robert
12-09-2015, 15:19
Hallo,
da ich auf meinem Server einige Scripts zur Überprüfung und Bearbeitung der Firewall bzw. von iptable benutze und diese bisher ausschließlich als (bash) Script geschrieben habe, wollte ich einiges in Perl umschreiben, da es doch etwas einfacher und schneller (sein sollte) ist, als ständig externe Programme dafür aufrufen zu müssen.
Also dachte ich mir, für iptables gibt es das Modul IPTables::IPv4, aber anscheinend ist dies bei Debian nicht vorhanden. Also wollte ich es nach installieren (CPAN), aber es lässt sich nicht kompilieren/installieren.
Hat jemand eine Idee, warum dies nicht nicht funktioniert bzw. was man nehmen könnte?
Gruß
Robert
Nachtrag:
Hier mal die Ausgabe beim Kompilieren...
Starte /usr/bin/perl Makefile.PL && make ..
Checking if your kit is complete...
Looks good
Generating a Unix-style Makefile
Writing Makefile for IPTables::IPv4
Writing MYMETA.yml and MYMETA.json
cp IPv6.pm blib/lib/IPTables/IPv6.pm
AutoSplitting blib/lib/IPTables/IPv6.pm (blib/lib/auto/IPTables/IPv6)
cp IPv4.pm blib/lib/IPTables/IPv4.pm
AutoSplitting blib/lib/IPTables/IPv4.pm (blib/lib/auto/IPTables/IPv4)
cp IPv4/TableTie.pm blib/lib/IPTables/IPv4/TableTie.pm
cp IPv4/RuleList.pm blib/lib/IPTables/IPv4/RuleList.pm
cp IPv4/Toplevel.pm blib/lib/IPTables/IPv4/Toplevel.pm
cp IPv4/Rule.pm blib/lib/IPTables/IPv4/Rule.pm
cp IPv4/Chain.pm blib/lib/IPTables/IPv4/Chain.pm
Running Mkbootstrap for IPTables::IPv4 ()
chmod 644 IPv4.bs
/usr/bin/perl /usr/share/perl/5.20/ExtUtils/xsubpp -noprototypes -typemap /usr/share/perl/5.20/ExtUt
ils/typemap -typemap IPTables.typemap IPv4.xs > IPv4.xsc && mv IPv4.xsc IPv4.c
cc -c -Iinclude -I/usr/src/linux/include -Wall -DMODULE_PATH=\"/usr/local/lib/IPTables-IPv4\" -DPER
L_USES_64BIT_INT -O2 -g -DVERSION=\"0.98\" -DXS_VERSION=\"0.98\" -fPIC "-I/usr/lib/i386-linux-gnu/
perl/5.20/CORE" IPv4.c
IPv4.c: In function 'XS_IPTables__IPv4__Table_list_chains':
IPv4.xs:78:9: warning: variable 'sv' set but not used [-Wunused-but-set-variable]
SV * sv;
^
IPv4.c: In function 'XS_IPTables__IPv4__Table_list_rules':
IPv4.xs:97:11: warning: variable 'sv' set but not used [-Wunused-but-set-variable]
SV * sv;
^
IPv4.c: In function 'XS_IPTables__IPv4__Table_get_policy':
IPv4.xs:129:11: warning: variable 'sv' set but not used [-Wunused-but-set-variable]
SV * sv;
^
IPv4.xs: In function 'XS_IPTables__IPv4__Table_get_references':
IPv4.xs:379:27: warning: pointer targets in passing argument 1 of 'iptc_get_references' differ in si
gnedness [-Wpointer-sign]
if(!iptc_get_references(&RETVAL, chain, self)) {
^
In file included from IPv4.xs:28:0:
include/libiptc/libiptc.h:132:5: note: expected 'unsigned int *' but argument is of type 'int *'
int iptc_get_references(unsigned int *ref,
^
cc -c -Iinclude -I/usr/src/linux/include -Wall -DMODULE_PATH=\"/usr/local/lib/IPTables-IPv4\" -DPER
L_USES_64BIT_INT -O2 -g -DVERSION=\"0.98\" -DXS_VERSION=\"0.98\" -fPIC "-I/usr/lib/i386-linux-gnu/
perl/5.20/CORE" loader.c
