Re: [PATCH] [iptables] extensions: libxt_LOG.c: fix linux/netfilter/xt_LOG.h include on Linux < 3.4

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Wed, Feb 22, 2023 at 02:30:51PM +0100, Pablo Neira Ayuso wrote:
> On Wed, Feb 22, 2023 at 01:07:15PM +0100, Phil Sutter wrote:
> > On Wed, Feb 22, 2023 at 11:04:41AM +0100, Pablo Neira Ayuso wrote:
> > > On Wed, Feb 22, 2023 at 08:23:49AM +0100, Thomas Devoogdt wrote:
> > > > libxt_LOG.c:6:10: fatal error: linux/netfilter/xt_LOG.h: No such file or directory
> > > > . #include <linux/netfilter/xt_LOG.h>
> > > >           ^~~~~~~~~~~~~~~~~~~~~~~~~~
> > > > 
> > > > Linux < 3.4 defines are in include/linux/netfilter_ipv{4,6}/ipt_LOG.h,
> > > > but the naming is slightly different, so just define it here as the values are the same.
> > > > 
> > > > https://github.com/torvalds/linux/commit/6939c33a757bd006c5e0b8b5fd429fc587a4d0f4
> > > 
> > > Probably you could add xt_LOG.h to iptables/include/linux/netfilter/ ?
> > > 
> > > There are plenty of headers that are cached there to make sure
> > > userspace compile with minimal external dependencies.
> > > 
> > > xt_LOG.h is missing for some reason in that folder, but there are many
> > > of xt_*.h files there.
> > 
> > While being at it, how about caching all netfilter kernel headers we
> > include? The only downside I see is that we may have to update them from
> > time to time (in case new symbols land) but that's rare and the
> > alternative is accidental breakages like above.
> 
> Caching _all_ dependencies is going to be hard, because it might pull
> in lots of header files. The idea so far has been to find a reasonable
> tradeoff, ensuring that iptables compilation is self-contained in a
> best effort approach.

OK, for fun I tried compiling with linux headers from 2.6.39 and 3.0.101
in /usr/include/linux. The only missing files apart from the above were
linux/bpf{,_common}.h. So I guess if we add those as well, we're good
for a while. :)

> > WDYT? I'd volunteer to do it. :)
> 
> iptables already caches a lot of header files, as I said I don't
> remember why this one has never been cached before.

Git says, it's my fault. :(
When merging libipt and libip6t LOG.c files, I introduced the include
but missed to copy the header as well.

I'll apply Thomas' patch adding a reference to my commit and follow up
with bpf header copy (unless someone objects).

Thanks, Phil
[Index of Archives]     [Netfitler Users]     [Berkeley Packet Filter]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux