From mboxrd@z Thu Jan 1 00:00:00 1970 From: Matthias Fischer To: development@lists.ipfire.org Subject: Re: Duplicate files created by 'iptables 1.6.0' and 'ebtables 2.0.10-4' Date: Fri, 01 Apr 2016 08:21:42 +0200 Message-ID: <56FE1376.9000804@ipfire.org> In-Reply-To: <1459464825.30749.255.camel@ipfire.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============0918345809662358709==" List-Id: --===============0918345809662358709== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Hi, On 01.04.2016 00:53, Michael Tremer wrote: > Hi, >=20 > On Wed, 2016-03-30 at 00:06 +0200, Matthias Fischer wrote: >> Hi, >>=20 >> On 29.03.2016 23:00, Michael Tremer wrote: >> >=20 >> > Hi, >> >=20 >> > this actually should not happen. >> Ok, then being suspicious was perhaps right. >=20 > Yes. Ok. Good. >> >=20 >> > Why is iptables building ebtables stuff? >> I think because its a new version. I wrote about this yesterday in "Some >> delicate updates...", after I started preparing some updates, based on >> 'next'. One of these is 'iptables 1.6.0'. While preparing a backup to >> test these updates on my production machine, I noticed that some files >> existed twice, in different directories, belonging to 'iptables' and >> 'ebtables'. By now, I didn't go any further. >>=20 >> >=20 >> > Have these two been merged? >> Only one - 'ebtables': >> 'add ebtables & arptables for configuring the filter of a >> ethernet-bridge' was added 2008-03-25 by arne_f, 'ebtables: Update to >> 2.0.10-4' was added 2012-11-11 by Michael Tremer, ;-) >>=20 >> 'iptables 1.6.0' isn't even pushed or uploaded or anything else yet. I'm >> just testing. >=20 > I was actually asking if ebtables is merged into the iptables package. Ups. Sorry, "academical misunderstood"... > Maybe we should stay on the last release?! For now, I'd say 'Yes'! I'll take a closer look at it! >> > Can you disable it? >> Thats why I'm asking here. I found no option yet to disable building the >> 'libebt*-files in 'iptables 1.6.0'. For now I just commented the >> duplicate files in the new 'iptables'-rootfile. If thats all I have to >> do, then everything is fine. If not, we'll have to look for another >> solution. I don't know - and can't judge yet - if commenting these files >> could have any unwanted effects to any 'iptables'-functions. As long as >> we stick to the '1.4.21'-version, nothing will happen. >=20 > I think if you try to load the wrong files that should certainly break thin= gs as > there will be an ABI mismatch. >=20 >>=20 >> By the way: at this moment, an additional test build, containing the >> five updates from my previous post, was finished. Without any errors, >> but again with the duplicates from 'iptables 1.6.0' and from 'ebtables'. >> Do you want me to send the diffs? I could push them to GIT so you could >> take a look. >=20 > No need for me. >=20 >>=20 >> Best, Matthias >>=20 >> >=20 >> >=20 >> > -Michael >>=20 >> >=20 >> > On Tue, 2016-03-29 at 20:37 +0200, Matthias Fischer wrote: >> > >=20 >> > > Hi, >> > >=20 >> > > As I wrote before I'm testing with 'iptables 1.6.0'. >> > >=20 >> > > While looking which files I would need to backup so I could run some >> > > tests on my production machine I found that 'iptables 1.6.0' and curre= nt >> > > 'ebtables 2.0.10-4' are building duplicate files. >> > >=20 >> > > 'ebtables' puts them in '/usr/lib', 'iptables 1.6.0' in '/lib/xtables': >> > >=20 >> > > libebt_802_3.so >> > > libebt_ip.so >> > > libebt_log.so >> > > libebt_mark_m.so >> > >=20 >> > > What would be the best way to handle this? Comment in (which?) rootfil= e? >> > >=20 >> > > As an info: >> > > 'iptables 1.6.0' was build with the new option '--disable-nftables', >> > > otherwise build failed: "fatal error: libnftnl/rule.h: No such file or >> > > directory". >> > >=20 >> > > Best, >> > > Matthias >> > >=20 >> > >=20 >=20 --===============0918345809662358709==--