Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
fwbuilder gripes
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
KiTaSuMbA
Guru
Guru


Joined: 28 Jun 2002
Posts: 430
Location: Naples Italy

PostPosted: Tue Oct 15, 2002 4:18 am    Post subject: fwbuilder gripes Reply with quote

I've read about Firewall Builder in a magazine and thought to give it a try... Lucky me, it's already in the portage tree! So I emerge fwbuild 1.0.6 and try it out: The Gui loads fine, I define my objects and rules, I'm ready to "compile" my firewall script. Only that it won't compile, the fwb_ipt compiler exits gracefully but leaves an empty output file! :(
Doing a strace fwb_ipt with the apropriate arguements generates a SIGABRT
I submited this as a support request at sourceforge's fwbuilder page but the author (who was kind enough to reply within a few hours) said he had no idea of why this happens.

I append the original sourceforge entry:
Code:

##################################################################
Initial Comment:
Fwbuilder loads without trouble but when I request a
compile the generated script is empty but for the
shebang header line (#!/bin/sh).
Performing a strace directly on fwb_ipt (with the relative
arguements of course) produces a SIGABRT:
**********************************************************
.........
.........
open("MYFRW.fw.fw",
O_WRONLY|O_CREAT|O_TRUNC, 0666) = 3
rt_sigprocmask(SIG_UNBLOCK, [ABRT], NULL, 8) = 0
kill(6416, SIGABRT)                     = 0
--- SIGABRT (Aborted) ---
+++ killed by SIGABRT +++

**************************************************

fwbuilder was compiled and used on the following
system:

Gentoo 1.4rc1
2.4.19 with XFS, devfs
gcc 3.2 (CFLAGS = CXXFLAGS = -march=athlon-xp
-O3 -pipe -fomit-frame-pointer -ffast-math -fforce-addr
-falign-functions=4)
gnome 2.0

#####################################################################


Any ideas?
_________________
Need to flame people LIVE on IRC? Join #gentoo-otw on freenode!
Back to top
View user's profile Send private message
474
l33t
l33t


Joined: 19 Apr 2002
Posts: 714

PostPosted: Tue Oct 15, 2002 4:54 pm    Post subject: Reply with quote

Strange. Try re-emerging with conservative compile options:

"-march=i686 -O3 -pipe"

and see if you get the same problem. If it does fix it, then try upgrading the -march parameter first, then everything else if you feel like it; then you can submit a report to bugs.gentoo.org so a maintainer adjusts the ebuild.
Back to top
View user's profile Send private message
KiTaSuMbA
Guru
Guru


Joined: 28 Jun 2002
Posts: 430
Location: Naples Italy

PostPosted: Fri Oct 18, 2002 4:42 am    Post subject: Reply with quote

Ok, I tried that and still got the same problem... I also compiled it under slack (gcc 2.95) and it worked.
Now, I noticed two differences:
1. gcc 2.95 compiles fwbuilder *a lot* faster than gcc 3.2 even with the same conservative flags.
2. under gcc 3.2 I get a lot of warnings "typename deprecated" that I don't recall seeing in the slack compile.

Of course, compiling under slack and moving to gentoo (i.e. creating a binary tar.gz) would never work because of the libs. So right now, I'm out of fresh ideas... :(
Any suggestions?
_________________
Need to flame people LIVE on IRC? Join #gentoo-otw on freenode!
Back to top
View user's profile Send private message
474
l33t
l33t


Joined: 19 Apr 2002
Posts: 714

PostPosted: Fri Oct 18, 2002 4:27 pm    Post subject: Reply with quote

Quote:
Any suggestions?

Several:
  • Install gcc-2.9.5 to compile it. I've heard of some Gentooers working out ways to have both compilers available, but I haven't done it myself. See if you can dig anything out elsewhere on the forums on this matter, if that approach appeals to you.
  • Try recompiling the other builds that fwbuilder depends on too: emerge gtkmm libxslt gdk-pixbuf libxml2 libsigc++ gtkmm ucd-snmp libfwbuilder iproute fwbuilder
  • Try emerging an older version of fwbuilder to see if the problem persists.
  • Post a report on bugs.gentoo.org. There aren't any reported problems with fwbuilder at all there.
  • Ask if someone can build it for you as a binary package and send it to you. I want to build fwbuilder also (although I'm not likely to get around to doing it before next Monday). If it works for me I will be happy to send it to you

The warnings under gcc-3.2 are almost certainly down to the fact that the code could be better in terms of standards-compliance. "Deprecated" means "you shouldn't really be doing this because we're trying to phase this approach out", but it's not fatal i.e. it should still compile and run properly. Because the rulesets are generated from XML, I am wondering if maybe something is wrong with your XML related libs (libxml2 et al) ...
Back to top
View user's profile Send private message
KiTaSuMbA
Guru
Guru


Joined: 28 Jun 2002
Posts: 430
Location: Naples Italy

PostPosted: Sat Oct 19, 2002 6:27 pm    Post subject: Reply with quote

Well let's see:
even if I reemerge gcc-2.95 as an "extra" compiler, rebuilding shared libs with it could bring havoc to a bunch of other apps also using them and compiled with gcc3.2. Of course, downgrading perhaps the entire gtk collection of packages back to gcc 2.95 because of a utility is not an option. I'd have to emerge these ebuilds in a separate dir and then trick out the fwbuilder ebuild to use them instead of the system ones. Apart from space requirements (I doubt a gcc-2.95 built gtkmm could be based on gcc3.2 built gtk+, so I'd probably have to emerge on that dir ) - a luxury I don't have at the moment - I really don't know how to actually do this...

I didn't report the bug yet because I wanted to be sure it wasn't me doing something stupid. But now I think I'm going to file it.

When, and if, you get around to it and see that the actual fwb_ipt compiler works I'd be happy to receive this binary "gift" - just PM me and we'll find a way for me to fetch it. Notice: make sure you don't build it with full optimizations for a different cpu than mine (just stick to i686).
Thanks for the help anyway!!!
_________________
Need to flame people LIVE on IRC? Join #gentoo-otw on freenode!
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum