[vox-tech] HOWTO: use iptables on Debian/sarge when running a
64-bit amd kernel
Mike Simons
msimons at simons-clan.com
Sat Apr 30 05:52:34 PDT 2005
I figure documenting these steps here may save some else a little time
when they do a google search... since this issue may be around for a while.
I did these steps once and the result works for me... haven't checked
for typos in the steps below, so be cautious.
This might not be the "best" way to do this, I didn't see anything on
google when I looked.
The Issue ...
32-bit iptables doesn't work on a machine running amd64 kernel, when run
it reports:
===
# iptables -L
iptables v1.2.11: can't initialize iptables table `filter': Module is
wrong version Perhaps iptables or your kernel needs to be upgraded.
===
Debian sarge only supplies iptables as a 32-bit package, see bug:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=293938
So you can run a 32-bit kernel or...
two work arounds:
- Compile iptables as 64 bit yourself
- Use my package for sarge
Use my package for sarge:
========================
Understand that when you do the install step below, you'll be running
lots of files from my machine as root without having looked at them first.
If you do this, you must trust me and believe that no one has broken
into my machine (and replaced the files with something bad).
in /etc/apt/sources.list add the following lines:
===
# Mike's iptables packages for amd-64
deb http://simons-clan.com/~msimons/amd64/ sarge main
===
in /etc/apt/preferences add the following lines:
===
Package: *
# Pin: release o=msimons at simons-clan.com
Pin: origin simons-clan.com
Pin-Priority: 901
===
then run:
===
apt-get update
apt-get install iptables
===
Compile iptables as 64-bit yourself:
===================================
This general approach should work for anyone wanting 64bit package in
debian.
Once you have a local apt source setup, you can do all kinds of things
like recompile modern "unstable" versions of packages against a future
stable/sarge ... so you can have the latest without pulling in hundreds
of other unstable packages.
Please let me know if there are any errors in the following steps.
as root... in a bash shell, run the following
(step by step, watching for error message is a good idea).
===
# step system to compile
apt-get build-deps iptables
apt-get install gcc-3.4 amd64-libs-dev amd64-libs lib64gcc1
apt-get source iptables
# prep, fixup, and compile package
cd /usr/src/iptables-*[0-9]
./debian/rules prep
CC="gcc-3.4 -m64" ./debian/rules build
# setup a local apt source, to hold the package
cd /usr/src
mkdir -p /usr/local/apt/sarge
cp *deb /usr/local/apt/sarge
cat > /usr/local/apt/sarge/Release <<EOF
Archive: sarge
Component: main
Version: 3.0
Origin: you at your-place.com
Label: special-sarge
Architecture: i386
EOF
cd /usr/local/apt/sarge
dpkg-scanpackages . /dev/null > Packages
cd /etc/apt
cp preferences preferences.old
cat preferences.old - > preferences <<EOF
Package: *
Pin: release o=you at your-place.com
Pin-Priority: 901
EOF
cp sources.list sources.list.old
cat sources.list.old - > sources.list <<EOF
# local compiled packages
deb file:///usr/local/apt/sarge/ ./
EOF
# install the package
apt-get update
apt-get install
More information about the vox-tech
mailing list