On Tue, 9 Aug 2005, Goswin von Brederlow wrote:
Matthias Wenthe <wenthe@ims.de> writes:On Mon, 8 Aug 2005, Lennart Sorensen wrote:Are you running an amd64 kernel with a 32bit i386 sarge install? If so that is your problem. iptables has to be 64bit to talk to a 64bit kernel due to an alignment issue in the kernel structures for iptables or something like that. So you do need at least the 64bit iptables binary and associated libs. a 64bit chroot is one option for install it easily, after which you can call it from 32bit install just fine. A pure 64bit install would of course just work. Len SorensenThank you for clearing up what I suspected. In the chroot 64 bit installation an ldd /sbin/iptables shows libdl.so.2 => /lib/libdl.so.2 (0x0000002a9566c000) libnsl.so.1 => /lib/libnsl.so.1 (0x0000002a95770000) libc.so.6 => /lib/libc.so.6 (0x0000002a95886000) /lib64/ld-linux-x86-64.so.2 => /lib64/ld-linux-x86-64.so.2 (0x0000002a95 The last library is easy to integrate into the 32 bit i386 sarge. But what about the first three ones. How can I make the 64 bit iptables binary which I put to /usr/local/sbin in 32 bit sarge look for the libs in another place but /lib where the 32 bit libs with the same name are placed ? Regards Matthias Wentheapt-get install amd64-libs That should have all required libs already.
I did as recommended and copied the iptables and ip binaries from the chroot 64 bit installation to /usr/local/sbin in 32 bit sarge installation. I also installed the amd64-libs and yes I was able to execute /usr/local/sbin/iptables and get the syntax help. Encouraged by that I changed the path in the fwbuilder fw script (/usr/local/sbin before /usr/sbin) and changed the variables for the binaries iptables and ip so that they pointed to the 64 bit versions. Unfortunately I forgot to remove the symlink /etc/rcS.d/S42{myfwscript} to the fw script and so I was hopelessly locked out at first try (stupid me). The error I got was:
iptables v1.2.11: Couldn't load target `standard':/lib/iptables/libipt_standard.so: cannot open shared object file: No such file or directory
Try `iptables -h' or 'iptables --help' for more information. iptables: Can't delete chain with references left So I had to call the guys from the data processing center and asked for help at the console and subsequent reboot service.Since I have no testing system at hand I must admit that I for now am cured of further experiments of that kind.
But thanks anyway for your help Matthias Wenthe