linux kernel 2.6.7 out www.kernel.org just version bump
net-firewall/iptables-1.2.9 doesn't compile with development-sources-2.6.7 the same system with development-sources-2.6.6 has no problem there. not even the vanilla 1.2.9 and 1.2.10 iptables don't compile :( peter src # emerge iptables Calculating dependencies ...done! >>> emerge (1 of 1) net-firewall/iptables-1.2.9 to / >>> md5 src_uri ;-) iptables-1.2.9.tar.bz2 >>> Unpacking source... >>> Unpacking iptables-1.2.9.tar.bz2 to /var/tmp/portage/iptables-1.2.9/work * Applying various patches (bugfixes/updates)... * 01_all_grsecurity.patch.bz2... [ ok ] * 02_all_imq.patch.bz2... [ ok ] * 04_all_install_ipv6_apps.patch.bz2... [ ok ] * 05_all_install_all_dev_files.patch.bz2... [ ok ] * 06_all_l7.patch.bz2... [ ok ] * Done with patching >>> Source unpacked. Making dependencies: please wait... Extensions found: IPv4:recent IPv6:ah IPv6:esp IPv6:frag IPv6:ipv6header IPv6:hbh IPv6:dst IPv6:rt gcc -O3 -mcpu=i686 -fomit-frame-pointer -pipe -Iinclude -Wall -Wunused -I/usr/src/linux/include -DIPTABLES_VERSION=\"1.2.9\" -fPIC -o extensions/libipt_stealth_sh.o -c extensions/libipt_stealth.c In file included from include/libiptc/libiptc.h:6, from include/iptables.h:5, from extensions/libipt_stealth.c:10: /usr/src/linux/include/linux/netfilter_ipv4/ip_tables.h:255: warning: no semicolon at end of struct or union /usr/src/linux/include/linux/netfilter_ipv4/ip_tables.h:255: error: syntax error before '*' token /usr/src/linux/include/linux/netfilter_ipv4/ip_tables.h:259: error: syntax error before '}' token /usr/src/linux/include/linux/netfilter_ipv4/ip_tables.h:339: warning: type defaults to `int' in declaration of `DECLARE_MUTEX' /usr/src/linux/include/linux/netfilter_ipv4/ip_tables.h:339: warning: parameter names (without types) in function declaration /usr/src/linux/include/linux/netfilter_ipv4/ip_tables.h:339: warning: `DECLARE_MUTEX' declared `static' but never defined make: *** [extensions/libipt_stealth_sh.o] Error 1 !!! ERROR: net-firewall/iptables-1.2.9 failed. !!! Function src_compile, Line 56, Exitcode 2 !!! (no error message)
this is the diff between the two kernels (2.6.6 and 2.6.7). if I remove '__user', then iptables will compile, but I'm not sure this is the way to solve the problem. --- /usr/src/linux-2.6.6/include/linux/netfilter_ipv4/ip_tables.h 2004-02-18 05:58:06.000000000 +0200 +++ /usr/src/linux/include/linux/netfilter_ipv4/ip_tables.h 2004-06-17 17:42:28.000000000 +0300 @@ -252,7 +252,7 @@ /* Number of counters (must be equal to current number of entries). */ unsigned int num_counters; /* The old entries' counters. */ - struct ipt_counters *counters; + struct ipt_counters __user *counters; /* The entries (hang off end: not really an array). */ struct ipt_entry entries[0];
i can't understand this bug flood. iptables is not kernel. this is a kernel request. i've installed it simply changing the number in old ebuilds and there are no problems. if iptables doesn't compile it's an iptables problem. lemme do an example: xfree-drm doesnt work on 2.6.x kernels. this means we shouldn't use 2.6 series? no... so fill a bug request abut iptables, not kernel. however i think that deleting __user is not safe. should check why it has been added and what it gives back.
confiming what i think about iptables compilation trouble: Iptables-1.2.9/10 compile failure with linux 2.6.7 headers this is title of a mail in linux-kernel mailing list. and it's addressed to netfilter team.
Ok, the kernel issue is fixed, there is a new 2.6.7 kernel release checked in. If you still have a netfilter build issue, please open a new bug with that subject.
