Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 203517

Summary: net-firewall/iptables-1.4.0 - IMQ extension doesn't work
Product: Gentoo Linux Reporter: Nebojsa Trpkovic <trxman>
Component: New packagesAssignee: Peter Volkov (RETIRED) <pva>
Status: RESOLVED FIXED    
Severity: minor CC: base-system
Priority: High    
Version: 2007.0   
Hardware: All   
OS: Linux   
URL: http://tech.groups.yahoo.com/group/linuximq/message/2071
Whiteboard:
Package list:
Runtime testing required: ---
Attachments: IMQ patch for iptables-1.4.0

Description Nebojsa Trpkovic 2007-12-27 21:19:57 UTC
the brand new ebuild net-firewall/iptables-1.4.0 is in the portage tree.
it works fine except for imq. 
patch that is applied if USE="imq" is selected is iptables-1.3.6-imq.diff
that patch is reported to work well with iptables 1.3.6 - 1.3.8
guess for iptables 1.4.0 is needed different patch.
I've wrote about it on linuximq mailing list and Pablo Sebastián Greco made the new patch:
http://tech.groups.yahoo.com/group/linuximq/message/2071

he tested it on kernel 2.6.23.12 and iptables 1.4.0
I've installed it on gentoo x86_64 system with gentoo-sources 2.6.23-r5 and iptables 1.4.0 ebuild. 
net-firewall/iptables-1.4.0 has been unpacked with USE="imq" to avoid patching with old imq patch. after that, I've applied manualy new imq patch, compiled, installed and qmerged it. everything works fine. no probles so far.

so, imq patch in iptables ebuild should be refreshed.
new patch maybe is not tested for long time, but at least it works.
old one doesn't work at all.

I'm putting new patch in attachment and including my system settings below this line.


Portage 2.1.3.19 (default-linux/amd64/2007.0, gcc-4.2.2, glibc-2.7-r1, 2.6.23-gentoo-r5 x86_64)
=================================================================
System uname: 2.6.23-gentoo-r5 x86_64 Intel(R) Core(TM)2 Duo CPU E6550 @ 2.33GHz
Timestamp of tree: Thu, 27 Dec 2007 02:00:02 +0000
distcc 2.18.3 x86_64-pc-linux-gnu (protocols 1 and 2) (default port 3632) [disabled]
app-shells/bash:     3.2_p17
dev-java/java-config: 1.3.7, 2.0.33-r1
dev-lang/python:     2.4.4-r6
dev-python/pycrypto: 2.0.1-r6
sys-apps/baselayout: 1.12.10-r5
sys-apps/sandbox:    1.2.18.1-r2
sys-devel/autoconf:  2.61-r1
sys-devel/automake:  1.9.6-r2, 1.10
sys-devel/binutils:  2.18-r1
sys-devel/gcc-config: 1.3.16
sys-devel/libtool:   1.5.24
virtual/os-headers:  2.6.23-r2
ACCEPT_KEYWORDS="amd64"
CBUILD="x86_64-pc-linux-gnu"
CFLAGS="-march=nocona -O2 -pipe -g"
CHOST="x86_64-pc-linux-gnu"
CONFIG_PROTECT="/etc /opt/openfire/resources/security/ /var/bind"
CONFIG_PROTECT_MASK="/etc/env.d /etc/env.d/java/ /etc/gconf /etc/php/apache2-php5/ext-active/ /etc/php/cgi-php5/ext-active/ /etc/php/cli-php5/ext-active/ /etc/revdep-rebuild /etc/terminfo /etc/udev/rules.d"
CXXFLAGS="-march=nocona -O2 -pipe -g"
DISTDIR="/var/ftp/gentoo/distfiles"
FEATURES="distlocks metadata-transfer parallel-fetch sandbox sfperms strict unmerge-orphans userfetch"
GENTOO_MIRRORS="http://mirrors.sec.informatik.tu-darmstadt.de/gentoo/ http://ftp.ntua.gr/pub/linux/gentoo/ http://mirror.ing.unibo.it/gentoo/ http://gentoo.inf.elte.hu/ http://ftp.gentoo.bg/"
LINGUAS="en sr sr@Latn ru"
MAKEOPTS="-j3"
PKGDIR="/usr/portage/packages"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --delete-after --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages --filter=H_**/files/digest-*"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
PORTDIR_OVERLAY="/usr/local/portage"
SYNC="rsync://rsync.gentoo.org/gentoo-portage"
USE="64bit a52 aac aalib acl acpi amd64 amr apache2 berkdb bitmap-fonts bzip2 cli cracklib crypt cups dri dts dvb encode exif ffmpeg freetype gd gdbm geoip gif gpm httpd iconv imagemagick imlib iproute2 isdnlog ithreads jabber jbig jpeg lm_sensors logrotate lzo midi mmx mod mp3 mpeg mudflap multipath mysql ncurses nfs nls nptl nptlonly ogg openmp pam pcre perl php png pppd python readline reflection rle rrdtool samba session slang smp snmp spl sse sse2 ssl stream tcpd theora threads tiff transcode truetype truetype-fonts type1-fonts unicode usb vcd vorbis wmf xml xorg xvid zip zlib" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic auth_digest authn_anon authn_dbd authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dav dav_fs dav_lock dbd deflate dir disk_cache env expires ext_filter file_cache filter headers ident imagemap include info log_config logio mem_cache mime mime_magic negotiation proxy proxy_ajp proxy_balancer proxy_connect proxy_http rewrite setenvif so speling status unique_id userdir usertrack vhost_alias" ELIBC="glibc" INPUT_DEVICES="keyboard mouse evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="en sr sr@Latn ru" USERLAND="GNU" VIDEO_CARDS="apm ark chips cirrus cyrix dummy fbdev glint i128 i810 mach64 mga neomagic nv r128 radeon rendition s3 s3virge savage siliconmotion sis sisusb tdfx tga trident tseng v4l vesa vga via vmware voodoo"
Unset:  CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LANG, LC_ALL, LDFLAGS, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS
Comment 1 Nebojsa Trpkovic 2007-12-27 21:22:29 UTC
Created attachment 139467 [details, diff]
IMQ patch for iptables-1.4.0

IMQ patch for iptables-1.4.0 made by Pablo Sebastián Greco
Comment 2 SpanKY gentoo-dev 2007-12-27 21:47:15 UTC
ive removed USE=imq.  put your random patches into /etc/portage/patches/net-firewall/iptables/ or such.
Comment 3 Nebojsa Trpkovic 2007-12-27 21:58:55 UTC
looks like degradation instead of fix.

guess it's the way to go...

Comment 4 Peter Volkov (RETIRED) gentoo-dev 2007-12-28 12:41:18 UTC
I'll take care of this stuff as I'm using it.
Comment 5 Peter Volkov (RETIRED) gentoo-dev 2008-01-08 16:25:04 UTC
Well patch added into the tree. Now really FIXED.