Baruch Siach <baruch@xxxxxxxxxx> wrote: > Pablo Neira Ayuso writes: > >> > This is updating a cached copy of the kernel headers, we basically > >> > copy kernel headers and place in the userspace tree to make sure that > >> > iptables compiles standalone, without the need for kernel-headers to > >> > be installed in the system in order to simplify building process. > >> > > >> > I would like we don't have to modify this cached copy, so if you can > >> > find a way to update the userspace C files without touching the cached > >> > copy of the kernel header, that would be great. My concern is that > >> > this little tweak will go away once we update the cached copy anytime > >> > soon in the future. > >> > > >> > Thanks. > >> > >> I can't think of any better solution. > >> > >> A possible alternative would be to add '#define _LINUX_IN_H' in every > >> file that include netinet/in.h to suppress the kernel headern. This is a > >> bigger change, although is doesn't touch any cached kernel header as far > >> as I can see. > >> > >> Do you like this solution better? > > > > Probably we can consolidate this in one single spot, eg. > > iptables/nft.h ? So we only have to add this once. > > I don't understand your suggestion. Both netfilter.h and netinet/in.h > are included in many places: Note that I missed Pablos comment and did apply your patch. I think its not worth it to spend more time on this. If we lose the patch in some future update and someone spots this bug again we just have to ressurect it.
