• Willkommen im Linux Club - dem deutschsprachigen Supportforum für GNU/Linux. Registriere dich kostenlos, um alle Inhalte zu sehen und Fragen zu stellen.

iptables auf Version 1.3.5 updaten: brauche Hilfe

Kayne

Newbie
Hallo,

ich habe ein SuSE Linux 9.3 64 Bit System. Die vorhandene iptables-Version auf dem System ist 1.3.1: die ist leider zu alt. Nun möchte ich iptables auf Version 1.3.5 updaten, habe jedoch erhebliche Probleme.

RPM's mit iptables 1.3.5 für SuSE 9.3 64 Bit habe ich leider nicht finden können, also wollte ich es manuell machen. Das Problem:
die Angabe von "KERNEL_DIR". Wie lautet die korrekte Pfadangabe zur Kerneldir in SuSE 9.3 64 Bit?

Ich hoffe ihr könnt mir da helfen.
Vielen Dank.
 
OP
K

Kayne

Newbie
Hi Freecoffee,

danke für deine Hilfe. Die Version 1.3.1 ist in soweit zu alt, dass sie nicht kompatibel zu Plesk ist. Plesk setzt 1.3.5 vorraus, und das versuche ich nun einzurichten, leider erfolglos.

Die Kernelsourcen habe ich nun installiert und versucht iptables zu installieren; jedoch erhalte ich einen Haufen Fehlermeldungen:

