> > On Wed, 22 Oct 2003 23:37:11 +0200 (MEST) > > "Svetoslav Slavtchev" <[EMAIL PROTECTED]> wrote: > > > > > Hi, > > > i'm trying to update firestarter > > > in order to use it under 2.6 test kernels, > > > the original src.rpm requires iptables > > > and we have two packages for iptables > > > one for 2.4 kernel & one for 2.6 kernel > > > > I think the reason that the iptables package in main doesn't work on 2.6 > > is > > the same as the reason it doesn't work on 2.4.22 vanilla in bug: > > http://qa.mandrakesoft.com/show_bug.cgi?id=5454 > > > > So essentially the contrib package shouldn't be needed. I tried with > > iptables-1.2.9-rc1. Compiled against 2.4.22-18mdk, it doesn't work in > > 2.6.0-test8, while when it is compiled against vanilla 2.4.22, > 2.4.23-pre1 > > or > > 2.4.23-pre7, SNAT/POSTROUTING works ok for me. > > The Mandrake kernel is based on 2.4.23-pre1, so something is wrong in > the > > mandrake kernel then. > > To be clear, I didn't test more rules, and I didn't test it on one of > the > > vanilla 2.4 kernels, but I blindly assume the behaviour is the same. > > > i'm not sure it's a kernel bug, > may be it's a netfilter bug. > > may be, just may be > netfilter check the kernels for additional > netfilter patches, and if it finds such > it build's libraries that are compatible > only for this combination of added patches, > so vanilla kernels can not be used with such > netfilter package > > if this is the case > (and if iptables really does run without problems > on 2.4 & 2.6 vanilla in case built against vanilla kernel) > then it would be probably better to rename > iptables_kernel-2.6 to smth like iptables_kernel_vanilla > (ya i know the name sucks) > but i have some better sugestions (keeping in mind the kernel naming > policy:-) ) > such as "iptables_kernel-marcelo_andrew_linus"
it's a iptables issue , we need at least two iptables packages http://netfilter.org/documentation/FAQ/netfilter-faq-3.html#ss3.20 ----------------------------------------------------- 3.20 'iptables: Invalid argument' after kernel update (nat table) You have just upgraded your kernel and suddenly some of the commands (especially in the 'nat' table), and you experience something like: # iptables -A POSTROUTING -t nat -o ppp0 -j MASQUERADE iptables: Invalid argument This happens when the structure size between kernel and userspace changes. You will need to recompile the iptables userspace program using the include files of your new kernel. This only happens if you (or the vendor of your kernel) has applied some patches either only to the old or only to the new kernel. It is not supposed to happen between vanilla kernel.org kernels. If it does, please inform the netfilter-devel mailinglist. ----------------------------------------------------- svetljo -- NEU F�R ALLE - GMX MediaCenter - f�r Fotos, Musik, Dateien... Fotoalbum, File Sharing, MMS, Multimedia-Gru�, GMX FotoService Jetzt kostenlos anmelden unter http://www.gmx.net +++ GMX - die erste Adresse f�r Mail, Message, More! +++