cc -c -Iinclude -I/usr/src/linux/include -Wall -DMODULE_PATH=\"/usr/local/lib/IPTables-IPv4\" -DPER
L_USES_64BIT_INT -O2 -g -DVERSION=\"0.98\" -DXS_VERSION=\"0.98\" -fPIC "-I/usr/lib/i386-linux-gnu/
perl/5.20/CORE" packer.c
cc -c -Iinclude -I/usr/src/linux/include -Wall -DMODULE_PATH=\"/usr/local/lib/IPTables-IPv4\" -DPER
L_USES_64BIT_INT -O2 -g -DVERSION=\"0.98\" -DXS_VERSION=\"0.98\" -fPIC "-I/usr/lib/i386-linux-gnu/
perl/5.20/CORE" unpacker.c
cc -c -Iinclude -I/usr/src/linux/include -Wall -DMODULE_PATH=\"/usr/local/lib/IPTables-IPv4\" -DPER
L_USES_64BIT_INT -O2 -g -DVERSION=\"0.98\" -DXS_VERSION=\"0.98\" -fPIC "-I/usr/lib/i386-linux-gnu/
perl/5.20/CORE" maskgen.c
make -C libiptc/ all
make[1]: Entering directory '/tmp/.webmin/IPTables-IPv4-0.98/libiptc'
gcc -o libip4tc.o -c libip4tc.c -I../include -I/usr/src/linux/include -DIPTABLES_VERSION=\"1.2.8\" -
O2 -Wall
In file included from ../include/libiptc/libiptc.h:6:0,
from libip4tc.c:29:
libiptc.c:62:8: error: redefinition of 'struct xt_error_target'
struct ipt_error_target
^
In file included from /usr/include/linux/netfilter_ipv4/ip_tables.h:22:0,
from ../include/libiptc/libiptc.h:6,
from libip4tc.c:29:
/usr/include/linux/netfilter/x_tables.h:69:8: note: originally defined here
struct xt_error_target {
^
In file included from libip4tc.c:116:0:
libiptc.c: In function 'iptc_init':
libiptc.c:312:10: warning: pointer targets in passing argument 5 of 'getsockopt' differ in signednes
s [-Wpointer-sign]
&tmp) < 0) {
^
In file included from /usr/include/netinet/in.h:23:0,
from /usr/include/netinet/ip.h:24,
from ../include/libiptc/ipt_kernel_headers.h:9,
from ../include/libiptc/libiptc.h:5,
from libip4tc.c:29:
/usr/include/i386-linux-gnu/sys/socket.h:219:12: note: expected 'socklen_t * restrict {aka unsigned
int * restrict}' but argument is of type 'int *'
extern int getsockopt (int __fd, int __level, int __optname,
^
In file included from libip4tc.c:116:0:
libiptc.c: In function 'target_name':
libiptc.c:727:2: warning: dereferencing type-punned pointer will break strict-aliasing rules [-Wstri
ct-aliasing]
spos = *(int *)GET_TARGET(e)->data;
^
libiptc.c: In function 'iptc_zero_counter':
libiptc.c:1396:16: warning: variable 'e' set but not used [-Wunused-but-set-variable]
STRUCT_ENTRY *e;
^
libip4tc.c: In function 'dump_entry':
libip4tc.c:170:3: warning: dereferencing type-punned pointer will break strict-aliasing rules [-Wstr
ict-aliasing]
int pos = *(int *)t->data;
^
Makefile:18: recipe for target 'libip4tc.o' failed
make[1]: *** [libip4tc.o] Error 1
make[1]: Leaving directory '/tmp/.webmin/IPTables-IPv4-0.98/libiptc'
Makefile:1064: recipe for target 'libiptc/libiptc.a' failed
make: *** [libiptc/libiptc.a] Error 2
da ich auf meinem Server einige Scripts zur Überprüfung und Bearbeitung der Firewall bzw. von iptable benutze und diese bisher ausschließlich als (bash) Script geschrieben habe, wollte ich einiges in Perl umschreiben, da es doch etwas einfacher und schneller (sein sollte) ist, als ständig externe Programme dafür aufrufen zu müssen.
