| View previous topic :: View next topic |
| Author |
Message |
tnt
Veteran
Joined: 27 Feb 2004
Posts: 1227
|
 Posted: Sun Apr 03, 2005 5:04 pm Post subject: [SOLVED] l7-filter on amd64 ??? |
 |
|
Have anyone tried or successfully used l7-filter on amd64?
| Code: | * net-misc/l7-filter [ Masked ]
Latest version available: 1.1
Latest version installed: [ Not Installed ]
Size of downloaded files: 69 kB
Homepage: http://l7-filter.sourceforge.net
Description: Kernel modules for layer 7 iptables filtering
License: GPL-2
* net-misc/l7-protocols [ Masked ]
Latest version available: 2005.03.14
Latest version installed: [ Not Installed ]
Size of downloaded files: 53 kB
Homepage: http://l7-filter.sourceforge.net/protocols
Description: Protocol definitions of l7-filter kernel modules
License: GPL-2 |
It seems that these packages are marked by "missing keyword":
http://packages.gentoo.org/search/?sstring=l7
And I need that filter very much for my 64-bit server... 
_________________
gentoo user
Last edited by tnt on Mon Jul 11, 2005 3:47 pm; edited 1 time in total |
|
| Back to top |
|
 |
tnt
Veteran
Joined: 27 Feb 2004
Posts: 1227
|
|
| Back to top |
|
|
Maedhros
Bodhisattva
Joined: 14 Apr 2004
Posts: 5511
Location: Durham, UK
|
| Posted: Mon Apr 18, 2005 5:07 pm Post subject: |
|
|
Have you tested it to see if it works? The reason it doesn't have a keyword at the moment is probably that no-one responsible for that package can test it on amd64, so it would probably help a lot if you could test it and report whether it works or not.
_________________
No-one's more important than the earthworm. |
|
| Back to top |
|
|
tnt
Veteran
Joined: 27 Feb 2004
Posts: 1227
|
| Posted: Mon Apr 18, 2005 5:25 pm Post subject: |
|
|
OK, I'll test it... I hope I remember how to hack those /etc/portage/* files to be able to emerge it... 
_________________
gentoo user |
|
| Back to top |
|
|
tnt
Veteran
Joined: 27 Feb 2004
Posts: 1227
|
| Posted: Fri Apr 22, 2005 4:25 pm Post subject: |
|
|
I've emerged l7-fitler and l7-protocols packages. They partialy work.
I can use them on almost every protocol - only http and fasttrack doesn't work.
Problem is something like this:
| Code: | titan saomege # iptables -t mangle -A POSTROUTING -o eth2 -m layer7 --l7proto fasttrack -j MARK --set-mark 0x5
Segmentation fault
titan saomege # iptables -t mangle -A POSTROUTING -o eth2 -m layer7 --l7proto http -j MARK --set-mark 0x5
*** glibc detected *** double free or corruption (!prev): 0x000000000050feb0 ***
Aborted
titan saomege # |
and solution for that should be this (from l7-filter-developers mailing list):
| Code: | Ok, try replacing "int" with "size_t" at line 62:
-- extensions/libipt_layer7.c.orig 2005-03-06 22:20:28.043163816 -0600
+++ extensions/libipt_layer7.c 2005-03-06 22:14:13.616085384 -0600
@@ -59,7 +59,7 @@ int parse_protocol_file(char * filename,
{
FILE * f;
char * line = NULL;
- int len = 0;
+ size_t len = 0;
enum { protocol, pattern, done } datatype = protocol; |
But... I don't know how to patch iptables source during an emerge - it always gets overwritten by original one.
Any links to gentoo-manual-package-compilation guide?
_________________
gentoo user |
|
| Back to top |
|
|
tnt
Veteran
Joined: 27 Feb 2004
Posts: 1227
|
|
| Back to top |
|
|
tnt
Veteran
Joined: 27 Feb 2004
Posts: 1227
|
|
| Back to top |
|
|
tnt
Veteran
Joined: 27 Feb 2004
Posts: 1227
|
|
| Back to top |
|
|
tnt
Veteran
Joined: 27 Feb 2004
Posts: 1227
|
| Posted: Mon Jul 11, 2005 3:46 pm Post subject: |
|
|
Great news: finaly in the portage tree !!!
_________________
gentoo user |
|
| Back to top |
|
|
|
Gentoo on AMD64