from include/iptables.h:5,
from extensions/libipt_CLUSTERIP.c:18:
/usr/src/linux/include/linux/if.h:36:1: warning: "IFF_RUNNING" redefined
In file included from include/libiptc/ipt_kernel_headers.h:14,
from include/libiptc/libiptc.h:5,
from include/iptables.h:5,
from extensions/libipt_CLUSTERIP.c:18:
/usr/include/net/if.h:58:1: warning: this is the location of the previous definition
In file included from /usr/src/linux/include/linux/netdevice.h:28,
from /usr/src/linux/include/linux/netfilter_ipv4.h:10,
from /usr/src/linux/include/linux/netfilter_ipv4/ip_tables.h:26,
from include/libiptc/libiptc.h:6,
from include/iptables.h:5,
from extensions/libipt_CLUSTERIP.c:18:
/usr/src/linux/include/linux/if.h:37:1: warning: "IFF_NOARP" redefined
In file included from include/libiptc/ipt_kernel_headers.h:14,
from include/libiptc/libiptc.h:5,
from include/iptables.h:5,
from extensions/libipt_CLUSTERIP.c:18:
/usr/include/net/if.h:60:1: warning: this is the location of the previous definition
In file included from /usr/src/linux/include/linux/netdevice.h:28,
from /usr/src/linux/include/linux/netfilter_ipv4.h:10,
from /usr/src/linux/include/linux/netfilter_ipv4/ip_tables.h:26,
from include/libiptc/libiptc.h:6,
from include/iptables.h:5,
from extensions/libipt_CLUSTERIP.c:18:
/usr/src/linux/include/linux/if.h:38:1: warning: "IFF_PROMISC" redefined
In file included from include/libiptc/ipt_kernel_headers.h:14,
from include/libiptc/libiptc.h:5,
from include/iptables.h:5,
from extensions/libipt_CLUSTERIP.c:18:
/usr/include/net/if.h:62:1: warning: this is the location of the previous definition
In file included from /usr/src/linux/include/linux/netdevice.h:28,
from /usr/src/linux/include/linux/netfilter_ipv4.h:10,
from /usr/src/linux/include/linux/netfilter_ipv4/ip_tables.h:26,
from include/libiptc/libiptc.h:6,
from include/iptables.h:5,
from extensions/libipt_CLUSTERIP.c:18:
/usr/src/linux/include/linux/if.h:39:1: warning: "IFF_ALLMULTI" redefined
In file included from include/libiptc/ipt_kernel_headers.h:14,
from include/libiptc/libiptc.h:5,
from include/iptables.h:5,
from extensions/libipt_CLUSTERIP.c:18:
/usr/include/net/if.h:66:1: warning: this is the location of the previous definition
In file included from /usr/src/linux/include/linux/netdevice.h:28,
from /usr/src/linux/include/linux/netfilter_ipv4.h:10,
from /usr/src/linux/include/linux/netfilter_ipv4/ip_tables.h:26,
from include/libiptc/libiptc.h:6,
from include/iptables.h:5,
from extensions/libipt_CLUSTERIP.c:18:
/usr/src/linux/include/linux/if.h:41:1: warning: "IFF_MASTER" redefined
In file included from include/libiptc/ipt_kernel_headers.h:14,
from include/libiptc/libiptc.h:5,
from include/iptables.h:5,
from extensions/libipt_CLUSTERIP.c:18:
/usr/include/net/if.h:69:1: warning: this is the location of the previous definition
In file included from /usr/src/linux/include/linux/netdevice.h:28,
from /usr/src/linux/include/linux/netfilter_ipv4.h:10,
from /usr/src/linux/include/linux/netfilter_ipv4/ip_tables.h:26,
from include/libiptc/libiptc.h:6,
from include/iptables.h:5,
from extensions/libipt_CLUSTERIP.c:18:
/usr/src/linux/include/linux/if.h:42:1: warning: "IFF_SLAVE" redefined
In file included from include/libiptc/ipt_kernel_headers.h:14,
from include/libiptc/libiptc.h:5,
from include/iptables.h:5,
from extensions/libipt_CLUSTERIP.c:18:
/usr/include/net/if.h:71:1: warning: this is the location of the previous definition
In file included from /usr/src/linux/include/linux/netdevice.h:28,
from /usr/src/linux/include/linux/netfilter_ipv4.h:10,
from /usr/src/linux/include/linux/netfilter_ipv4/ip_tables.h:26,
from include/libiptc/libiptc.h:6,
from include/iptables.h:5,
from extensions/libipt_CLUSTERIP.c:18:
/usr/src/linux/include/linux/if.h:44:1: warning: "IFF_MULTICAST" redefined
In file included from include/libiptc/ipt_kernel_headers.h:14,
from include/libiptc/libiptc.h:5,
from include/iptables.h:5,
from extensions/libipt_CLUSTERIP.c:18:
/usr/include/net/if.h:74:1: warning: this is the location of the previous definition
In file included from /usr/src/linux/include/linux/netdevice.h:28,
from /usr/src/linux/include/linux/netfilter_ipv4.h:10,
from /usr/src/linux/include/linux/netfilter_ipv4/ip_tables.h:26,
from include/libiptc/libiptc.h:6,
from include/iptables.h:5,
from extensions/libipt_CLUSTERIP.c:18:
/usr/src/linux/include/linux/if.h:48:1: warning: "IFF_PORTSEL" redefined
In file included from include/libiptc/ipt_kernel_headers.h:14,
from include/libiptc/libiptc.h:5,
from include/iptables.h:5,
from extensions/libipt_CLUSTERIP.c:18:
/usr/include/net/if.h:77:1: warning: this is the location of the previous definition
In file included from /usr/src/linux/include/linux/netdevice.h:28,
from /usr/src/linux/include/linux/netfilter_ipv4.h:10,
from /usr/src/linux/include/linux/netfilter_ipv4/ip_tables.h:26,
from include/libiptc/libiptc.h:6,
from include/iptables.h:5,
from extensions/libipt_CLUSTERIP.c:18:
/usr/src/linux/include/linux/if.h:49:1: warning: "IFF_AUTOMEDIA" redefined
In file included from include/libiptc/ipt_kernel_headers.h:14,
from include/libiptc/libiptc.h:5,
from include/iptables.h:5,
from extensions/libipt_CLUSTERIP.c:18:
/usr/include/net/if.h:79:1: warning: this is the location of the previous definition
In file included from /usr/src/linux/include/linux/netdevice.h:28,
from /usr/src/linux/include/linux/netfilter_ipv4.h:10,
from /usr/src/linux/include/linux/netfilter_ipv4/ip_tables.h:26,
from include/libiptc/libiptc.h:6,
from include/iptables.h:5,
from extensions/libipt_CLUSTERIP.c:18:
/usr/src/linux/include/linux/if.h:95: error: redefinition of `struct ifmap'
/usr/src/linux/include/linux/if.h:131: error: redefinition of `struct ifreq'
/usr/src/linux/include/linux/if.h:181: error: redefinition of `struct ifconf'
In file included from /usr/src/linux/include/net/protocol.h:28,
from /usr/src/linux/include/linux/netfilter_ipv4.h:11,
from /usr/src/linux/include/linux/netfilter_ipv4/ip_tables.h:26,
from include/libiptc/libiptc.h:6,
from include/iptables.h:5,
from extensions/libipt_CLUSTERIP.c:18:
/usr/src/linux/include/linux/in6.h:31: error: redefinition of `struct in6_addr'
/usr/src/linux/include/linux/in6.h:54: error: redefinition of `struct sockaddr_in6'
/usr/src/linux/include/linux/in6.h:62: error: redefinition of `struct ipv6_mreq'
In file included from /usr/src/linux/include/net/protocol.h:28,
from /usr/src/linux/include/linux/netfilter_ipv4.h:11,
from /usr/src/linux/include/linux/netfilter_ipv4/ip_tables.h:26,
from include/libiptc/libiptc.h:6,
