I had CONFIG_IP_NF_TARGET_ULOG set and the compile failed with this error: ipt_ULOG.c: In function `ip_ulog_fn': ipt_ULOG.c:379: error: `qlen' undeclared (first use in this function) ipt_ULOG.c:379: error: (Each undeclared identifier is reported only once ipt_ULOG.c:379: error: for each function it appears in.) The troublesome lines are: /* if threshold is reached, send message to userspace */ if (qlen >= loginfo.qthreshold) { if (loginfo.qthreshold > 1) nlh->nlmsg_type = NLMSG_DONE; } The variable qlen isn't declared anywhere ("ub->qlen" is used elsewhere in the file). Also, the vanilla .27 sources don't have this problem (but they have a similar section that uses "ub->qlen"). The code above is created by 1000_patch-o-matic-ng.patch. Interestingly, vanilla .26 has that lone "qlen" as well but also has a declaration "static size_t qlen", which never seems to be set or otherwise used. Maybe that's how this crept into the .27 patch. I don't know enough to attempt a fix so I just compiled without CONFIG_IP_NF_TARGET_ULOG.
The bug can be fixed by changing the offending code to read /* if threshold is reached, send message to userspace */ if (ub->qlen >= loginfo.qthreshold) { if (loginfo.qthreshold > 1) nlh->nlmsg_type = NLMSG_DONE; } This fix has beem known for six months at least. Come on guys. http://forums.gentoo.org/viewtopic.php?p=1799054#1799054
This problem is fixed in hardened-sources-2.4.28 which is in the tree now.
Fixed in 2.4.28 ebuilds, please upgrade as they fix numerous vulnerabilities.
