Good day,
I am trying to make my iptables work with '-m random', which
is a
topic discussed many times by many people, as you know.
>From already existing information on the network,
everyone said the
'official' way is to using the 'patch-o-matic' to patch
iptables and
the kernel. So I downloaded these things:
kernel version: 2.6.16.21
iptables version: 1.3.8-6904 (svn checkout)
patch-o-matic-ng version: 20070711 (snapshot)
but after going through the '#./runme extra' script within
patch-o-matic, I found no patch is related to the '-m
random' thing.
So my question is: does patch-o-matic-ng include a patch for
'-m
random'? If not, is there some place I can get that patch?
PS: I've also found a discussion on lists.netfilter.org, in
which a
manual method is suggested:
http://lists.netfilter.org/pipermail/netfilt
er/2006-July/066313.html
However, it seems that the suggestion is for older kernels
because
kernel implementation in those places have changed somehow:
1. Although I can find the 'match()' and 'checkentry()'
methods in
'include/linux/netfilter/x
_tables.h', they take another form now,
2. and more importantly, the whole kernel sources don't
contain a
'ipt_rand_info' structure (and I am a little confusing about
where to
put '.matchsize = sizeof(ipt_rand_info)')
Any idea? Thank you! 
Regards,
- Feng
|