[PATCH] Warn people that ipchains and ipfwadm are going away.

Richard B. Johnson root at chaos.analogic.com
Wed Sep 22 16:13:07 CEST 2004


On Wed, 22 Sep 2004, Jesper Juhl wrote:

> On Wed, 22 Sep 2004, Marc Ballarin wrote:
>
> > Date: Wed, 22 Sep 2004 15:37:07 +0200
> > From: Marc Ballarin <Ballarin.Marc at gmx.de>
> > To: Patrick McHardy <kaber at trash.net>
> > Cc: davem at davemloft.net, rusty at rustcorp.com.au, torvalds at osdl.org,
> >     netfilter-devel at lists.netfilter.org, linux-kernel at vger.kernel.org
> > Subject: Re: [PATCH] Warn people that ipchains and ipfwadm are going away.
> >
> > On Wed, 22 Sep 2004 02:16:08 +0200
> > Patrick McHardy <kaber at trash.net> wrote:
> >
> > > Fixed by this patch.
> >
> > Yes, works fine. Does this mean that ipchains was broken for a while, but
> > no one complained?
> >
> > Anyway, here is another trivial patch against -bk7 that adds runtime
> > warnings. IMO most users are going to miss compile time warnings, or
> > won't even compile kernels themselves.
> >
>
> I like having runtime info as well as a compile time warning, but maybe
> the message should mention that iptables is staying and people should
> migrate??
>
> > +	printk(KERN_WARNING
> > +		"Warning: ipchains is obsolete, and will be removed soon!\n");
> > +
>
> Perhaps something like this instead:
>
> "Warning: ipchains is obsolete, and will be removed soon. Please migrate to iptables."
>
>
> --
> Jesper Juhl

FYI. I just migrated to iptables. The code downloaded from the Debian
site did not compile cleanly, but enough worked to make most of the
shared libraries and the iptables executable.

The total time to do everything was slightly under 2 hours.

The errors from the distribution are:


cc -O2 -Wall -Wunused -I/usr/src/linux-2.4.26/include -Iinclude/ -DNETFILTER_VERSION=\"1.2.6a\"  -fPIC -o extensions/libipt_ECN_sh.o -c extensions/libipt_ECN.c
extensions/libipt_ECN.c: In function `parse':
extensions/libipt_ECN.c:51: `IPT_ECN_OP_REMOVE' undeclared (first use in this function)
extensions/libipt_ECN.c:51: (Each undeclared identifier is reported only once
extensions/libipt_ECN.c:51: for each function it appears in.)
extensions/libipt_ECN.c: In function `print':
extensions/libipt_ECN.c:82: `IPT_ECN_OP_REMOVE' undeclared (first use in this function)
extensions/libipt_ECN.c:83: warning: unreachable code at beginning of switch statement
extensions/libipt_ECN.c: In function `save':
extensions/libipt_ECN.c:99: `IPT_ECN_OP_REMOVE' undeclared (first use in this function)
extensions/libipt_ECN.c:100: warning: unreachable code at beginning of switch statement

make: [extensions/libipt_ECN_sh.o] Error 1 (ignored)
ld -shared -o extensions/libipt_ECN.so extensions/libipt_ECN_sh.o
ld: cannot open extensions/libipt_ECN_sh.o: No such file or directory
make: [extensions/libipt_ECN.so] Error 1 (ignored)


ip6tables.o: In function `addr_to_host':
ip6tables.o(.text+0x4d8): undefined reference to `getnameinfo'
ip6tables.o: In function `parse_hostnetworkmask':
ip6tables.o(.text+0x731): undefined reference to `in6addr_any'
ip6tables.o: In function `print_firewall':
ip6tables.o(.text+0x19e7): undefined reference to `in6addr_any'
collect2: ld returned 1 exit status
make: [ip6tables] Error 1 (ignored)


The build command was:

#
#!/bin/sh
#
#make pending-patches KERNEL_DIR=/usr/src/linux-`uname -r`
make -i  KERNEL_DIR=/usr/src/linux-`uname -r`


The pending patches resulted in many rejects but the kernel
was virgin 2.4.26.


Cheers,
Dick Johnson
Penguin : Linux version 2.4.26 on an i686 machine (5570.56 BogoMips).
            Note 96.31% of all statistics are fiction.




More information about the netfilter-devel mailing list