HLFS and iptables policy match support

Robert Baker bobb at netslyder.net
Thu Jun 29 11:51:57 PDT 2006


Ok, I have been working with LFS, and HLFS for some time now quietly. I
have learned a great deal through this process, and I am now building an
HLFS SVN-20060510 system for use as a a simple packet filter. I have
grown accustomed to using shorewall iptables scripts because they are
well tested.  Those install without a hitch, and I get basic stuff
working well. Now for the problem. I also want to set up openswan using
this box, and the shorewall scripts. Well the scripts rely on Policy
Match support in both the kernel, and iptables.

I can get linux-2.6.14.6 to compile ok with a patch-o-matic from a while
ago for Policy match. The kernel boots, and seems to function properly.
However when building iptables following BLFS directions the policy
match support does not seem to get compiled in. When changing the make
command to include KERNEL_DIR=... I promplty recieve a compile error.

I dont realy need to diagnose the error, I just want to know are we not
compiling against the built kernel source tree, or are we. I am
beginning to believe we are compiling against the linux-libc-headers
rather than the kernel source because with or with out a single patch if
I pass KERNEL_DIR= it fails.

If it is a header issue can anyone tell me how to add policy match
support to the Linux-Libc-Headers-2.6.12.0? Any help is greatly appreciated.

Bob
---
[This E-mail scanned for viruses courtesy of Netslyder, Inc.(http://www.netslyder.net)]




More information about the hlfs-dev mailing list