Hi Daniel Daniel Iliev wrote on 01/04/07 19:10: >>> My question: what is the best way get this iptables module working w/o >>> diverting too much from the official Gentoo installation. I mean the >>> normal way is to use patch-o-matic to patch iptables source and vanilla >>> kernel source, then build and install. I have the feeling that it is not >>> exactly the right thing to with Gentoo.
>> cd /usr/src >> svn co https://svn.netfilter.org/netfilter/trunk/patch-o-matic-ng >> svn co https://svn.netfilter.org/netfilter/trunk/iptables >> cd patch-o-matic-ng >> ./runme extra >> cd /usr/src/linux >> make menuconfig >> make && make modules_install && make install >> make sure you have USE "extensions" in your make.conf >> emerge iptables > This patch appears to be incompatible with gentoo-sources or I'm doing > something wrong. After patching the module "TARPIT" appears in the > kernel configuration and I mark it to get built as a module [M]. Then: > ====================== > make all modules_install install > scripts/kconfig/conf -s arch/i386/Kconfig > CHK include/linux/version.h > CHK include/linux/utsrelease.h > CHK include/linux/compile.h > GZIP kernel/config_data.gz > IKCFG kernel/config_data.h > CC kernel/configs.o > LD kernel/built-in.o > CC [M] net/ipv4/netfilter/ipt_TARPIT.o > net/ipv4/netfilter/ipt_TARPIT.c: In function ‘ip_direct_send’: > net/ipv4/netfilter/ipt_TARPIT.c:65: warning: implicit declaration of > function ‘neigh_hh_output’ > ---snip---- > Kernel: arch/i386/boot/bzImage is ready (#2) > Building modules, stage 2. > MODPOST 159 modules > WARNING: "neigh_hh_output" [net/ipv4/netfilter/ipt_TARPIT.ko] undefined! > make[1]: *** [__modpost] Error 1 > make: *** [modules] Error 2 > ====================== > So, I'm still looking for advices. Did the patches apply OK? Did you do: cd /usr/src/iptables svn update cd /usr/src/patch-o-matic-ng svn update .. before updating your kernel? What kernel are you running? Cheers, Dave -- gentoo-user@gentoo.org mailing list
