chain target Change policy on chain to target --rename-chain -E old-chain new-chain Change chain name, (moving any references) Options: --proto -p [!] proto protocol: by number or name, eg. `tcp' --source -s [!] address[/mask] source specification --destination -d [!] address[/mask] destination specification --in-interface -i [!] input name[+] network interface name ([+] for wildcard) --jump -j target target for rule (may load target extension) --match -m match extended match (may load extension) --numeric numeric output of addresses and ports --out-interface -o [!] output name[+] network interface name ([+] for wildcard) --table -t table table to manipulate (default: `filter') --verbose verbose mode --line-numbers print line numbers when listing --exact expand numbers (display exact values) [!] --fragment match second or further fragments only --modprobe= try to insert modules using this command --set-counters PKTS BYTES set the counter during insert/append [!] --version print package version. You need to supply the `-%c' option for this command Illegal option `-%c' with this command unexpected ! flag Can't use -%c with -%c Multiple `!' flags not allowed no argument following `!' iptables: calloc failed iptables: malloc failed host/network `%s' not found invalid mask `%s' specified 0.0.0.0 Couldn't find match `%s' unknown protocol `%s' specified interface name `%s' must be shorter than IFNAMSIZ (%i) Warning: wierd character in interface `%s' (No aliases, :, ! or *). Invalid rule number `%s' Invalid target name (too short) Invalid target name `%s' (%i chars max) Invalid target name `%s' %d.%d.%d.%d multiple -%c flags not allowed cannot have ! before -%c ACCEPT DROP QUEUE RETURN standard Couldn't find target `%s' %s: match `%s' v%s (I'm v%s). %s: match `%s' already registered. %s: match `%s' has invalid size %u. %s: target `%s' v%s (I'm v%s). %s: target `%s' already registered. %s: target `%s' has invalid size %u. %lluT %4lluT %lluG %4lluG %lluM %4lluM %lluK %4lluK %llu %5llu %8llu Chain %s (policy %s packets, bytes (ERROR obtaining refs) (%u references) %-4s %5s pkts %8s %10s %-9s target prot %-6s %-6s %-19s %s UNKNOWN match `%s' %-4u %-5s %hu %-5hu opt in %s out %s %-19s anywhere -> %s %-19s [%u bytes of unknown target data] Flushing chain `%s' Zeroing chain `%s' Deleting chain `%s' /proc/sys/kernel/modprobe -A:D:R:I:L::M:F::Z::N:X::E:P:Vh::o:p:s:d:j:i:fbvnt:m:xc: -%c requires a rule number chain name not allowed to start with `-' chain name may not clash with target name -%c requires old-chain-name and new-chain-name -%c requires a chain and a policy rule would never match protocol unexpected ! flag before --match unexpected ! flag before --table Not %s ;-) %s v%s -%c requires packet and byte counter %llu -%c packet counter not numeric -%c byte counter not numeric multiple consecutive ! not allowed Bad argument `%s' Unknown arg `%s' unknown arguments found on commandline no command specified nothing appropriate following ! 0.0.0.0/0 ! not allowed with multiple source or destination IP addresses Replacement rule does not specify a unique address chain name `%s' too long (must be under %i chars) ip_tables can't initialize iptables table `%s': %s PREROUTING INPUT Can't use -%c with %s POSTROUTING OUTPUT Warning: using chain %s, not extension AH v%s options: --ahspi [!] spi[:spi] match spi (range) 1.2.7a ahspi AH no valid digits in spi `%s' spi `%s' specified too big: would overflow AH error parsing spi `%s' Only one `--ahspi' allowed s:%s Unknown invflags: 0x%X --ahspi %s %u:%u conntrack match v%s options: [!] --ctstate [INVALID|ESTABLISHED|NEW|RELATED|SNAT|DNAT][,...] State(s) to match [!] --ctproto proto