Notes on part 3
Part 3 chronicles my second attempt to build iplist on the Debian NSLU2. It continued from where part 2 left off.
In this second attempt, I was still using the official packages from the main repository. However, I applied the suggested patch mentioned in Debian Bug report logs – #466645. That meant rebuilding libnfnetlink from source code.
Update/note:
The developer of iplist has kindly commented in my previous post (Chronicles of iplist in Debian NSLU2 part 2). He has posted a modified source code and a deb binary for the ARM platform. If you are only interested in getting iplist to work for your Debian NSLU2, you are recommended to try these directly (I am also in the process of trying the new build).
References
I found the instructions on how to rebuild Debian packages from:
How to: Recompiling / Rebuild Debian / Ubuntu Linux Binary Source File Packages.
Install required tools
You would need:
- build-essential
- fakeroot
- dpkg-dev
sudo apt-get install build-essential fakeroot dpkg-dev
Getting the source code
First, I recommend to work in a temporary subdirectory.
mkdir ~/temp cd ~/temp
To download the source code from the main repository, you would need to edit the file “/etc/apt/sources.list”:
sudo nano /etc/apt/sources.list
In my slug, this file contained one line only:
deb http://ftp.us.debian.org/debian/ etch main
Copy that line, then change the first word of the copied line from “deb” to “deb-src”. The final “/etc/apt/sources.list” should be thus:
deb http://ftp.us.debian.org/debian/ etch main deb-src http://ftp.us.debian.org/debian/ etch main
Update list of packages:
sudo apt-get update
And download the source code to the current “temp” directory:
sudo apt-get source libnetnfnetlink1
Download build dependencies
This would download the build dependencies (if any):
sudo apt-get build-dep libnetnfnetlink1
Unpacking the source code
This would do a “Debian unpack” of the source code:
dpkg-source -x libnetnfnetlink1_0.0.16-1.dsc
Applying the patch
According to Debian Bug report logs – #466645, the patch involved replacing line:
struct nfgenmsg *nfg = (struct nfgenmsg *) ((void *)nlh + sizeof(*nlh));
with this line:
struct nfgenmsg *nfg = NLMSG_DATA(nlh);
Since it’s a simple one line change, I edited the file directly. Therefore:
cd libnfnetlink-0.0.16/ nano src/libnfnetlink.c
Building the package
Build the patched package:
dpkg-buildpackage -rfakeroot -b
It would take a few minutes to build, then you should get the “deb” files on directory up.
cd ..
Installing the package
Finally, install the package:
sudo dpkg -i libnfnetlink_0.0.16-1-arm.deb
Did it work?
Unfortunately, it didn’t. The patch did not solve the problem, and I was still seeing the same symptom (all connections blocked) and error message as before.
To recap, this command:
sudo cat /usr/var/log/syslog | grep iplist
Again, revealed this error message:
error: can't set packet_copy mode
Conclusion
In closing, this second attempt still failed in getting iplist to work in the Debian NSLU2.
After some investigations, I found there were newer versions of libnfnetlink and libnetfilter_queue in netfilter.org. Thus, the next attempt would be to rebuild the libraries from these latest source code.
Related posts
Submit to:
Post a Comment