[slack-users] Re: layer7 + iptables 1.4.2

Thu, 19 Mar 2009 19:11:32 -0700 

iptables 1.4.1.1 and newer

Copy libxt_layer7.c and libxt_layer7.man (from the subdirectory of the
"Layer 7 patches" package that the README points you to) to the
extensions/ directory of your iptables source. Then:

    * "./configure --with-ksource=/path/to/patched/kernel_source" (use
the full path)
    * "make"
    * (as root) "make install"


Fonte: http://l7-filter.sourceforge.net/HOWTO-kernel


Pelo jeito faltou copiar os arquivos ali.

--

Flávio do Carmo Júnior aka waKKu

2009/3/19 Gustavo Veras <carama...@gmail.com>:
> Ja tenho L7 rodando faz uns 4 meses aqui na empresa, apliquei no
> 12.1 (2.6.24.5)
>
> 2009/3/18 Igor Gentil <igor...@gmail.com>
>>
>> vc ja verificou se tem todas as libs apontadas nos #include ?
>> sei que é muita mao, mas se nao tem essa informação no site do L7...
>> Brute force dude! xD
>>
>>
>> MfG -- Igor Gentil
>> Linux user #471248 -- Slackware
>>
>>
>>
>> 2009/3/17 Hellânio Costa <jerry.mch...@gmail.com>:
>> > Boa noite,
>> >
>> > Bem, antes de qq coisa eu gostaria de dizer q tentei seguir os tutoriais
>> > da
>> > web antes de estar aqui.
>> >
>> > seguinte:
>> > Estou querendo utilizar o layer7 (http://l7-filter.sourceforge.net/) no
>> > meu
>> > firewall, mas ha um pequeno detalhe só da erro no meu slackware!! :'(
>> > em outras distros deu certo, mas nao serve pro slack, nao me perguntem o
>> > pq.. heheeh
>> >
>> > seguinte:
>> >
>> > resumidamente: apliquei o patch no meu kernel 2.6.28 (ate ai tudo ok,
>> > compilei, reiniciei e tudo certo)
>> >
>> > #  patch -p1 <
>> >
>> > ../netfilter-layer7-v2.21/iptables-1.4-for-kernel-2.6.20forward-layer7-2.21.patch
>> > # chmod +x extensions/.layer7-test
>> >
>> > aplico o patch no iptables e com os passos magicos: ./configure
>> > --with-ksource=/usr/src/linux-2.6.28/  && make
>> >
>> > .
>> > .
>> > .
>> > .
>> >
>> > Making all in extensions
>> > make[2]: Entering directory `/usr/src/iptables-1.4.2/extensions'
>> >   CC       libipt_layer7.oo
>> > libipt_layer7.c: In function 'help':
>> > libipt_layer7.c:41: error: 'IPTABLES_VERSION' undeclared (first use in
>> > this
>> > function)
>> > libipt_layer7.c:41: error: (Each undeclared identifier is reported only
>> > once
>> > libipt_layer7.c:41: error: for each function it appears in.)
>> > libipt_layer7.c: At top level:
>> > libipt_layer7.c:52: warning: no previous prototype for
>> > 'parse_protocol_file'
>> > libipt_layer7.c: In function 'parse_protocol_file':
>> > libipt_layer7.c:55: warning: declaration of 'line' shadows a global
>> > declaration
>> > ../include/iptables.h:16: warning: shadowed declaration is here
>> > libipt_layer7.c: In function 'pre_process':
>> > libipt_layer7.c:152: warning: declaration of 'rindex' shadows a global
>> > declaration
>> > /usr/include/string.h:313: warning: shadowed declaration is here
>> > libipt_layer7.c: At top level:
>> > libipt_layer7.c:52: warning: no previous prototype for
>> > 'parse_protocol_file'
>> > libipt_layer7.c: In function 'parse_protocol_file':
>> > libipt_layer7.c:55: warning: declaration of 'line' shadows a global
>> > declaration
>> > ../include/iptables.h:16: warning: shadowed declaration is here
>> > libipt_layer7.c: In function 'pre_process':
>> > libipt_layer7.c:152: warning: declaration of 'rindex' shadows a global
>> > declaration
>> > /usr/include/string.h:313: warning: shadowed declaration is here
>> > libipt_layer7.c: At top level:
>> > libipt_layer7.c:205: warning: no previous prototype for 'readl7dir'
>> > libipt_layer7.c:377: error: variable 'layer7' has initializer but
>> > incomplete
