On 8/25/10 6:34 AM, Tom Eastep wrote: > On 8/25/10 5:25 AM, Hill, John wrote: >> netfilter-extensions-modules-2.6.26-2-amd64_20080719+debian-1+2.6.26-24_ >> amd64 >> I can send it. >> This is off topic. But can I not compile a new ipset and install in this >> Debian system? >> I need to do some homework on Debian kernel compiling. > > You can install xtables-addons which doesn't require that you compile > the entire kernel. See > http://www.shorewall.net/Dynamic.html#xtables-addons. For Lenny, the > latest version that I've found to work correctly is 1.24.
Note, however, that you will STILL need 4.4.12.1 for ipsets to work correctly (or you must use the capabilities file workaround). It is your iptables that is tripping up the shorewall 4.4.12 compiler, not ipsets. You could also build and install iptables 1.4.4 or later and update your shorewall config to point to that binary (by default, it is installed in /usr/local/sbin/). -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Sell apps to millions through the Intel(R) Atom(Tm) Developer Program Be part of this innovative community and reach millions of netbook users worldwide. Take advantage of special opportunities to increase revenue and speed time-to-market. Join now, and jumpstart your future. http://p.sf.net/sfu/intel-atom-d2d
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