Protocol to match; by number or name, eg. `tcp' --ctorigsrc [!] address[/mask] Original source specification --ctorigdst [!] address[/mask] Original destination specification --ctreplsrc [!] address[/mask] Reply source specification --ctrepldst [!] address[/mask] Reply destination specification [!] --ctstatus [NONE|EXPECTED|SEEN_REPLY|ASSURED][,...] Status(es) to match [!] --ctexpire time[:time] Match remaining lifetime in seconds against value or range of values (inclusive) 1.2.7a ctexpire ctstatus ctrepldst ctreplsrc ctorigdst ctorigsrc ctproto ctstate INVALID ESTABLISHED RELATED SNAT DNAT Bad ctstate `%s' NONE EXPECTED SEEN_REPLY ASSURED Bad ctstatus `%s' expire value invalid: `%s' expire min. range value `%lu' greater than max. range value `%lu' rule would never match protocol multiple IP addresses not allowed You must specify one or more options %sINVALID %sNEW %sRELATED %sESTABLISHED %sSNAT %sDNAT %sEXPECTED %sSEEN_REPLY %sASSURED %sNONE anywhere %sctstate %sctorigsrc %sctorigdst %sctstatus %sctexpire %lu %lu:%lu AF43 AF42 AF41 AF33 AF32 AF31 AF23 AF22 AF21 AF13 AF12 AF11 Invalid DSCP value `%s' Invalid DSCP value `%d' DSCP match v%s options [!] --dscp value Match DSCP codepoint with numerical value This value can be in decimal (ex: 32) or in hex (ex: 0x20) [!] --dscp-class name Match the DiffServ class. This value may be any of the BE,EF, AFxx or CSx classes These two options are mutually exclusive ! 1.2.7a dscp-class dscp Invalid dscp `%s' DSCP `%d` out of range DSCP match: Only use --dscp ONCE! DSCP match: Only use --dscp-class ONCE! DSCP match: Parameter --dscp is required 0x%02x DSCP match --dscp ECN match v%s options [!] --ecn-tcp-cwr Match CWR bit of TCP header [!] --ecn-tcp-ece Match ECE bit of TCP header [!] --ecn-ip-ect [0..3] Match ECN codepoint in IPv4 header 1.2.7a ecn-ip-ect ecn-tcp-ece ecn-tcp-cwr ECN match: can only use parameter ONCE! ECN match: Value out of range ECN match: some option required 0x%02x ECN match ECE CWR ECT=%d --ecn-tcp-ece --ecn-tcp-cwr --ecn-ip-ect %d ESP v%s options: --espspi [!] spi[:spi] match spi (range) 1.2.7a espspi ESP no valid digits in spi `%s' spi `%s' specified too big: would overflow ESP error parsing spi `%s' Only one `--espspi' allowed s:%s esp Unknown invflags: 0x%X --espspi %s %u:%u helper match v%s options: [!] --helper value Match helper value 1.2.7a helper helper match: You must specify `--helper' helper match %s"%s" %s--helper "%s" address-mask-reply address-mask-request timestamp-reply timestamp-request required-option-missing ip-header-bad parameter-problem ttl-zero-during-reassembly ttl-zero-during-transit ttl-exceeded time-exceeded router-solicitation router-advertisement ping echo-request TOS-host-redirect TOS-network-redirect host-redirect network-redirect redirect source-quench precedence-cutoff host-precedence-violation communication-prohibited TOS-host-unreachable TOS-network-unreachable host-prohibited network-prohibited host-unknown network-unknown source-route-failed fragmentation-needed port-unreachable protocol-unreachable host-unreachable network-unreachable destination-unreachable pong echo-reply Valid ICMP Types: (%s) %s ICMP v%s options: --icmp-type [!] typename match icmp type (or numeric type or type/code) 1.2.7a icmp-type Ambiguous ICMP type `%s': `%s' or `%s'? Invalid ICMP type `%s' Invalid ICMP code `%s' %s%s type %u code %u codes %u-%u icmp Unknown invflags: 0x%X --icmp-type %u length v%s options: [!] --length length[:length] Match packet length against value or range of values (inclusive) 1.2.7a length length invalid: `%s' length min. range value `%u' greater than max. range value `%u' length: `--length' may only be specified