Good day, I am trying to make my iptables work with '-m random', which is a topic discussed many times by many people, as you know.
From already existing information on the network, everyone said the
'official' way is to using the 'patch-o-matic' to patch iptables and the kernel. So I downloaded these things: kernel version: 2.6.16.21 iptables version: 1.3.8-6904 (svn checkout) patch-o-matic-ng version: 20070711 (snapshot) but after going through the '#./runme extra' script within patch-o-matic, I found no patch is related to the '-m random' thing. So my question is: does patch-o-matic-ng include a patch for '-m random'? If not, is there some place I can get that patch? PS: I've also found a discussion on lists.netfilter.org, in which a manual method is suggested: http://lists.netfilter.org/pipermail/netfilter/2006-July/066313.html However, it seems that the suggestion is for older kernels because kernel implementation in those places have changed somehow: 1. Although I can find the 'match()' and 'checkentry()' methods in 'include/linux/netfilter/x _tables.h', they take another form now, 2. and more importantly, the whole kernel sources don't contain a 'ipt_rand_info' structure (and I am a little confusing about where to put '.matchsize = sizeof(ipt_rand_info)') Any idea? Thank you! :) Regards, - Feng
