uhm ... I was fighting with the same problem some weeks ago. My solution was a vanilla kernel and use gcc 3.3 with iptables 1.3.5. This for fc4. Hope this help. Jorge. El mar, 14-03-2006 a las 10:56 +0100, thierry itty escribió: > Hello > I've an "out-of-the-box" fedora core 4 (standard i686 on either amd or > pentium) > I want to apply gre and pptp patches to netfilter > > I install the kernel sources and rebuild the binaries : > > rpm -Uvh kernel-2.6.11-1.1369_FC4.src.rpm > rpmbuild -bp --target=i686 /usr/src/redhat/SPECS/kernel-2.6.spec > cd /usr/src/redhat/BUILD/kernel-2.6.11-1/linux-2.6.11-1 > cp configs/kernel-2.6.11-1.i686.config ./.config > make menuconfig (just to check) > make > > the kernel build ok (with some warnings here and there but nothing > unusual...) > I make it visible : > ln -s /usr/src/redhat/BUILD/kernel-2.6.11-1/linux-2.6.11-1 /usr/src/linux > > I install the iptables sources > rpm -Uvh iptables-1.3.0-2.src.rpm > rpmbuild -bp --target=i686 /usr/src/redhat/SPECS/iptables.spec > > when i compile > cd /usr/src/redhat/BUILD/iptables-1.3.0 > make > > I get the following error several times > /usr/src/linuc/include/linux/config.h:6:2 error : #error including > kernel header in userspace; use the glibc headers instead! > > After googling a while, I see that some people have solved this by just > removing the test that triggers the error in > /usr/src/linux/include/linx/config.h (file which is brought by the > kernel source package installation + prep by the symlink made just > before, which should thus be "the right one"), this test reads > #if !defined (__KERNEL__) && !defined(__KERNGLUE__) > #error including kernel header in userspace; use the glibc headers instead! > #endif > > I really don't see where's my error, and I wonder wether this is the > right way for recompiling FC4 packages... > > Actually, I do need to do this because we have to handle several pptp > vpns going throught this machine, and i have to apply pptp and h323 > helpers patches from patch-o-matic > > If I do as I saw (modify the config.h source to remove the test), > iptables compiles but we are unable to handle pptp vpns (we were used to > do that with 2.4 kernels and it works fine), modprobe and rmmod go in > endless loops, and so on... > > With a little more googling, I saw that userspace applications (iptables > in this case) should not use kernel headers, but glibc ones instead, > hence the error, and since the 2.6 kernel releases, this looks more like > a mus than a should. So, another solution I found was to remove the > "-I$(KERNEL_DIR)/include" from iptables' Makefile... > > Doing so, iptables begins to compile, but stops quickly after a > "linux/netfilter_ipv4/ipt_CLUSTERIP.h" missing file error > I see that the include files iptables uses this way are provided by > glibc-kernheaders-2.4.-9.1.94, standard version for FC4, but those files > look three years old and obviously recent netfilter stuff isn't present > within (to say nothing about the remainder), and making compile to abort > > Some more googling, until I find a post which says that to compile > iptables without using the kernel headers I have to install > "linux-libc-headers" that are a brand of userspace kernel headers. Ok, > let's give it a try : I restore iptables' original makefile (with > -I$(KERNEL_DIR)/include) and export a KERNEL_DIR environment variable > set to the directory where I untared linux-libc-headers, and I (after a > make clean) I start a new make. > Fine, iptables compiles successfully > > But now comes the big question : when I'll apply pptp and h323 patches > from p-o-m, I can direct KERNEL_DIR to either the true kernel source > directory or to this new "headers only" directory, but obviously not > both. So I'll get either the kernel sources patched, which is necessary > to build a patched kernel, or I'll get the headers patched, which is > necessary to build iptables, but how will I be able to build both ??? > > So to conclude and make it short, is there anybody out there who has > successfully applied pptp and h323 patches on an out-of-the-box fedora > core 4, and how did he do that ? > Should I upgrade to a 2.6.15 kernel ? vanilla or fc4 flavour ? > > many thanks in advance > > -- Jorge Isaac Davila Lopez Nicaragua Open Source +505 808 2478 davila@xxxxxxxxxxxxxxxxxxxxxxx
