It worked against linux-2.6.0-test9-gentoo, but with test11 I get: gcc -mcpu=athlon-xp -O3 -pipe -Wall -Wunused -I/usr/src/linux/include -Iinclude/ -DIPTABLES_VERSION=\"1.2.8\" -fPIC -o extensions/libipt_physdev_sh.o -c extensions/libipt_physdev.c extensions/libipt_physdev.c: In function `parse': extensions/libipt_physdev.c:86: `IPT_PHYSDEV_OP_MATCH_IN' undeclared (first use in this function) extensions/libipt_physdev.c:86: (Each undeclared identifier is reported only once extensions/libipt_physdev.c:86: for each function it appears in.) extensions/libipt_physdev.c:97: `IPT_PHYSDEV_OP_MATCH_OUT' undeclared (first use in this function) extensions/libipt_physdev.c: In function `print': extensions/libipt_physdev.c:144: `IPT_PHYSDEV_OP_MATCH_IN' undeclared (first use in this function) extensions/libipt_physdev.c:146: `IPT_PHYSDEV_OP_MATCH_OUT' undeclared (first use in this function) extensions/libipt_physdev.c: In function `save': extensions/libipt_physdev.c:156: `IPT_PHYSDEV_OP_MATCH_IN' undeclared (first use in this function) extensions/libipt_physdev.c:158: `IPT_PHYSDEV_OP_MATCH_OUT' undeclared (first use in this function) make: *** [extensions/libipt_physdev_sh.o] Error 1 !!! ERROR: net-firewall/iptables-1.2.8-r1 failed. !!! Function src_compile, Line 57, Exitcode 2 !!! (no error message) Reproducible: Always Steps to Reproduce: 1. 2. 3.
1.2.9 emerged just fine
and iptables-1.2.8-r2 as well
But iptables-1.2.8-r2 is masked. So isn't the bug only invalid after 1.2.8-r2 or 1.2.9 is unmasked? Or else until linux-2.6.0-test11 and greater presents a message when emerged about the need to use a masked iptables?
iptables-1.2.8-r1 presents the same problem against 2.6.0-test11, does anyone know of a workaround for this yet?
I've just digged out those test9 sources again, re-compiled and installed and it turns it that fails as well. I suspect the kernel headers have somehow gotten screwed up or something else is totally messed. I'm having the same problem with nfs-utils (bug 35038), so if whoever has this problem could please check their nfs-utils as well it would be appreciated.
Ok, I don't think this is the correct solution, but I've just unmerged and remerged linux-headers, deleted the /usr/src/linux symlink and merged iptables, without any problems. This is as weird as the nfs-utils problem ... Can anybody confirm?
*** Bug 36902 has been marked as a duplicate of this bug. ***
fails with me too. last time I tried it was with kernel 2.6.1-mm1 and it failed miserably. iptables 1.2.9 works ok. I don't think that many people are having this problem... I guess that few people are using kernel 2.6 and iptables with ACCEPT_KEYWORDS="x86"... or else the internet would be full of bug reports about this. thanks.
I reordered the order of the include path in the line: gcc -mcpu=athlon-xp -O3 -pipe -Wall -Wunused -I/usr/src/linux/include -Iinclude/ -DIPTABLES_VERSION=\"1.2.8\" -fPIC -o extensions/libipt_physdev_sh.o -c extensions/libipt_physdev.c to: gcc -mcpu=athlon-xp -O3 -pipe -Wall -Wunused -Iinclude/ -I/usr/src/linux/include -DIPTABLES_VERSION=\"1.2.8\" -fPIC -o extensions/libipt_physdev_sh.o -c extensions/libipt_physdev.c continued the ebuild and it worked.
The point is that that will simply cause it to build against the kernel-headers instead of against whatever you've got in /usr/src/linux. We want iptables to build against the 2.6.x kernel itself, and not require kernel-headers from elsewhere. At the moment we can't fix this (I suggest closing this as can't fix), the upstream developers need to fix it. But your suggestion is a welcome workaround and the ebuild could be modified to check for a 2.6.x kernel, and if so, apply a patch that'll remove the /usr/src/linux entry from the include (no need to have it there if you have kernel-headers installed).