once length: You must specify `--length' %u:%u length --length limit v%s options: --limit avg max average match rate: default 3/hour [Packets per second unless followed by /sec /minute /hour /day postfixes] --limit-burst number number to match in a burst, default %u 1.2.7a limit-burst limit second minute hour Rate too fast `%s' 3/hour Unexpected `!' after --limit bad rate `%s' Unexpected `!' after --limit-burst bad --limit-burst `%s' %u/%s limit: avg burst %u --limit --limit-burst %u MAC v%s options: --mac-source [!] XX:XX:XX:XX:XX:XX Match source MAC address 1.2.7a mac-source Bad mac address `%s' %s%02X :%02X You must specify `--mac-source' MAC --mac MARK match v%s options: [!] --mark value[/mask] Match nfmark value with optional mask 1.2.7a mark Bad MARK value `%s' 0x%lx/0x%lx 0x%lx MARK match: You must specify `--mark' MARK match --mark multiport v%s options: --source-ports port[,port,port...] --sports ... match source port(s) --destination-ports port[,port,port...] --dports ... match destination port(s) --ports port[,port,port] match both source and destination port(s) 1.2.7a ports dports destination-ports sports source-ports invalid port/service `%s' specified strdup failed too many ports specified multiport needs `-p tcp' or `-p udp' multiport only works with TCP or UDP multiport can only have one option multiport expection an option multiport sports dports ports ERROR --sports --dports --ports OWNER match v%s options: [!] --uid-owner userid Match local uid [!] --gid-owner groupid Match local gid [!] --pid-owner processid Match local pid [!] --sid-owner sessionid Match local sid 1.2.7a sid-owner pid-owner gid-owner uid-owner Bad OWNER UID value `%s' Bad OWNER GID value `%s' Bad OWNER PID value `%s' Bad OWNER SID value `%s' OWNER match: You must specify one or more options OWNER UID match OWNER GID match OWNER PID match OWNER SID match --uid-owner --gid-owner --pid-owner --sid-owner host mcast bcast to group multicast to all broadcast to us unicast Valid packet types: %-14s pkt_type v%s options: --pkt-type [!] packettype match packet type pkt-type Bad packet type '%s' You must specify `--pkt-type' PKTTYPE %s= --pkt-type %s 1.2.7a Standard v%s options: (If target is DROP, ACCEPT, RETURN or nothing) 1.2.7a state v%s options: [!] --state [INVALID|ESTABLISHED|NEW|RELATED][,...] State(s) to match 1.2.7a state INVALID ESTABLISHED RELATED Bad state `%s' You must specify `--state' %sINVALID %sNEW %sRELATED %sESTABLISHED state --state TCP v%s options: --tcp-flags [!] mask comp match when TCP flags & mask == comp (Flags: SYN ACK FIN RST URG PSH ALL NONE) [!] --syn match when only SYN flag set (equivalent to --tcp-flags SYN,RST,ACK SYN) --source-port [!] port[:port] --sport ... match source port(s) --destination-port [!] port[:port] --dport ... match destination port(s) --tcp-option [!] number match if TCP option set 1.2.7a tcp-option tcp-flags dport destination-port sport source-port invalid TCP port/service `%s' specified invalid portrange (min > max) NONE Unknown TCP flag `%s' Bad TCP option `%s' Only one `--source-port' allowed Only one `--destination-port' allowed Only one of `--syn' or `--tcp-flags' allowed SYN,RST,ACK --tcp-flags requires two args. Only one `--tcp-option' allowed s:%s option=%s%u flags:%s 0x%02X/0x%02X tcp Unknown invflags: 0x%X --sport %u:%u --sport %u --dport %u:%u --dport %u --tcp-option %u --tcp-flags tcpmss match v%s options: [!] --mss value[:value] Match TCP MSS range. (only valid for TCP SYN or SYN/ACK packets) 1.2.7a Invalid mss `%s' specified Only one `--mss' allowed %u:%u tcpmss match: You must specify `--mss' tcpmss match --mss Normal-Service Minimize-Cost Maximize-Reliability