Modify

Opened 12 years ago

Closed 12 years ago

Last modified 4 years ago

#429 closed task (fixed)

Kernel 2.6.16 and IPTables

Reported by: consulting@… Owned by: developers
Priority: normal Milestone: Barrier Breaker 14.07
Component: base system Version:
Keywords: Cc:

Description (last modified by nbd)

It looks like the 2.6.16 version of the kernel has changed the configuration and module names of some of the netfilter modules (i.e. CONFIG_IP_NF_MATCH_STATE is now CONFIG_NETFILTER_XT_MATCH_STATE and "ipt_state.ko" is now "xt_state.ko". In addition, the location of the module has changed as well from ipv4/netfilter to just netfilter. Just to keep things interesting, the iptables package names remain the same.

The first symptom of the problem is the obvious one, the kernel modules don't get packaged or the accompanying module from the iptables package doesn't get included - example is the state module is built-in to the kernel but doesn't do so much without the iptables module...:( The second, at least on the WGT634U was a dramatic increase in kernel panics - not sure why, but once everything was re-enabled it is back to its normal self.

I sent a patch (kernel-2.6.16-iptables.patch) to the mailing list, I kept with the original implementation style, but that also meant it got a little hackish in trying to determine what kernel was being used at package build time. The cleaner way is probably to sever the direct link to the netfilter.mk from the iptables package script - they both still would be driven by the configuration variables from ".config". I can resubmit a patch using that method if desired, just let me know. Either way, the sent patch can be used as a guide for which variables / modules were renamed.

Attachments (1)

kernel-2.6.16-iptables.patch (27.4 KB) - added by consulting@… 12 years ago.
Original Patch Submitted

Download all attachments as: .zip

Change History (5)

Changed 12 years ago by consulting@…

Original Patch Submitted

comment:1 Changed 12 years ago by consulting@…

Patch is not good, not sure why I didn't get this while testing, but menuconfig didn't like the LINUX_GENERATION stuff - me neither. I will resubmit using the alternate method described above.

comment:2 Changed 12 years ago by consulting@…

Looks like we decided to go different routes in the implementation, so I'll just submit this as a note. Even with changesets 3580, 3584 and 3585, I believe there is still with an issue with the Makefile in the iptables package as it uses the names from netfilter.mk directly in order to determine which libipt modules to package. Once this has been dispelled or corrected, this ticket can probably be closed.

comment:3 Changed 12 years ago by nbd

  • Description modified (diff)
  • Resolution set to fixed
  • Status changed from new to closed

Last part hopefully fixed in [3586]

comment:4 Changed 4 years ago by jow

  • Milestone changed from Attitude Adjustment 12.09 to Barrier Breaker 14.07

Milestone Attitude Adjustment 12.09 deleted

Add Comment

Modify Ticket

Action
as closed .
The resolution will be deleted. Next status will be 'reopened'.
Author


E-mail address and user name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.