i have same problem: ld -shared -o extensions/libipt_owner.so extensions/libipt_owner_sh.o gcc -O3 -mcpu=i686 -pipe -Wall -Wunused -I/usr/src/linux/include -Iinclude/ -DIPTABLES_VERSION=\"1.2.8\" -fPIC -o extensions/libipt_physdev_sh.o -c extensions/libipt_physdev.c extensions/libipt_physdev.c: In function `parse': extensions/libipt_physdev.c:86: `IPT_PHYSDEV_OP_MATCH_IN' undeclared (first use in this function) extensions/libipt_physdev.c:86: (Each undeclared identifier is reported only once extensions/libipt_physdev.c:86: for each function it appears in.) extensions/libipt_physdev.c:97: `IPT_PHYSDEV_OP_MATCH_OUT' undeclared (first use in this function) extensions/libipt_physdev.c: In function `print': extensions/libipt_physdev.c:144: `IPT_PHYSDEV_OP_MATCH_IN' undeclared (first use in this function) extensions/libipt_physdev.c:146: `IPT_PHYSDEV_OP_MATCH_OUT' undeclared (first use in this function) extensions/libipt_physdev.c: In function `save': extensions/libipt_physdev.c:156: `IPT_PHYSDEV_OP_MATCH_IN' undeclared (first use in this function) extensions/libipt_physdev.c:158: `IPT_PHYSDEV_OP_MATCH_OUT' undeclared (first use in this function) make: *** [extensions/libipt_physdev_sh.o] Error 1 !!! ERROR: net-firewall/iptables-1.2.8-r1 failed. !!! Function src_compile, Line 57, Exitcode 2 !!! (no error message) (kernel 2.6.1-mm1) emerge info: Portage 2.0.49-r20 (default-x86-1.4, gcc-3.2.3, glibc-2.3.2-r9, 2.6.1-mm1) ================================================================= System uname: 2.6.1-mm1 i686 Intel(R) Celeron(TM) CPU 1300MHz Gentoo Base System version 1.4.3.10 ACCEPT_KEYWORDS="x86" AUTOCLEAN="yes" CFLAGS="-O3 -march=pentium3 -fomit-frame-pointer -fprefetch-loop-arrays -ffast-math -fforce-addr -falign-functions=4 -fprefetch-loop-arrays -funroll-loops -pipe -msse -mmmx" CHOST="i686-pc-linux-gnu" COMPILER="gcc3" CONFIG_PROTECT="/etc /usr/X11R6/lib/X11/xkb /usr/kde/2/share/config /usr/kde/3.1/share/config /usr/kde/3/share/config /usr/share/config /var/qmail/control" CONFIG_PROTECT_MASK="/etc/gconf /etc/env.d" CXXFLAGS="-O3 -march=pentium3 -fomit-frame-pointer -fprefetch-loop-arrays -ffast-math -fforce-addr -falign-functions=4 -fprefetch-loop-arrays -funroll-loops -pipe -msse -mmmx" DISTDIR="/usr/portage/distfiles" FEATURES="autoaddcvs ccache sandbox" GENTOO_MIRRORS="ftp://gentoo.inode.at/source/ http://gentoo.inode.at/ http://mirrors.sec.informatik.tu-darmstadt.de/gentoo http://212.219.247.18/sites/www.ibiblio.org/gentoo/" MAKEOPTS="-j2" PKGDIR="/usr/portage/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="" SYNC="rsync://rsync.gentoo.org/gentoo-portage" USE="X aalib acl alsa apm arts avi berkdb bindist cdr cjk crypt cups curl dga directfb dvb encode esd fbcon flash foomaticdb gdbm ggi gif gnome gpm gtk gtk2 guile icc imlib java javascript jpeg kde libg++ libwww lirc mad maildir mikmod mmx motif mozilla mpeg nas ncurses nls nv nvidia odbc oggvorbis opengl oss pam pdflib perl png python qt quicktime readline ruby ruby18 samba sdl slang spell sse ssl svga tcltk tcpd threads tiff truetype x86 xkb xml xml2 xmms xv zlib"
Created attachment 24314 [details] iptables-1.2.8-r1 failed to compile kernel 2.6.1-gentoo i686 AMD Athlon(TM) XP 1800+ machine
Quick Fix: edit <kernel-src>/include/linux/netfilter_ipv4/ipt_physdef.h and add the two missing defines. ipt_physdef.h is inconsistent btween 1.2.6 kernel sources and iptable-sources but the makefile includes the header file from the kernel sources instead of its own.
Unmasked, closing