On Sat, Apr 17, 2004 at 10:11:12AM -0500, TJ wrote:
> On Sat, Apr 17, 2004 at 07:44:23AM +0200, Bruno Ducrot wrote:
> > > I ended up going with with debian 32 bit with a 64 bit monolithic
> > > kernel, but now iptables will not work. I'm building a chroot with
> > > iptables in it and will finangle some init script for the firewall. Is
> > > there any way to manipulate a 64 bit netfilter without this chroot being
> > > built?
> > >
> > I don't think it's possible right now.
> > Look at Andi post to lkml:
> > http://marc.theaimsgroup.com/?l=linux-kernel&m=108135503924102&w=2
> > Eventually you should be able to use the ipchains compatibility stuff
> > though if I understand that post correctly.
I had thought that running iptables in a chroot would work for me, but I
cannot seem to get iptables to build in the chroot built with:
cdebootstrap -a amd64 sarge /chroot/sarge-amd64 http://debian-amd64.alioth.debian.org/
Which failed in its own right, i chrooted after it failed and apt-get
installed a few times to fix. Iptables fails in the chrooted envornment
# make NO_SHARED_LIBS=1 KERNEL_DIR=/usr/src/linux-2.6.6-rc1
Making dependencies: please wait...
Something wrong... deleting dependencies.
make: *** [assert.h] Error 1
Has anyone built an iptables version that will work? Would there be a
risk in building iptables on a gentoo machine and pulling the binary over?
It's the same machine I built the kernel on for this debian webserver.
TJ Vanderpoel GCIA,GCIH