Also dachte ich mir, für iptables gibt es das Modul IPTables::IPv4, aber anscheinend ist dies bei Debian nicht vorhanden. Also wollte ich es nach installieren (CPAN), aber es lässt sich nicht kompilieren/installieren.
Hat jemand eine Idee, warum dies nicht nicht funktioniert bzw. was man nehmen könnte?
Gruß
Robert
Nachtrag:
Hier mal die Ausgabe beim Kompilieren...
Starte /usr/bin/perl Makefile.PL && make ..
Checking if your kit is complete...
Looks good
Generating a Unix-style Makefile
Writing Makefile for IPTables::IPv4
Writing MYMETA.yml and MYMETA.json
cp IPv6.pm blib/lib/IPTables/IPv6.pm
AutoSplitting blib/lib/IPTables/IPv6.pm (blib/lib/auto/IPTables/IPv6)
cp IPv4.pm blib/lib/IPTables/IPv4.pm
AutoSplitting blib/lib/IPTables/IPv4.pm (blib/lib/auto/IPTables/IPv4)
cp IPv4/TableTie.pm blib/lib/IPTables/IPv4/TableTie.pm
cp IPv4/RuleList.pm blib/lib/IPTables/IPv4/RuleList.pm
cp IPv4/Toplevel.pm blib/lib/IPTables/IPv4/Toplevel.pm
cp IPv4/Rule.pm blib/lib/IPTables/IPv4/Rule.pm
cp IPv4/Chain.pm blib/lib/IPTables/IPv4/Chain.pm
Running Mkbootstrap for IPTables::IPv4 ()
chmod 644 IPv4.bs
/usr/bin/perl /usr/share/perl/5.20/ExtUtils/xsubpp -noprototypes -typemap /usr/share/perl/5.20/ExtUt
ils/typemap -typemap IPTables.typemap IPv4.xs > IPv4.xsc && mv IPv4.xsc IPv4.c
cc -c -Iinclude -I/usr/src/linux/include -Wall -DMODULE_PATH=\"/usr/local/lib/IPTables-IPv4\" -DPER
L_USES_64BIT_INT -O2 -g -DVERSION=\"0.98\" -DXS_VERSION=\"0.98\" -fPIC "-I/usr/lib/i386-linux-gnu/
perl/5.20/CORE" IPv4.c
IPv4.c: In function 'XS_IPTables__IPv4__Table_list_chains':
IPv4.xs:78:9: warning: variable 'sv' set but not used [-Wunused-but-set-variable]
SV * sv;
^
IPv4.c: In function 'XS_IPTables__IPv4__Table_list_rules':
IPv4.xs:97:11: warning: variable 'sv' set but not used [-Wunused-but-set-variable]
SV * sv;
^
IPv4.c: In function 'XS_IPTables__IPv4__Table_get_policy':
IPv4.xs:129:11: warning: variable 'sv' set but not used [-Wunused-but-set-variable]
SV * sv;
^
IPv4.xs: In function 'XS_IPTables__IPv4__Table_get_references':
IPv4.xs:379:27: warning: pointer targets in passing argument 1 of 'iptc_get_references' differ in si
gnedness [-Wpointer-sign]
if(!iptc_get_references(&RETVAL, chain, self)) {
^
In file included from IPv4.xs:28:0:
include/libiptc/libiptc.h:132:5: note: expected 'unsigned int *' but argument is of type 'int *'
int iptc_get_references(unsigned int *ref,
^
cc -c -Iinclude -I/usr/src/linux/include -Wall -DMODULE_PATH=\"/usr/local/lib/IPTables-IPv4\" -DPER
L_USES_64BIT_INT -O2 -g -DVERSION=\"0.98\" -DXS_VERSION=\"0.98\" -fPIC "-I/usr/lib/i386-linux-gnu/
perl/5.20/CORE" loader.c
cc -c -Iinclude -I/usr/src/linux/include -Wall -DMODULE_PATH=\"/usr/local/lib/IPTables-IPv4\" -DPER