from include/iptables.h:5,
from extensions/libipt_CLUSTERIP.c:18:
/usr/src/linux/include/linux/in6.h:131:1: warning: "IPPROTO_HOPOPTS" redefined
In file included from /usr/include/netinet/ip.h:25,
from include/libiptc/ipt_kernel_headers.h:9,
from include/libiptc/libiptc.h:5,
from include/iptables.h:5,
from extensions/libipt_CLUSTERIP.c:18:
/usr/include/netinet/in.h:36:1: warning: this is the location of the previous definition
In file included from /usr/src/linux/include/net/protocol.h:28,
from /usr/src/linux/include/linux/netfilter_ipv4.h:11,
from /usr/src/linux/include/linux/netfilter_ipv4/ip_tables.h:26,
from include/libiptc/libiptc.h:6,
from include/iptables.h:5,
from extensions/libipt_CLUSTERIP.c:18:
/usr/src/linux/include/linux/in6.h:132:1: warning: "IPPROTO_ROUTING" redefined
In file included from /usr/include/netinet/ip.h:25,
from include/libiptc/ipt_kernel_headers.h:9,
from include/libiptc/libiptc.h:5,
from include/iptables.h:5,
from extensions/libipt_CLUSTERIP.c:18:
/usr/include/netinet/in.h:58:1: warning: this is the location of the previous definition
In file included from /usr/src/linux/include/net/protocol.h:28,
from /usr/src/linux/include/linux/netfilter_ipv4.h:11,
from /usr/src/linux/include/linux/netfilter_ipv4/ip_tables.h:26,
from include/libiptc/libiptc.h:6,
from include/iptables.h:5,
from extensions/libipt_CLUSTERIP.c:18:
/usr/src/linux/include/linux/in6.h:133:1: warning: "IPPROTO_FRAGMENT" redefined
In file included from /usr/include/netinet/ip.h:25,
from include/libiptc/ipt_kernel_headers.h:9,
from include/libiptc/libiptc.h:5,
from include/iptables.h:5,
from extensions/libipt_CLUSTERIP.c:18:
/usr/include/netinet/in.h:60:1: warning: this is the location of the previous definition
In file included from /usr/src/linux/include/net/protocol.h:28,
from /usr/src/linux/include/linux/netfilter_ipv4.h:11,
from /usr/src/linux/include/linux/netfilter_ipv4/ip_tables.h:26,
from include/libiptc/libiptc.h:6,
from include/iptables.h:5,
from extensions/libipt_CLUSTERIP.c:18:
/usr/src/linux/include/linux/in6.h:134:1: warning: "IPPROTO_ICMPV6" redefined
In file included from /usr/include/netinet/ip.h:25,
from include/libiptc/ipt_kernel_headers.h:9,
from include/libiptc/libiptc.h:5,
from include/iptables.h:5,
from extensions/libipt_CLUSTERIP.c:18:
/usr/include/netinet/in.h:70:1: warning: this is the location of the previous definition
In file included from /usr/src/linux/include/net/protocol.h:28,
from /usr/src/linux/include/linux/netfilter_ipv4.h:11,
from /usr/src/linux/include/linux/netfilter_ipv4/ip_tables.h:26,
from include/libiptc/libiptc.h:6,
from include/iptables.h:5,
from extensions/libipt_CLUSTERIP.c:18:
/usr/src/linux/include/linux/in6.h:135:1: warning: "IPPROTO_NONE" redefined
In file included from /usr/include/netinet/ip.h:25,
from include/libiptc/ipt_kernel_headers.h:9,
from include/libiptc/libiptc.h:5,
from include/iptables.h:5,
from extensions/libipt_CLUSTERIP.c:18:
/usr/include/netinet/in.h:72:1: warning: this is the location of the previous definition
In file included from /usr/src/linux/include/net/protocol.h:28,
from /usr/src/linux/include/linux/netfilter_ipv4.h:11,
from /usr/src/linux/include/linux/netfilter_ipv4/ip_tables.h:26,
from include/libiptc/libiptc.h:6,
from include/iptables.h:5,
from extensions/libipt_CLUSTERIP.c:18:
/usr/src/linux/include/linux/in6.h:136:1: warning: "IPPROTO_DSTOPTS" redefined
In file included from /usr/include/netinet/ip.h:25,
from include/libiptc/ipt_kernel_headers.h:9,
from include/libiptc/libiptc.h:5,
from include/iptables.h:5,
from extensions/libipt_CLUSTERIP.c:18:
/usr/include/netinet/in.h:74:1: warning: this is the location of the previous definition
In file included from /usr/src/linux/include/net/protocol.h:28,
from /usr/src/linux/include/linux/netfilter_ipv4.h:11,
from /usr/src/linux/include/linux/netfilter_ipv4/ip_tables.h:26,
from include/libiptc/libiptc.h:6,
from include/iptables.h:5,
from extensions/libipt_CLUSTERIP.c:18:
/usr/src/linux/include/linux/in6.h:166:1: warning: "IPV6_ADD_MEMBERSHIP" redefined
In file included from /usr/include/netinet/in.h:345,
from /usr/include/netinet/ip.h:25,
from include/libiptc/ipt_kernel_headers.h:9,
from include/libiptc/libiptc.h:5,
from include/iptables.h:5,
from extensions/libipt_CLUSTERIP.c:18:
/usr/include/bits/in.h:137:1: warning: this is the location of the previous definition
In file included from /usr/src/linux/include/net/protocol.h:28,
from /usr/src/linux/include/linux/netfilter_ipv4.h:11,
from /usr/src/linux/include/linux/netfilter_ipv4/ip_tables.h:26,
from include/libiptc/libiptc.h:6,
from include/iptables.h:5,
from extensions/libipt_CLUSTERIP.c:18:
/usr/src/linux/include/linux/in6.h:167:1: warning: "IPV6_DROP_MEMBERSHIP" redefined
In file included from /usr/include/netinet/in.h:345,
from /usr/include/netinet/ip.h:25,
from include/libiptc/ipt_kernel_headers.h:9,
from include/libiptc/libiptc.h:5,
from include/iptables.h:5,
from extensions/libipt_CLUSTERIP.c:18:
/usr/include/bits/in.h:138:1: warning: this is the location of the previous definition
In file included from /usr/src/linux/include/net/protocol.h:30,
from /usr/src/linux/include/linux/netfilter_ipv4.h:11,
from /usr/src/linux/include/linux/netfilter_ipv4/ip_tables.h:26,
from include/libiptc/libiptc.h:6,
from include/iptables.h:5,
from extensions/libipt_CLUSTERIP.c:18:
/usr/src/linux/include/linux/ipv6.h:19: error: redefinition of `struct in6_pktinfo'
In file included from /usr/src/linux/include/linux/netfilter_ipv4.h:11,
from /usr/src/linux/include/linux/netfilter_ipv4/ip_tables.h:26,
from include/libiptc/libiptc.h:6,
from include/iptables.h:5,
from extensions/libipt_CLUSTERIP.c:18:
/usr/src/linux/include/net/protocol.h:38: warning: `struct sk_buff' declared inside parameter list
/usr/src/linux/include/net/protocol.h:38: warning: its scope is only this definition or declaration, which is probably not what you want
/usr/src/linux/include/net/protocol.h:39: error: syntax error before "u32"
/usr/src/linux/include/net/protocol.h:39: warning: `struct sk_buff' declared inside parameter list
/usr/src/linux/include/net/protocol.h:47: warning: `struct sk_buff' declared inside parameter list
/usr/src/linux/include/net/protocol.h:52: warning: `struct inet6_skb_parm' declared inside parameter list
/usr/src/linux/include/net/protocol.h:52: warning: `struct sk_buff' declared inside parameter list
/usr/src/linux/include/net/protocol.h:62: error: field `list' has incomplete type
make: *** [extensions/libipt_CLUSTERIP_sh.o] Error 1

