I have kernel 2.6.21, iptables 1.3.7, and pom-ng 20070527. I run ./runme --download --batch condition and the patch applies successfully. But when I build iptables, the condition extension isn't included. This is because iptables-1.3.7/extensions/.condition-test tests for the existence of $KERNEL_DIR/include/linux/netfilter_ipv4/ipt_condition.h But the condition patch doesn't create that file any more; it now creates $KERNEL_DIR/include/linux/netfilter/xt_condition.h I guess that .condition-test needs to check for the kernel version that it's being built against before deciding which header file it wants to look for. Thanks, Andrew.