L_USES_64BIT_INT -O2 -g -DVERSION=\"0.98\" -DXS_VERSION=\"0.98\" -fPIC "-I/usr/lib/i386-linux-gnu/
perl/5.20/CORE" packer.c
cc -c -Iinclude -I/usr/src/linux/include -Wall -DMODULE_PATH=\"/usr/local/lib/IPTables-IPv4\" -DPER
L_USES_64BIT_INT -O2 -g -DVERSION=\"0.98\" -DXS_VERSION=\"0.98\" -fPIC "-I/usr/lib/i386-linux-gnu/
perl/5.20/CORE" unpacker.c
cc -c -Iinclude -I/usr/src/linux/include -Wall -DMODULE_PATH=\"/usr/local/lib/IPTables-IPv4\" -DPER
L_USES_64BIT_INT -O2 -g -DVERSION=\"0.98\" -DXS_VERSION=\"0.98\" -fPIC "-I/usr/lib/i386-linux-gnu/
perl/5.20/CORE" maskgen.c
make -C libiptc/ all
make[1]: Entering directory '/tmp/.webmin/IPTables-IPv4-0.98/libiptc'
gcc -o libip4tc.o -c libip4tc.c -I../include -I/usr/src/linux/include -DIPTABLES_VERSION=\"1.2.8\" -
O2 -Wall
In file included from ../include/libiptc/libiptc.h:6:0,
from libip4tc.c:29:
libiptc.c:62:8: error: redefinition of 'struct xt_error_target'
struct ipt_error_target
^
In file included from /usr/include/linux/netfilter_ipv4/ip_tables.h:22:0,
from ../include/libiptc/libiptc.h:6,
from libip4tc.c:29:
/usr/include/linux/netfilter/x_tables.h:69:8: note: originally defined here
struct xt_error_target {
^
In file included from libip4tc.c:116:0:
libiptc.c: In function 'iptc_init':
libiptc.c:312:10: warning: pointer targets in passing argument 5 of 'getsockopt' differ in signednes
s [-Wpointer-sign]
&tmp) < 0) {
^
In file included from /usr/include/netinet/in.h:23:0,
from /usr/include/netinet/ip.h:24,
from ../include/libiptc/ipt_kernel_headers.h:9,
from ../include/libiptc/libiptc.h:5,
from libip4tc.c:29:
/usr/include/i386-linux-gnu/sys/socket.h:219:12: note: expected 'socklen_t * restrict {aka unsigned
int * restrict}' but argument is of type 'int *'
extern int getsockopt (int __fd, int __level, int __optname,
^
In file included from libip4tc.c:116:0:
libiptc.c: In function 'target_name':
libiptc.c:727:2: warning: dereferencing type-punned pointer will break strict-aliasing rules [-Wstri
ct-aliasing]
spos = *(int *)GET_TARGET(e)->data;
^
libiptc.c: In function 'iptc_zero_counter':
libiptc.c:1396:16: warning: variable 'e' set but not used [-Wunused-but-set-variable]
STRUCT_ENTRY *e;
^
libip4tc.c: In function 'dump_entry':
libip4tc.c:170:3: warning: dereferencing type-punned pointer will break strict-aliasing rules [-Wstr
ict-aliasing]
int pos = *(int *)t->data;
^
Makefile:18: recipe for target 'libip4tc.o' failed
make[1]: *** [libip4tc.o] Error 1
make[1]: Leaving directory '/tmp/.webmin/IPTables-IPv4-0.98/libiptc'
Makefile:1064: recipe for target 'libiptc/libiptc.a' failed
make: *** [libiptc/libiptc.a] Error 2