Maximize-Throughput Minimize-Delay TOS match v%s options: [!] --tos value Match Type of Service field from one of the following numeric or descriptive values: 1.2.7a %s %u (0x%02x) Bad TOS value `%s' 0x%02x TOS match: You must specify `--tos' TOS match --tos TTL match v%s options: --ttl-eq value Match time to live value --ttl-lt value Match TTL < value --ttl-gt value Match TTL > value 1.2.7a Can't specify TTL option twice ttl: You must specify a value ttl: unexpected `!' TTL match: You must specify one of `--ttl-eq', `--ttl-lt', `--ttl-gt TTL match TTL == TTL != TTL < TTL > --ttl-eq ! --ttl-eq --ttl-lt --ttl-gt ttl-gt ttl-lt ttl-eq UDP v%s options: --source-port [!] port[:port] --sport ... match source port(s) --destination-port [!] port[:port] --dport ... match destination port(s) 1.2.7a dport destination-port sport source-port invalid UDP port/service `%s' specified invalid portrange (min > max) Only one `--source-port' allowed Only one `--destination-port' allowed s:%s udp Unknown invflags: 0x%X --sport %u:%u --sport %u --dport %u:%u --dport %u unclean v%s takes no options 1.2.7a DNAT v%s options: --to-destination [-][:port-port] Address to map destination to. (You can use this more than once) 1.2.7a to-destination Out of memory Need TCP or UDP with port specification Port `%s' not valid Port range `%s' funky Bad IP address `%s' Unexpected `!' after --to-destination You must specify --to-destination -%hu --to-destination AF43 AF42 AF41 AF33 AF32 AF31 AF23 AF22 AF21 AF13 AF12 AF11 Invalid DSCP value `%s' Invalid DSCP value `%d' DSCP target options --set-dscp value Set DSCP field in packet header to value This value can be in decimal (ex: 32) or in hex (ex: 0x20) --set-dscp-class class Set the DSCP field in packet header to the value represented by the DiffServ class value. This class may be EF,BE or any of the CSxx or AFxx classes. These two options are mutually exclusive ! set-dscp-class set-dscp Invalid dscp `%s' DSCP `%d` out of range DSCP target: Only use --set-dscp ONCE! DSCP target: Only use --set-dscp-class ONCE! DSCP target: Parameter --set-dscp is required 0x%02x DSCP set --set-dscp 0x%02x 1.2.7a ECN target v%s options --ecn-tcp-remove Remove all ECN bits from TCP header 1.2.7a ecn-ip-ect ecn-tcp-ece ecn-tcp-cwr ecn-tcp-remove ECN target: Only use --ecn-tcp-remove ONCE! ECN target: Only use --ecn-tcp-cwr ONCE! ECN target: Value out of range ECN target: Only use --ecn-tcp-ece ONCE! ECN target: Only use --ecn-ip-ect ONCE! ECN target: Parameter --ecn-remove is required ECN TCP remove ECE=%u CWR=%u ECT codepoint=%u --ecn-tcp-remove --ecn-tcp-ece %d --ecn-tcp-cwr %d --ecn-ip-ect %d LOG v%s options: --log-level level Level of logging (numeric or see syslog.conf) --log-prefix prefix Prefix log messages with this prefix. --log-tcp-sequence Log TCP sequence numbers. --log-tcp-options Log TCP options. --log-ip-options Log IP options. 1.2.7a log-ip-options log-tcp-options log-tcp-sequence log-prefix log-level warning panic notice info error emerg debug crit alert log-level `%s' ambiguous log-level `%s' unknown Can't specify --log-level twice Unexpected `!' after --log-level Can't specify --log-prefix twice Unexpected `!' after --log-prefix Maximum prefix length %u for --log-prefix Can't specify --log-tcp-sequence twice Can't specify --log-tcp-options twice Can't specify --log-ip-options twice LOG flags %u level %u level %s UNKNOWN level %u tcp-sequence tcp-options ip-options unknown-flags prefix `%s' --log-prefix "%s" --log-level %u --log-tcp-sequence --log-tcp-options --log-ip-options MARK target v%s options: --set-mark value Set nfmark value 1.2.7a set-mark Bad MARK value `%s' MARK target: Can't specify --set-mark twice MARK target: Parameter --set-mark is required 0x%lx MARK set --set-mark 0x%lx MASQUERADE v%s options: --to-ports [-] Port (range) to map to. 1.2.7a to-ports Port `%s' not valid Port range `%s' funky Need TCP or UDP with port specification Unexpected `!' after --to-ports masq ports: -%hu --to-ports %hu MIRROR target v%s takes no options 1.2.7a REDIRECT v%s options: --to-ports [-] Port (range) to map to. 1.2.7a to-ports Port `%s' not valid Port range `%s' funky Need TCP or UDP with port specification Unexpected `!' after --to-ports redir ports -%hu --to-ports TCP RST packet tcp-reset ICMP host prohibited host-prohib icmp-host-prohibited ICMP network prohibited net-prohib icmp-net-prohibited ICMP port unreachable (default) port-unreach icmp-port-unreachable ICMP protocol unreachable proto-unreach icmp-proto-unreachable ICMP host unreachable host-unreach icmp-host-unreachable ICMP network unreachable net-unreach icmp-net-unreachable Valid reject types: %-25s %-25s alias REJECT options: --reject-with type drop input packet and send back a reply packet according to type: reject-with Unexpected `!' after --reject-with echo-reply echoreply --reject-with echo-reply no longer supported unknown reject type `%s' reject-with %s --reject-with %s 1.2.7a SAME v%s options: --to - Addresses to map source to. May be specified more than once for multiple ranges. --nodst Don't use destination-ip in source selection 1.2.7a nodst Bad IP address `%s' Bad IP range `%s-%s' Too many ranges specified, maximum is %i ranges. Unexpected `!' after --to Can't specify --nodst twice SAME needs --to same: -%s nodst --to %s --nodst SNAT v%s options: --to-source [-][:port-port] Address to map source to. (You can use this more than once) 1.2.7a to-source Out of memory Need TCP or UDP with port specification Port `%s' not valid Port range `%s' funky Bad IP address `%s' Unexpected `!' after --to-source You must specify --to-source -%hu --to-source TCPMSS target v%s mutually-exclusive options: --set-mss value explicitly set MSS option to specified value --clamp-mss-to-pmtu automatically clamp MSS value to (path_MTU - 40) 1.2.7a clamp-mss-to-pmtu set-mss TCPMSS target: Only one option may be specified Bad TCPMSS value `%s' TCPMSS target: At least one parameter is required TCPMSS clamp to PMTU TCPMSS set %u --clamp-mss-to-pmtu --set-mss %u Normal-Service Minimize-Cost Maximize-Reliability Maximize-Throughput Minimize-Delay TOS target v%s options: --set-tos value Set Type of Service field to one of the following numeric or descriptive values: 1.2.7a %s %u (0x%02x) set-tos Bad TOS value `%s' TOS target: Cant specify --set-tos twice TOS target: Parameter --set-tos is required 0x%02x TOS set --set-tos 0x%02x ULOG v%s options: --ulog-nlgroup nlgroup NETLINK group used for logging --ulog-cprange size Bytes of each packet to be passed --ulog-qthreshold Threshold of in-kernel queue --ulog-prefix prefix Prefix log messages with this prefix. 1.2.7a ulog-qthreshold ulog-cprange ulog-prefix ulog-nlgroup Can't specify --ulog-nlgroup twice Unexpected `!' after --ulog-nlgroup --ulog-nlgroup has to be between 1 and 32 Can't specify --ulog-prefix twice Unexpected `!' after --ulog-prefix Maximum prefix length %u for --ulog-prefix Can't specify --ulog-cprange twice Negative copy range? Can't specify --ulog-qthreshold twice Negative or zero queue threshold ? Maximum queue length exceeded --ulog-prefix %s --ulog-nlgroup --ulog-cprange %d --ulog-qthreshold %d ULOG copy_range %d nlgroup prefix `%s' queue_threshold %d TTL target v%s options --ttl-set value Set TTL to --ttl-dec value Decrement TTL by --ttl-inc value Increment TTL by 1.2.7a Can't specify TTL option