>> > type
>> > libipt_layer7.c:378: error: unknown field 'name' specified in
>> > initializer
>> > libipt_layer7.c:378: warning: excess elements in struct initializer
>> > libipt_layer7.c:378: warning: (near initialization for 'layer7')
>> > libipt_layer7.c:379: error: unknown field 'version' specified in
>> > initializer
>> > libipt_layer7.c:379: error: 'IPTABLES_VERSION' undeclared here (not in a
>> > function)
>> > libipt_layer7.c:379: warning: excess elements in struct initializer
>> > libipt_layer7.c:379: warning: (near initialization for 'layer7')
>> > libipt_layer7.c:380: error: unknown field 'size' specified in
>> > initializer
>> > libipt_layer7.c:380: warning: excess elements in struct initializer
>> > libipt_layer7.c:380: warning: (near initialization for 'layer7')
>> > libipt_layer7.c:381: error: unknown field 'userspacesize' specified in
>> > initializer
>> > libipt_layer7.c:381: warning: excess elements in struct initializer
>> > libipt_layer7.c:381: warning: (near initialization for 'layer7')
>> > libipt_layer7.c:382: error: unknown field 'help' specified in
>> > initializer
>> > libipt_layer7.c:382: warning: excess elements in struct initializer
>> > libipt_layer7.c:382: warning: (near initialization for 'layer7')
>> > libipt_layer7.c:383: error: unknown field 'parse' specified in
>> > initializer
>> > libipt_layer7.c:383: warning: excess elements in struct initializer
>> > libipt_layer7.c:383: warning: (near initialization for 'layer7')
>> > libipt_layer7.c:384: error: unknown field 'final_check' specified in
>> > initializer
>> > libipt_layer7.c:384: warning: excess elements in struct initializer
>> > libipt_layer7.c:384: warning: (near initialization for 'layer7')
>> > libipt_layer7.c:385: error: unknown field 'print' specified in
>> > initializer
>> > libipt_layer7.c:385: warning: excess elements in struct initializer
>> > libipt_layer7.c:385: warning: (near initialization for 'layer7')
>> > libipt_layer7.c:386: error: unknown field 'save' specified in
>> > initializer
>> > libipt_layer7.c:386: warning: excess elements in struct initializer
>> > libipt_layer7.c:386: warning: (near initialization for 'layer7')
>> > libipt_layer7.c:387: error: unknown field 'extra_opts' specified in
>> > initializer
>> > libipt_layer7.c:388: warning: excess elements in struct initializer
>> > libipt_layer7.c:388: warning: (near initialization for 'layer7')
>> > libipt_layer7.c: In function 'libipt_layer7_init':
>> > libipt_layer7.c:392: warning: implicit declaration of function
>> > 'register_match'
>> > make[2]: *** [libipt_layer7.oo] Error 1
>> > make[2]: Leaving directory `/usr/src/iptables-1.4.2/extensions'
>> > make[1]: *** [all-recursive] Error 1
>> > make[1]: Leaving directory `/usr/src/iptables-1.4.2'
>> > make: *** [all] Error 2
>> >
>> >
>> >
>> > ====================================================
>> >
>> > alguem compilou o iptables com esse patch?
>> >
>> > se alguem tiver o pacote já com o patch seria perfeito, hahahaahah...
>> >
>> > mas partindo pra realidade, já fui na funcao "void help"  declarei a
>> > versao
>> > do meu iptables, mas nao da certo, parece q falta um arquivo, sei lá..
>> >
>> > bem, quem poder me dar uma ajuda eu agradeco muitoooo...
>> >
>> >
>> >
>> > --
>> > Hellânio
>> >
>> > >
>> >
>> >>
>

--~--~---------~--~----~------------~-------~--~----~
GUS-BR - Grupo de Usuários de Slackware Brasil
http://www.slackwarebrasil.org/
http://groups.google.com/group/slack-users-br

Conheça o Novo Forum do GUS-BR na Under-Linux.Org em:
http://under-linux.org/forums/slackware/
-~----------~----~----~----~------~----~------~--~---

Responder a