From: Pablo Neira Ayuso <pablo@netfilter.org>
To: Shivani Bhardwaj <shivanib134@gmail.com>
Cc: netfilter-devel@vger.kernel.org
Subject: Re: using connlabel match
Date: Sat, 5 Mar 2016 13:37:20 +0100 [thread overview]
Message-ID: <20160305123720.GA2691@salvia> (raw)
In-Reply-To: <CAKHNQQF6-3OgGbnF5=Wm46-=d0j80ExwiEVV7Rrm6czLT4YHGw@mail.gmail.com>
Hi Shivani,
On Fri, Mar 04, 2016 at 04:05:24AM +0530, Shivani Bhardwaj wrote:
> Hi Pablo,
>
> connlabel match never loads. It shows
> iptables v1.6.0: Couldn't load match `connlabel':No such file or directory
>
> I see this conversation here:
> https://patchwork.ozlabs.org/patch/386215/ and the patch which causes
> this http://git.netfilter.org/iptables/commit/?id=51340f7b6a1103b12d86ef488f7140406d80401e.
> However, Florian sent a patch to deal with this
> http://git.netfilter.org/iptables/commit/?id=825fbda5482a7d5ec5a6619c81fe07ff865c7d6e.
> May be I'm doing it all wrong. I'm not sure how connlabel should be
> used. Could you please clarify?
Please, check that you have libnetfilter_conntrack and by when you
call iptables ./configure it doesn't show that connlabel is enabled.
WARNING: libnetfilter_conntrack not found, connlabel match will not be built
It would be good to fix this in configure.ac in iptables so the
iptables configuration shows that connlabel support is on/off.
Iptables Configuration:
IPv4 support: ${enable_ipv4}
IPv6 support: ${enable_ipv6}
Devel support: ${enable_devel}
IPQ support: ${enable_libipq}
Large file support: ${enable_largefile}
BPF utils support: ${enable_bpfc}
nfsynproxy util support: ${enable_nfsynproxy}
nftables support: ${enable_nftables}
Build parameters:
Put plugins into executable (static): ${enable_static}
Support plugins via dlopen (shared): ${enable_shared}
Installation prefix (--prefix): ${prefix}
Xtables extension directory: ${e_xtlibdir}
Pkg-config directory: ${e_pkgconfigdir}"
Would you mind sending a patch for configure.ac in iptables?
parent reply other threads:[~2016-03-05 12:37 UTC|newest]
Thread overview: expand[flat|nested] mbox.gz Atom feed
[parent not found: <CAKHNQQF6-3OgGbnF5=Wm46-=d0j80ExwiEVV7Rrm6czLT4YHGw@mail.gmail.com>]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20160305123720.GA2691@salvia \
--to=pablo@netfilter.org \
--cc=netfilter-devel@vger.kernel.org \
--cc=shivanib134@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.