l i n u x - u s e r s - g r o u p - o f - d a v i s
L U G O D
 
Next Meeting:
September 2: Social gathering
Next Installfest:
TBD
Latest News:
Aug. 18: Discounts to "Velocity" in NY; come to tonight's "Photography" talk
Page last updated:
2005 Apr 30 05:46

The following is an archive of a post made to our 'vox-tech mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
[vox-tech] HOWTO: use iptables on Debian/sarge when running a64-bit amd kernel
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[vox-tech] HOWTO: use iptables on Debian/sarge when running a64-bit amd kernel



I figure documenting these steps here may save some else a little time
when they do a google search... since this issue may be around for a while.

I did these steps once and the result works for me... haven't checked
for typos in the steps below, so be cautious.

This might not be the "best" way to do this, I didn't see anything on
google when I looked.


The Issue ...

32-bit iptables doesn't work on a machine running amd64 kernel, when run
it reports:
===
# iptables -L
iptables v1.2.11: can't initialize iptables table `filter': Module is 
wrong version Perhaps iptables or your kernel needs to be upgraded.
===

Debian sarge only supplies iptables as a 32-bit package, see bug:
  http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=293938


So you can run a 32-bit kernel or...

two work arounds:
  - Compile iptables as 64 bit yourself
  - Use my package for sarge


Use my package for sarge:
========================

Understand that when you do the install step below, you'll be running
lots of files from my machine as root without having looked at them first.
If you do this, you must trust me and believe that no one has broken
into my machine (and replaced the files with something bad).

in /etc/apt/sources.list add the following lines:
===
# Mike's iptables packages for amd-64
deb http://simons-clan.com/~msimons/amd64/ sarge main
===

in /etc/apt/preferences add the following lines:
===
Package: *
# Pin: release o=msimons@simons-clan.com
Pin: origin simons-clan.com
Pin-Priority: 901

===

then run:
===
apt-get update
apt-get install iptables
===



Compile iptables as 64-bit yourself:
===================================

This general approach should work for anyone wanting 64bit package in
debian.

Once you have a local apt source setup, you can do all kinds of things
like recompile modern "unstable" versions of packages against a future
stable/sarge ... so you can have the latest without pulling in hundreds
of other unstable packages.

Please let me know if there are any errors in the following steps.

as root... in a bash shell, run the following 
  (step by step, watching for error message is a good idea).
===
# step system to compile
apt-get build-deps iptables
apt-get install gcc-3.4 amd64-libs-dev amd64-libs lib64gcc1
apt-get source iptables


# prep, fixup, and compile package
cd /usr/src/iptables-*[0-9]
./debian/rules prep
CC="gcc-3.4 -m64" ./debian/rules build


# setup a local apt source, to hold the package
cd /usr/src
mkdir -p /usr/local/apt/sarge
cp *deb /usr/local/apt/sarge

cat > /usr/local/apt/sarge/Release <<EOF
Archive: sarge
Component: main
Version: 3.0
Origin: you@your-place.com
Label: special-sarge
Architecture: i386
EOF

cd /usr/local/apt/sarge
dpkg-scanpackages . /dev/null > Packages

cd /etc/apt
cp preferences preferences.old
cat preferences.old - > preferences <<EOF
Package: *
Pin: release o=you@your-place.com
Pin-Priority: 901

EOF

cp sources.list sources.list.old
cat sources.list.old - > sources.list <<EOF
# local compiled packages
deb file:///usr/local/apt/sarge/ ./

EOF


# install the package
apt-get update
apt-get install
_______________________________________________
vox-tech mailing list
vox-tech@lists.lugod.org
http://lists.lugod.org/mailman/listinfo/vox-tech



LinkedIn
LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
facebook
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
Sunset Systems
Who graciously hosts our website & mailing lists!