Jan Engelhardt wrote:
You can change the XT_ALIGN macro in the kernel/include/linux/netfilter/x_tables.h and iptables/include/linux/netfilter/x_tables.h to read #ifndef roundup #define roundup(x, y) ((((x) + ((y) - 1)) / (y)) * (y)) #endif #define XT_ALIGN(s) roundup(s, sizeof(uint64_t)) and try again. There might be more alignment issues hiding, so don't expect it to fix it all in a magic whizz.
An idea to avoid these problems in the future would be to change the kernel so it accepts stricter alignment than what we currently use and after a grace period (maybe 1-2 years) change XT_ALIGN in userspace so it starts using u64 or simply 8 byte alignment everywhere. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
