Re: Iptables 64 Bits

["jamie@jamiebecker.com" <jamie@jamiebecker.com>]

I think Marcio is saying that he found this package in some random 
location on the net. Even so, Goswin is completely correct: the site 
simons-clan.com is passing about unaudited code without source in 
violation of the GPL.

Marcio, you probably should not use that code since it has no sources 
and you have no way of knowing if you have been rootkitted -- or worse. 
(WORSE!? ;-)) You definitely should run chkrootkit or some rootkit 
checkers on your system and treat it as suspect until you have some idea 
what's in that iptables package.

While any package has the capacity to be evil, iptables is a particular 
sensitive part of the system that can easily compromise your entire box, 
whether intentional or not.

(... all of which simply underscores the importance of Goswin's point.)



Goswin von Brederlow wrote:

> "Marcio Jacson dos Santos" <marcio@informatech.com.br> writes:
>
>  
>
> > Hi,
> >
> >
> >
> > I had problem with iptables for processor 64bits, because
> > the version avaliable is gcc -m32, then I found the package
> > with gcc -m64 and works with my emt64 and amd64
> >    
>
> That is a known issue caused by differences in alignment of C
> structures in 32bit and 64bit code. The fix is to just install the
> amd64 package manualy.
>
>  
>
> > then my minimal contribuiton with the project is send the link
> >
> > problem:
> >
> > Debian sarge only supplies iptables as a 32-bit package, see bug:
> >  http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=293938
> >
> > package ok:
> >
> > http://simons-clan.com/~msimons/amd64/
> >    
>
> That is neigther legal nor usefull. You are violating the GPL by
> providing a binary without source and that binary could contain
> anything, from "rm -rf /" to a rootkit. You must always provide
> source, for legal and auditing reasons.
>
> MfG
>        Goswin
>
>
>