Summary: | l7-filter-1.5 and l7-protocols version bump | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | tomas charvat <tc> |
Component: | [OLD] Core system | Assignee: | Daniel Black (RETIRED) <dragonheart> |
Status: | RESOLVED FIXED | ||
Severity: | enhancement | CC: | rumen |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | x86 | ||
OS: | Linux | ||
URL: | http://sourceforge.net/projects/l7-filter/ | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- | |
Attachments: | patch error log |
Description
tomas charvat
2005-09-14 14:56:45 UTC
l7-protocols is normally pretty up to date although normally you need ~x86 keywords. I've make a september release stable now. l7-filter-1.5 - I'm still working on it. I'm trying to get it not to break the kernel-sources when you unmerge it. This will be done in a few weeks. I'll do the bump on iptables to use 1.5 at the same time. ok 1.5 added - I did get time. Caution - old versions of 1.4 may remove the netfilter Makefile from the linux sources. This will require a reinstallation of the linux sources. I've hopefully fixed the 1.4 so that it can be safely unmerged. well 1.5 doesnt work at all. Its impossible to compile kernel with this module. At least on AMD64. I have tried it with gentoo sources and with hardened-sources. CC [M] net/ipv4/netfilter/ipt_layer7.o net/ipv4/netfilter/ipt_layer7.c:26:43: linux/netfilter_ipv4/lockhelp.h: No such file or directory net/ipv4/netfilter/ipt_layer7.c:71: warning: type defaults to `int' in declaration of `DECLARE_RWLOCK' net/ipv4/netfilter/ipt_layer7.c:71: warning: parameter names (without types) in function declaration net/ipv4/netfilter/ipt_layer7.c:71: warning: data definition has no type or storage class net/ipv4/netfilter/ipt_layer7.c:72: warning: type defaults to `int' in declaration of `DECLARE_LOCK' net/ipv4/netfilter/ipt_layer7.c:72: warning: parameter names (without types) in function declaration net/ipv4/netfilter/ipt_layer7.c:72: warning: data definition has no type or storage class net/ipv4/netfilter/ipt_layer7.c: In function `match_no_append': net/ipv4/netfilter/ipt_layer7.c:241: warning: implicit declaration of function `WRITE_LOCK' net/ipv4/netfilter/ipt_layer7.c:241: error: `ct_lock' undeclared (first use in this function) net/ipv4/netfilter/ipt_layer7.c:241: error: (Each undeclared identifier is reported only once net/ipv4/netfilter/ipt_layer7.c:241: error: for each function it appears in.) net/ipv4/netfilter/ipt_layer7.c:260: warning: implicit declaration of function `WRITE_UNLOCK' net/ipv4/netfilter/ipt_layer7.c: In function `match': net/ipv4/netfilter/ipt_layer7.c:380: warning: implicit declaration of function `LOCK_BH' net/ipv4/netfilter/ipt_layer7.c:380: error: `list_lock' undeclared (first use in this function) net/ipv4/netfilter/ipt_layer7.c:383: warning: implicit declaration of function `UNLOCK_BH' net/ipv4/netfilter/ipt_layer7.c:386: error: `ct_lock' undeclared (first use in this function) net/ipv4/netfilter/ipt_layer7.c: At top level: net/ipv4/netfilter/ipt_layer7.c:457: warning: initialization from incompatible pointer type make[3]: *** [net/ipv4/netfilter/ipt_layer7.o] Error 1 make[2]: *** [net/ipv4/netfilter] Error 2 make[1]: *** [net/ipv4] Error 2 make: *** [net] Error 2 my suggestion is to remove it from portage tree and focus on l7-filter-2.0, beta is out. Btw... let me describe what gonna happen, if you upgrade from l7-filter-1.4 to 1.5 Imagine, that you have working 1.4 then you type emerge world -u 1.5 is downloaded, kernel is patched (jaj it might be ok to patch 1.4 files) When emerge of 1.5 is over, it start to unmerge 1.4 . Ummmm it seems to me, that it simply delete patched files, because you will end in situation, when you portage tree "think" that 1.4 1.5 are both installed , non of then can be unmerged, but there is no layer7 source file in kernel tree. The only one solution was to remove kernel tree, both version can be unmerged then, emerge tree again and so on.... I fubared my kernel tree few times and 1.5 realy doesnt work on amd64(duno about others. Anyway thx for coop,im looking forward to test 2.0 you :) Tomas looks like your compile error needs the additional_patch_for_2.6.13.diff patch that was in 1.4 to work. I think looking at the 1.5 patches seemed to include this one. Maybe I was wrong. The removal process was totally broken in 1.4. I've put some code in that hopefully corrects it by doing an unpatch rather than a removal of the patched files. I'm working on a 2.0_beta ebuild now. Will be added soon. Hi, For one/two days the new l7-filter-2.0_beta fails to patch the source.The logs: ...BEGIN... >>> Unpacking source... * Determining the location of the kernel source code * Found kernel source directory: * /usr/src/linux * Found sources for kernel version: * 2.6.12-gentoo-r10 >>> Unpacking netfilter-layer7-v2.0-beta.tar.gz to /var/tmp/portage/l7-filter-2.0_beta/work * Applying kernel-2.6.11-2.6.12-layer7-1.4.patch ... * Failed Patch: kernel-2.6.11-2.6.12-layer7-1.4.patch ! * ( /var/tmp/portage/l7-filter-2.0_beta/work/netfilter-layer7-v2.0-beta/for_older_kernels/kernel-2.6.11-2.6.12-layer7-1.4.patch ) * * Include in your bugreport the contents of: * * /var/tmp/portage/l7-filter-2.0_beta/temp/kernel-2.6.11-2.6.12-layer7-1.4.patch-13298.out !!! ERROR: net-misc/l7-filter-2.0_beta failed. !!! Function epatch, Line 361, Exitcode 0 !!! Failed Patch: kernel-2.6.11-2.6.12-layer7-1.4.patch! !!! If you need support, post the topmost build error, NOT this status message. ...END... Will attach the patch log next. Thanks. Now using 1.5. Rumen Created attachment 69275 [details]
patch error log
ok - fixed 2.0_beta. Try to emerge -C l7-filter and re-emerge. Thanks Rumen Hi, Fixed for me too. Not very sure, but emerged new gentoo-sources-2.6.13-r2 kernel applied l7-filter-2.0_beta and it passed wo errors.Maybe some things left from previous patches were the culpit. Issue closed. Thanks.Rumen it was an issue specific to the 2.6.12 kernel |