Debian Patches

Status for iptables-netflow/2.6-4+deb12u1

Patch Description Author Forwarded Bugs Origin Last update
1005-Do-not-check-for-dkms-if-called-from-dkms.patch [PATCH] Do not check for dkms if called from dkms
the recursive calls slowed down the configure script significantly		 Andreas Beckmann <anbe@debian.org> no 2024-07-03
1006-Set-KDIR-early-if-called-from-dkms-and-get-version-f.patch [PATCH] Set KDIR early if called from dkms and get version from sources Andreas Beckmann <anbe@debian.org> no 2024-07-03
1009-Unexporting-find_module-has-been-backported-to-Linux.patch [PATCH] Unexporting find_module() has been backported to Linux v5.10.220 Andreas Beckmann <anbe@debian.org> no 2024-07-20
ignore-unknown-configure-options.patch Warn about unknown configure options instead of bailing out Avoids "Invalid option: --build=x86_64-linux-gnu" build error.
.
Additionally make it understand some configure options passed by
debhelper by default, namely --prefix, --libdir and --includedir.		 Axel Beckert <abe@debian.org> no upstream
properly-pass-CPPFLAGS-and-LDFLAGS.patch Properly pass $CPPFLAGS and $LDFLAGS Axel Beckert <abe@debian.org> no
disable-kernel-check.patch Disable kernel check in configure script if no dkms is used This means it's skipped during package build but not during install
time when a build of the kernel module is being triggered via dkms.		 Axel Beckert <abe@debian.org> not-needed
dont-hardcode-current-gcc.patch Don't hardcode default gcc version (i.e. don't override $CC if set) Avoids compilation failures with older kernels which can't be
compiled with the current gcc, e.g. 5.7 needs gcc-9 instead of the
current gcc-10 (where the gcc symlink points to).		 Axel Beckert <abe@debian.org> no
cherry-pick_66e43041_namespace_sk_error_report.patch Namespace sk_error_report sk_error_report is introduced in v5.14-rc1: e3ae2365efc14 ("net: sock:
introduce sk_error_report").
.
Fixes compilation against kernel 5.14.

diff --git a/ipt_NETFLOW.c b/ipt_NETFLOW.c
index c4c049d..136c17c 100644		 ABC <abc@openwall.com> no debian commit 66e4304101010108892376866334ec9317b427d8 2021-07-14
cherry-pick_6a55739a_fix_build_on_v5.15.patch [PATCH] Fix build on v5.15 (ct_event)
CC [M] ipt_NETFLOW.o
ipt_NETFLOW.c: In function ‘netflow_conntrack_event’:
ipt_NETFLOW.c:4622:31: error: ‘struct nf_ct_event_notifier’ has no member named ‘fcn’
4622 | ret = notifier->fcn(events, item);
| ^~
ipt_NETFLOW.c: At top level:
ipt_NETFLOW.c:4687:10: error: ‘struct nf_ct_event_notifier’ has no member named ‘fcn’
4687 | .fcn = netflow_conntrack_event
| ^~~
ipt_NETFLOW.c:4687:16: error: initialization of ‘int (*)(unsigned int, const struct nf_ct_event *)’ from incompatible pointer type ‘int (*)(const unsigned int, struct nf_ct_event *)’ [-Werror=incompatible-pointer-types]
4687 | .fcn = netflow_conntrack_event
| ^~~~~~~~~~~~~~~~~~~~~~~
ipt_NETFLOW.c:4687:16: note: (near initialization for ‘ctnl_notifier.ct_event’)
ipt_NETFLOW.c: In function ‘unset_notifier_cb’:
ipt_NETFLOW.c:5455:25: error: too many arguments to function ‘nf_conntrack_unregister_notifier’
5455 | nf_conntrack_unregister_notifier(NET_ARG &ctnl_notifier);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from ./include/net/netfilter/nf_conntrack_core.h:18,
from ipt_NETFLOW.c:68:
./include/net/netfilter/nf_conntrack_ecache.h:88:6: note: declared here
88 | void nf_conntrack_unregister_notifier(struct net *net);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~		 ABC <abc@openwall.com> yes debian upstream 2021-11-25
cherry-pick_0901f028_fix_building_on_old_kernels.patch commit 0901f028617acca350132a65293ab80a480bf233

fix building on old kernels

Link: https://github.com/aabc/ipt-netflow/pull/196

diff --git a/compat.h b/compat.h
index 6be9d6b..847117f 100644		 Vadim Fedorenko <vfedorenko@novek.ru> no 2022-03-28
verbose.patch dump compat_def.h Andreas Beckmann <anbe@debian.org> no

All known versions for source package 'iptables-netflow'

Links