[Fwd: Re: Shorewall and SPARC]

To: debian-sparc@lists.debian.org
Subject: [Fwd: Re: Shorewall and SPARC]
From: "Eric Nichols" <eric@dirwiz.com>
Date: Sun, 24 Aug 2008 22:15:45 -0400 (EDT)
Message-id: <[🔎] 1130.10.100.2.10.1219630545.squirrel@www.dirwiz.net>

I apologize for the long thread.  This was a discussion I had with the
shorewall maintainer for debian.  Might be a sparc issue?

------------------------------ Original Message ------------------------------
Subject: Re: Shorewall and SPARC
From:    Roberto C. Sánchez <roberto@connexer.com>
Date:    Thu, August 21, 2008 8:05 pm
To:      "Eric Nichols" <eric@dirwiz.com>
------------------------------------------------------------------------------

On Thu, Aug 21, 2008 at 07:25:50PM -0400, Eric Nichols wrote:
> Roberto C. Sánchez wrote:
> >On Thu, Aug 21, 2008 at 12:34:57PM -0400, Eric Nichols wrote:
> >>Hello,
> >>I've been using shorewall in Etch for quite a while and I absolutely
> >>love it.  I am currently running this on a Sun Ultra 2 (SPARC processor)
> >>and get the following messages below.  Should I be concerned about them?
> >> I can't find anything that references these items.
> >>
> >>ip_tables: conntrack match: invalid size 80 != 72
> >>ip_tables: connmark match: invalid size 24 != 16
> >>ip_tables: MARK target: invalid size 16 != 8
> >>ip_tables: CONNMARK target: invalid size 24 != 16
> >>
> >OK.  I should have been able to diagnose this right away, but it escaped
> >me.  After consultation with the author of Shorewall, I can point you at
> >this: http://www.shorewall.net/3.0/FAQ.htm#faq61
> >
> >Basically, I think that this can be caused by a partially upgraded
> >system.  Did you happen to upgrade iptables but not the kernel?
> >
> >Regards,
> >
> >-Roberto
> >
> I've seen this on just about every sparc install I've done.  I'm running
> stock etch with everything current.  I'm leaning more towards an issue
> in the sparc build itself.  It's not the most widely maintained
> architecture.  Thanks for the followup.
>
I've never used Debian on Sparc hardware, so I don't know.  However,
according to Tom (the author of Shorewall), this is a common occurrence
on Debian and it has to do with iptables being built against an
incompatible set of kernel headers (as compared to the kernel against
which it is running).

If you try asking your question on the mailing list (and at least
mention that you have already been give an answer, but that you are
looking for more info), you might find a Debian+Sparc user who can help.
You might also try the netfilter mailing list, as this is not
Shorewall-specific.

Regards,

-Roberto

-- 
Roberto C. Sánchez
http://people.connexer.com/~roberto
http://www.connexer.com

Reply to:

Follow-Ups:
- Re: [Fwd: Re: Shorewall and SPARC]
  - From: Mark Morgan Lloyd <markMLl.debian-sparc@telemetry.co.uk>

Prev by Date: [Solved] Re: PCI cards on Ultra5
Next by Date: Vacancy available
Previous by thread: Re: PCI cards on Ultra5
Next by thread: Re: [Fwd: Re: Shorewall and SPARC]
Index(es):
- Date
- Thread