Piotr A. Sygula wrote:
>
> Trying to install 4.15 on FreeBSD 5.3 fails. Evidence attached below.
>
> Question: Is there a FreeBSD-5.0/ directory planned for inclusion in the
> sourcetree? If not, has anyone been able to successfully compile 4.1.5
> into FBSD 5.3 kernel, and if so, would anyone be willing to share their
> secrets?
I do not think you need to patch the FreeBSD 5.3 source in order to
compile/run IP Filter 4.1.5.... Anyway, it works fine with both kernel
modules and compiled into the kernel (with the dev_t patch mentioned below).
> First, make freebsd5 complains:
>
> ==================
> cc -Wall -Wuninitialized -Wstrict-prototypes -O -I. -g -I../..
> -D_BSD_SOURCE -DIPFILTER_LKM -DIPFILTER_LOG -DIPFILTER_LOOKUP
> -DIPFILTER_SCAN -Di386 -D__i386__ -DINET -DKERNEL -D_KERNEL
> -I/usr/include -I/sys -I/sys/sys -I/sys/arch -DDEVFS -DKLD_MODULE -c
> ip_fil.c -o ip_fil.o
> In file included from ip_fil.c:47:
> /sys/sys/systm.h:149: warning: conflicting types for built-in function
> 'log'
> In file included from /sys/sys/systm.h:239,
> from ip_fil.c:47:
> /sys/sys/libkern.h:100: warning: conflicting types for built-in function
> 'strdup'
> In file included from /sys/vm/uma.h:39,
> from /sys/sys/mbuf.h:40,
> from ip_fil.c:54:
> /sys/sys/malloc.h:105: warning: conflicting types for built-in function
> 'malloc'
This can be easily fixed by adding -fno-builtin to the compile options, a
(non portable solution) is:
--- BSD/Makefile~ Sun Jan 2 14:22:15 2005
+++ BSD/Makefile Sun Jan 9 16:59:47 2005
@@ -8,7 +8,7 @@
MANDIR=/usr/share/man
SEARCHDIRS!=echo $(BINDEST) $(SBINDEST) /bin /usr/bin /sbin /usr/sbin
/usr/local/bin /usr/local/sbin | awk '{for(i=1;i<NF;i++){print $$i;}}' - |
sort -u
-CC=cc -Wall -Wuninitialized -Wstrict-prototypes -O
+CC=cc -Wall -Wuninitialized -Wstrict-prototypes -O -fno-builtin
CFLAGS=-g -I$(TOP)
#
# For NetBSD/FreeBSD
> ip_fil.c: In function `iplwrite':
> ip_fil.c:734: error: argument "dev" doesn't match prototype
> ../../netinet/ip_fil.h:1209: error: prototype declaration
> *** Error code 1
Darren replied with the correct fix for this.
> ===================
> straznik1# FreeBSD/kinstall
> Installing ip_auth.c ip_auth.h ip_fil.c ip_fil.h ip_frag.c ip_frag.h
> ip_nat.c ip_nat.h ip_pool.c ip_pool.h ip_proxy.c ip_proxy.h ip_scan.c
> ip_scan.h ip_state.c ip_state.h ip_sync.c ip_sync.h fil.c ip_ftp_pxy.c
> ip_h323_pxy.c ip_ipsec_pxy.c ip_irc_pxy.c ip_netbios_pxy.c ip_pptp_pxy.c
> ip_raudio_pxy.c ip_rcmd_pxy.c ip_rpcb_pxy.c ip_compat.h ip_log.c
> Patching /sys/i386/i386/conf.c
> Hmm... Looks like a new-style context diff to me...
> The text leading up to this was:
> --------------------------
> |*** conf.c.orig Sun Jan 14 15:39:32 1996
> |--- conf.c Sun Jan 14 15:48:21 1996
> --------------------------
>
> ===================
>
> With freebsd4/kinstall:
>
> ===================
> straznik1# FreeBSD-4.0/kinstall
> Installing ip_auth.c ip_auth.h ip_fil.c ip_fil.h ip_nat.c ip_nat.h
> ip_pool.c ip_pool.h ip_proxy.c ip_proxy.h ip_scan.c ip_scan.h ip_state.c
> ip_state.h ip_sync.c ip_sync.h fil.c ip_ftp_pxy.c ip_h323_pxy.c
> ip_ipsec_pxy.c ip_irc_pxy.c ip_netbios_pxy.c ip_pptp_pxy.c
> ip_raudio_pxy.c ip_rcmd_pxy.c ip_rpcb_pxy.c mlfk_ipl.c ipl.h ip_compat.h
> ip_log.c
> Linking /usr/include/osreldate.h to /sys/sys/osreldate.h
> ln: /sys/sys/osreldate.h: File exists
>
> Patching ip6_input.c and ip6_output.c
> cat: FreeBSD-4.0/ipv6-patch-5.3: No such file or directory
> Hmm... I can't seem to find a patch in there anywhere.
> Kernel configuration to update [GENERIC]
> IPFilter already configured in kernel config file
Both install scripts are to old to be usefull. Try BSD/kupgrade instead.
> ***
> ****
> Peter A. Sygula
> President/Chief Security Officer - NetShapers, Inc.
> < http://www.net-shapers.com >
Frank (not the president or chief of anything).
