Re: [netcf-devel] ncftool 'Failed to initialize netcf' missing a dep?
On 12/07/2009 01:43 PM, David Lutterkort wrote:
Hi Dale,
On Sat, 2009-12-05 at 11:33 -0800, Dale Bewley wrote:
> [root@localhost ~]# NETCF_DEBUG=1 ncftool
> warning: augeas initialization had errors
> please file a bug with the following lines in the bug report:
> /augeas/files/etc/sysconfig/iptables/error = "parse_failed"
> /augeas/files/etc/sysconfig/iptables/error/pos = "0"
> /augeas/files/etc/sysconfig/iptables/error/line = "1"
> /augeas/files/etc/sysconfig/iptables/error/char = "0"
> /augeas/files/etc/sysconfig/iptables/error/lens =
"/usr/share/augeas/lenses/dist/iptables.aug:59.10-.32"
> /augeas/files/etc/sysconfig/iptables/error/message = "Iterated lens matched less
than it should"
> Failed to initialize netcf
> error: unspecified error
> error: errors in loading some config files
>
The mystery to me is why netcf even looks at your iptables config -
since you have the bridge module loaded, the
file /proc/sys/net/bridge/bridge-nf-call-iptables should exist, and per
the F12 defaults, should have a 0 in it. That tells netcf not to bother
with iptables.
I have the same behavior captured on my F12 box.
/proc/sys/net/bridge/bridge-nf-call-iptables does contain a 1, even
though the bridge module is loaded. I just checked on my F11 machine,
and it also has bridge-nf-call-iptables set to 1, even though the bridge
module is loaded (in the case of F11, initialization is successful, though).
So it looks like we can't assume bridge-nf-call-iptables will be set to
0 if the bridge module is loaded. Do we need to find another way to test
for this?