Search code examples
androidlinux-kerneliptablessaving-datanetfilter

iptables error in android: iptables-save and iptables-restore not working

I have compiled Linux for android emulator with full netfilter functionality enabled. And got a iptables binary after building android from source.

When i push this binary to the emulator

i can execute commands like below successfully.

iptables -L
iptables -F
iptables -A INPUT -s www.google.com -j DROP

with this error:

# # iptables -L
getsockopt for multiport failed strangely: No such file or directory
getsockopt for multiport failed strangely: No such file or directory
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         
#

and

# iptables -A INPUT -s www.google.com -j DROP
getsockopt for multiport failed strangely: No such file or directory
getsockopt for multiport failed strangely: No such file or directory
FIX ME! implement getgrnam() bionic/libc/bionic/stubs.c:344

but atleast the above commands they work!

but when i try 

iptables-save     or
iptables-restore

i get error saying 

iptables-save: not found

In my config file 

CONFIG_NETFILTER_XT_MATCH_MULTIPORT=m

what is the problem..?? and how can i enable full iptables functionality in android or how can i save the current active iptables rules safely and reload them when next reboot.

please help. thank you!

Solution

  • This is what I've added to my Android.mk in order to get both iptables-save and iptables-retore. It compiles ok on android 4.0.3.

    

#----------------------------------------------------------------
# iptables-save


include $(CLEAR_VARS)

LOCAL_C_INCLUDES:= \
    $(LOCAL_PATH)/../include/

LOCAL_CFLAGS:=-DNO_SHARED_LIBS=1
LOCAL_CFLAGS+=-DALL_INCLUSIVE
LOCAL_CFLAGS+=-DXTABLES_INTERNAL
# Accommodate arm-eabi-4.4.3 tools that don't set __ANDROID__
LOCAL_CFLAGS+=-D__ANDROID__

LOCAL_SRC_FILES:= \
    iptables-save.c iptables.c xshared.c

LOCAL_MODULE_TAGS := optional
LOCAL_MODULE:=iptables-save

LOCAL_STATIC_LIBRARIES := \
    libext \
    libext4 \
    libip4tc \
    libxtables

include $(BUILD_EXECUTABLE)


#----------------------------------------------------------------
# iptables-restore


include $(CLEAR_VARS)

LOCAL_C_INCLUDES:= \
    $(LOCAL_PATH)/../include/

LOCAL_CFLAGS:=-DNO_SHARED_LIBS=1
LOCAL_CFLAGS+=-DALL_INCLUSIVE
LOCAL_CFLAGS+=-DXTABLES_INTERNAL
# Accommodate arm-eabi-4.4.3 tools that don't set __ANDROID__
LOCAL_CFLAGS+=-D__ANDROID__

LOCAL_SRC_FILES:= \
    iptables-restore.c iptables.c xshared.c

LOCAL_MODULE_TAGS := optional
LOCAL_MODULE:=iptables-restore

LOCAL_STATIC_LIBRARIES := \
    libext \
    libext4 \
    libip4tc \
    libxtables

include $(BUILD_EXECUTABLE)