twice TTL: You must specify a value TTL: unexpected `!' TTL: decreasing by 0? TTL: increasing by 0? TTL: You must specify an action --ttl-set --ttl-dec --ttl-inc TTL set to decrement by increment by ttl-inc ttl-dec ttl-set iplimit v%s options: [!] --iplimit-above n match if the number of existing tcp connections is (not) above n --iplimit-mask n group hosts using mask 1.2.7a iplimit-mask iplimit-above You must specify `--iplimit-above' #conn/%d %s %d %s--iplimit-above %d --iplimit-mask %d POSTROUTING OUTPUT FORWARD INPUT PREROUTING ERROR: offset %i not an entry! ERROR ERROR: offset %u not an error node! Match name: `%s' libiptc v%s. %u entries, %u bytes. 1.2.7a Table `%s' Hooks: pre/in/fwd/out/post = %u/%u/%u/%u/%u Underflows: pre/in/fwd/out/post = %u/%u/%u/%u/%u ERROR: Off end (%u) of chain from %u! RETURN ACCEPT DROP QUEUE ERROR: off %lu/%u not a valid target (%i) ERROR: Deleting entry %u %u %u ERROR: Deleting uflow %u %u %u ERROR: Policy for `%s' offset %u != underflow %u Permission denied (you must be root) Module is wrong version Table does not exist (do you need to insmod?) Chain is not empty Can't delete built-in chain Can't delete chain with references left Chain already exists Index of insertion too big Index of replacement too big Index of deletion too big Index of counter too big Loop found in table Target problem Bad arguments (does that interface exist?) Checking will most likely never get implemented Bad rule (does a matching rule exist in that chain?) Bad built-in chain name Bad policy name Incompatible with this kernel iptables who? (do you need to insmod?) Will be implemented real soon. I promise ;) Memory allocation problem No chain/target/match by that name Entry %u (%lu): SRC IP: %u.%u.%u.%u/%u.%u.%u.%u DST IP: %u.%u.%u.%u/%u.%u.%u.%u Interface: `%s'/ to `%s'/ Protocol: %u Flags: %02X Invflags: %02X Counters: %llu packets, %llu bytes Cache: %08X ALTERED UNKNOWN IP_SRC IP_DST IP_IF_IN IP_IF_OUT IP_TOS IP_PROTO IP_OPTIONS IP_TCPFLAGS IP_SRC_PT IP_DST_PT IP_PROTO_UNKNOWN Target name: `%s' [%u] verdict=%s UNKNOWN NF_QUEUE NF_DROP NF_ACCEPT verdict=%u error=`%s' m->u.match_size >= sizeof(struct ipt_entry_match) libiptc/libip4tc.c check_match (((m->u.match_size) + (((__alignof__(struct ipt_entry)))-1)) & ~(((__alignof__(struct ipt_entry)))-1)) == m->u.match_size e->target_offset >= sizeof(struct ipt_entry) check_entry e->next_offset >= e->target_offset + sizeof(struct ipt_entry_target) toff == e->target_offset e->next_offset == (((e->next_offset) + (((__alignof__(struct ipt_entry)))-1)) & ~(((__alignof__(struct ipt_entry)))-1)) e->target_offset == (((e->target_offset) + (((__alignof__(struct ipt_entry)))-1)) & ~(((__alignof__(struct ipt_entry)))-1)) t->target.u.target_size == (((t->target.u.target_size) + (((__alignof__(struct ipt_entry)))-1)) & ~(((__alignof__(struct ipt_entry)))-1)) !iptc_is_chain(t->target.u.user.name, h) t->target.u.target_size == (((sizeof(struct ipt_standard_target)) + (((__alignof__(struct ipt_entry)))-1)) & ~(((__alignof__(struct ipt_entry)))-1)) t->verdict == -0-1 || t->verdict == -1-1 || t->verdict == (-4 - 1) || t->verdict < (int)h->entries.size strcmp(ipt_get_target(te)->u.user.name, "ERROR") != 0 te != e t->verdict == entry2offset(h, e)+e->next_offset || strcmp(ipt_get_target(index2entry(h, idx-1)) ->u.user.name, "ERROR") == 0 t->target.u.target_size == (((sizeof(struct ipt_error_target)) + (((__alignof__(struct ipt_entry)))-1)) & ~(((__alignof__(struct ipt_entry)))-1)) *was_return strcmp(t->target.u.user.name, "ERROR") == 0 /etc/passwd /etc/passwd /etc/group /etc/group +-#0 hlLq %nbopxXudicsfgGeEaA (nil) (null) hlLq %n[csoupxXidfeEgG %s%s%s Unknown Error: errno