On Monday 2009-03-16 14:39, Patrick McHardy wrote: > Jan Engelhardt wrote: >> On Monday 2009-03-16 09:38, Pablo Neira Ayuso wrote: >>> Jan Engelhardt wrote: >>>> diff --git a/extensions/libipt_DNAT.c b/extensions/libipt_DNAT.c >>>> index f0a2369..b5f8028 100644 >>>> --- a/extensions/libipt_DNAT.c >>>> +++ b/extensions/libipt_DNAT.c >>>> @@ -6,8 +6,9 @@ >>>> #include <getopt.h> >>>> #include <xtables.h> >>>> #include <iptables.h> /* get_kernel_version */ >>>> +#include <limits.h> /* INT_MAX in ip_tables.h */ >>>> #include <linux/netfilter_ipv4/ip_tables.h> >>>> -#include <linux/netfilter/nf_nat.h> >>>> +#include <net/netfilter/nf_nat.h> >>> I thought that kernel headers under net/ are not ever exported to >>> userspace ? >> >> You are correct, of course. But ipt_SAME.h (which is exported) wants >> struct nf_nat_range, and this is defined in nf_nat.h. > > We used to have ip_nat_range(_compat) for compatibility for that reason > IIRC. The kernel doesn't need anymore, so I think userspace should carry > a copy as long as ipt_SAME is still supported. > But that only makes it harder to keep files in sync :-/ -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
