HLFS and iptables policy match support

Kevin Day thekevinday at gmail.com
Thu Jun 29 20:45:08 PDT 2006


On Thu, 29 Jun 2006 13:51:57 -0500
Robert Baker <bobb at netslyder.net> wrote:

> I can get linux-2.6.14.6 to compile ok with a patch-o-matic from a
> while ago for Policy match. The kernel boots, and seems to function
> properly. However when building iptables following BLFS directions
> the policy match support does not seem to get compiled in. When
> changing the make command to include KERNEL_DIR=... I promplty
> recieve a compile error.

This e-mail reminded me of something I noticed recently when I compiled
iptables, so I figured it would be useful to point out.

When I had built iptables, I had forgotten to unpack my kernel source,
I did not feel like waiting and decided to test this.

I compiled iptables with the KERNEL_DIR= pointing to where I installed
my linux-headers (aka linux-libc-headers).
It seems to have compile properly, but I still wonder if something may
be missing.

So, does iptables actually need ONLY the linux-headers, if so perhaps
we should link to those headers instead of having the actual kernel
source.  Seems to feel like better practice, as whatever the
linux-libc-headers is, it is considered to be more stable than directly
using the actual kernel source.



More information about the hlfs-dev mailing list