Wrong medium type No medium found Quota exceeded Remote I/O error Is a named type file No XENIX semaphores available Not a XENIX named type file Structure needs cleaning Stale NFS file handle Operation now in progress Operation already in progress No route to host Host is down Connection refused Connection timed out Too many references: cannot splice Cannot send after transport endpoint shutdown Transport endpoint is not connected Transport endpoint is already connected No buffer space available Connection reset by peer Software caused connection abort Network dropped connection because of reset Network is unreachable Network is down Cannot assign requested address Address already in use Address family not supported by protocol Protocol family not supported Operation not supported on transport endpoint Socket type not supported Protocol not supported Protocol not available Protocol wrong type for socket Message too long Destination address required Socket operation on non-socket Too many users Streams pipe error Interrupted system call should be restarted Illegal byte sequence Cannot exec a shared library directly Attempting to link in too many shared libraries .lib section in a.out corrupted Accessing a corrupted shared library Can not access a needed shared library Remote address changed File descriptor in bad state Name not unique on network Value too large for defined data type Not a data message RFS specific error Multihop attempted Protocol error Communication error on send Srmount error Advertise error Link has been severed Object is remote Package not installed Machine is not on the network Out of streams resources Timer expired No data available Device not a stream Bad font file format File locking deadlock error Invalid slot Invalid request code No anode Exchange full Invalid request descriptor Invalid exchange Level 2 halted No CSI structure available Protocol driver not attached Link number out of range Level 3 reset Level 3 halted Level 2 not synchronized Channel number out of range Identifier removed No message of desired type Operation would block Too many symbolic links encountered Directory not empty Function not implemented No record locks available File name too long Resource deadlock would occur Math result not representable Math argument out of domain of func Broken pipe Too many links Read-only file system Illegal seek No space left on device File too large Text file busy Not a typewriter Too many open files File table overflow Invalid argument Is a directory Not a directory No such device Cross-device link File exists Device or resource busy Block device required Bad address Permission denied Out of memory Try again No child processes Bad file number Exec format error Arg list too long No such device or address I/O error Interrupted system call No such process No such file or directory Operation not permitted Success %u.%u.%u.%u.in-addr.arpa /etc/hosts /etc/config/hosts /etc/services /etc/protocols %.*s %0*d %.*d %c%+.2d /etc/resolv.conf /etc/config/resolv.conf nameserver domain search /etc/networks POSIXLY_CORRECT %s: option `%s' is ambiguous %s: option `--%s' doesn't allow an argument %s: option `%c%s' doesn't allow an argument %s: option `%s' requires an argument %s: unrecognized option `--%s' %s: unrecognized option `%c%s' %s: illegal option -- %c %s: option requires an argument -- %c x x x x x x xxxxx xxxxx x x x x x x xxxx xxx xxxxx xxxxx xxxxx xxxxx xxxxx xxxxx xxxxx xxxxx xxxxx xxxxx x+++x x x xxxxx xxxxx conntrack dscp helper icmp length limit mark multiport owner pkttype standard state tcpmss unclean DNAT DSCP MARK MASQUERADE MIRROR REDIRECT REJECT SAME SNAT TCPMSS ULOG iplimit