Re: linux-2.6.24 & iptables/netfilter



jayjwa <jayjwa@xxxxxxxxxxxxxxxxxxx> wrote:

Not again... seems this happened not so long ago as well. I saw there
was a 2.6.24 out now, and it looks like there was alot of changes (9mb
patch against 2.6.23) and new features. The kernel compile was fine; I
wish I could say the same for iptables- it seems to be completely
broken by this update:

Log of make -k
Mon Jan 28 20:22:52 2008

<SNIP>
make[2]: Target `all' not remade because of errors.
make[2]: Leaving directory `/usr/src/iptables--20080127'
make[1]: *** [all-recursive] Error 1
make[1]: Leaving directory `/usr/src/iptables--20080127'
make: *** [all] Error 2
make died with exit status 2

Mon Jan 28 20:24:01 2008
----------------

I left the log long so you could feel my pain ;)

It's switched to autoconf too, and it seems you're getting ipv6 like
it or not (no disable switch). I don't think the distros have picked
up on this yet as Google has nothing about 2.6.24/iptables. There's
going to have to be some serious reworking done if people are going to
start using 2.6.24. I really hate when the kernel people change
everything and pull the floor out from under all other
projects...don't they realize a kernel does not an operating system
alone make?

I can't comment on the issue above except to say that I just upgraded
from 2.6.23 to 2.6.24 with no problems regarding iptables at all. I
didn't use the patch, I downloaded the entire source tree. Then I
copied over my old .config and did a `make oldconfig` and selected all
default replies to the differences.

I use a lot of Rules and it is working just fine.

The only issue I'm having with the new kernel is with the new core
scheduler and `dnetc` (Distributed Computing Client) as the default
rules make my system almost unuseable when the load goes up to nearly
100%. Still investigating this.

--
------------------------------------------------
http://www3.sympatico.ca/dmitton
SPAM Reduction: Remove "x." from my domain.
------------------------------------------------
.



Relevant Pages

  • Re: RT patch acceptance
    ... judge the complexity of a design for that type of system. ... claim that you cannot judge the complexity of a kernel modification. ... Since the patch in question doesn't actually need that information to ... nanokernel's API up to date with additions to Linux's API that RT people ...
    (Linux-Kernel)
  • Re: inline asm semantics: output constraint width smaller than input
    ... Now in this case the patch you suggest might end up hurting the end result ... The below patch is to build the kernel for x86_64, ... # Device Drivers ... # PCI IDE chipsets support ...
    (Linux-Kernel)
  • [RFC] Making percpu module variables have their own memory.
    ... Someone using the -rt patch found that one of the tracing options caused ... 64K for every CPU to cover all the per_cpu variables used in the kernel ... static void wakeup_softirqd_prio ...
    (Linux-Kernel)
  • Re: This is [Re:] How to improve the quality of the kernel[?].
    ... The -mm kernel already implements what your proposed PTS would do. ... If patch have no TS ID, ... Thus i can apply for example lguest patches and implement and test new ... How many open source projects use Bugzilla and how many use the Debian BTS? ...
    (Linux-Kernel)
  • Re: Documentation - how to apply patches for various trees
    ... >> explanation of the various kernel trees and how to apply their patches. ... +a patch to the kernel or, more specifically, what base kernel a patch for ... +and what new version the patch will change the source tree into. ...
    (Linux-Kernel)