Ich weiß damit leider nichts anzufangen. Habe gegooglet und die Foren durchstöbert, die ich kenne: ohne Erfolg. Ist zu den Fehlern evtl. etwas bekannt?
 

nbkr

Guru
Warum tauschst Du nicht Plesk gegen was anders aus? iptables auszutauschen damit Plesk läuft ist wie den Motor austauschen nur damit der Aufkleber auf der Kofferaumklappe passt. Es gibt soviele alternative zu Plesk (syscp z.B.) das die Methode vermutlich einfacher ist.
 
OP
K

Kayne

Newbie
Warum ich Plesk nicht austausche, kann ich sagen:
Weil ich für dieses Produkt zahle, wenn man so will, damit man es nutzen kann. Ich kenne eine Menge alternativen, und nutze sie auf anderen Servern auch. Jedoch ist Plesk das bauchbarste von allen, und es unterstützt eine Menge Funktionen, die benötigt sind. Der Beitrag den du schreibst: ich sehe es genau andersrum. Warum soll ich meine Administrationssoftware austauschen, nur damit ich dann vielleicht dieses Problem mehr habe? - Da scheint mir ein Update der Firewall smarter.

Ich würde einem Nutzer einfach gerne die Pleskfirewall zur Verfügung stellen. Darauf zu verzichten wäre nicht unbedingt gewünscht. Ansonsten könnte man ja auch die SuSE Firewall 2 nehmen. Sofern sie funktioniert (das habe ich noch gar nicht getestet).

Ich denke ein Update der iptables sollte problemlos möglich sein, ich wüsste zumindest nicht, warum nicht. Am einfachsten wäre es wahrscheinlich wirklich die SuSE Firewall2 zu nehmen, jedoch möchte ich erst alle Möglichkeiten ausschöpfen, die IPTables zu aktualisieren.
 
Oben