search

inverse-inc / packetfence

PacketFence is a fully supported, trusted, Free and Open Source network access control (NAC) solution. Boasting an impressive feature set including a captive-portal for registration and remediation, centralized wired and wireless management, powerful BYOD management options, 802.1X support, layer-2 isolation of problematic devices; PacketFence can be used to effectively secure networks small to very large heterogeneous networks.
https://packetfence.org
GNU General Public License v2.0
1.3k stars 276 forks source link

dpkg ipt-netflow fails on Debian11 with kernels >= 5.10.0-31-amd64 #8221

Closed satkunas closed 1 month ago

satkunas commented 1 month ago

Describe the bug

Issue with dpkg on Debian11 with both 13.1 and 13.2 (and more?).

(Reading database ... 129387 files and directories currently installed.)
Removing packetfence (13.2.0+20240709194456+1367089233+0011+maintenance~13~2+bullseye1) ...
Setting up iptables-netflow-dkms (2.5.1-2) ...
Removing old ipt-netflow-2.5.1 DKMS files...

------------------------------
Deleting module version: 2.5.1
completely from the DKMS tree.
------------------------------
Done.
Loading new ipt-netflow-2.5.1 DKMS files...
Building for 5.10.0-31-amd64
Building initial module for 5.10.0-31-amd64
Error! Bad return status for module build on kernel: 5.10.0-31-amd64 (x86_64)
Consult /var/lib/dkms/ipt-netflow/2.5.1/build/make.log for more information.
dpkg: error processing package iptables-netflow-dkms (--configure):
 installed iptables-netflow-dkms package post-installation script subprocess returned error exit status 10
Errors were encountered while processing:
 iptables-netflow-dkms
E: Sub-process /usr/bin/dpkg returned an error code (1)

To Reproduce Follow the Installation Guide when installing either 13.2 or 13.1 on Debian11

satkunas commented 1 month ago

error when we install iptables-netflow-dkms

  MODPOST /var/lib/dkms/ipt-netflow/2.5.1/build/Module.symvers
ERROR: modpost: "find_module" [/var/lib/dkms/ipt-netflow/2.5.1/build/ipt_NETFLOW.ko] undefined!

it seems it's related with the kernel version 5.10 and 5.12 https://www.mail-archive.com/debian-bugs-dist@lists.debian.org/msg1980551.html it seems there is a patch https://github.com/aabc/ipt-netflow/commit/5aae3791922bd3df878605b15e83ea48a4bd096c

# uname -r
5.10.0-31-amd64

Custom patch needed with

#if LINUX_VERSION_CODE >= KERNEL_VERSION(5,10,0)
hrodenburg commented 1 month ago

I just noticed this as well while doing a fresh installation. It's specifically related to version 5.10.0-31-amd64. Downgrading to version 5.10.0-30-amd64 resolved this issue. This is not a long-term fix offcourse.

satkunas commented 1 month ago

Unpatched build succeeds on 

uname -r
5.10.0-30-amd64

fails on

uname -r
5.10.0-31-amd64
jrouzierinverse commented 1 month ago

This has been fixed