Rebuild procedure for patch-o-matic : - download latest version from ftp://ftp.netfilter.org/ - untar it to a temporary directory - apply the file 'patch-o-matic-fixes.diff', located in the same directory as this help file, to fix wrong diffs in u32 and tcp_window_tracking. - copy the latest pre-release kernel to a new directory - do a "KERNEL_DIR=path_to_new_kernel ./runme extra" (!!!! be sure that bash is 2.05 !!!) - each time the patchsets switch to submitted, pending, base, extra..., dup the tree to the corresponding name, to diff them later like this : # old=linux-2.4.21-bk-1.1141 # for i in pending base extra optim; do new=linux-2.4.21-bk1141-pom-20030429-$i (cd $new && make distclean) diff -urN $old $new > patch-2.4.21-bk-1.1141-pom-20030429-$i old=$new done - apply patch-XXX-pom-XXXX-pre-extra to the kernel before applying extra patches, if needed ============= Already applied: submitted/01_2.4.19 submitted/02_2.4.20 submitted/03_ip_conntrack_proto_tcp-lockfix submitted/04_newnat-udp-helper submitted/05_REJECT-fwspotting-phrack60-fix submitted/06_ftp-conntrack-msg-fix submitted/07_ECN-tcpchecksum-littleendian-fix submitted/08_ftp-conntrack-debugftp submitted/08_mangle_input_noroutemeharder submitted/09_icmp-match-all submitted/10_confirm_fix submitted/10_local-nat-expectfn submitted/11_inner-icmp-translation-fix submitted/13_ftp-conntrack-epsv-typo submitted/14_hl-ipv6 submitted/14_ip6t_ext_hdr-ipv6 submitted/15_ahesp6-ipv6 submitted/16_frag6-ipv6 submitted/17_ipv6header-ipv6 submitted/18_opts6-ipv6 submitted/19_route6-ipv6 submitted/21_tftp-conntrack-nat submitted/22_amanda-conntrack-nat submitted/23_REJECT-headroom-tcprst submitted/24_conntrack-modify-after-free-fix submitted/25_ip_tables-comment-fix submitted/26_ipt_unclean-ubit submitted/27_no_version submitted/28_compat_code_removal submitted/29_mangle-bogus_cast-ipv6 submitted/30_ip6_route_me_harder-ipv6 submitted/31_nat_parse_fix submitted/32_reject-fixes submitted/33_ipqueue_memoryleak submitted/34_ip6queue_memoryleak-ipv6 submitted/35_config_compile_fix-rc1 submitted/36_config_compile_fix submitted/ipt_ULOG-mac_len-fix submitted/ipt_multiport-invfix pending/06_early_drop-backwards pending/20_iptables-proc pending/24_conntrack-nosysctl pending/25_natcore-nohelper pending/26_morethan32cpufix pending/27_include-nfc-order pending/unused_var base/HL-ipv6 base/IPV4OPTSSTRIP base/NETLINK base/NETMAP base/REJECT-ipv6 base/SAME base/TTL base/condition base/condition6-ipv6 base/fuzzy base/fuzzy6-ipv6 base/iplimit base/iprange base/ipv4options base/mport base/nth base/pool base/psd base/quota base/random base/realm base/time base/u32 extra/CLASSIFY extra/CONNMARK extra/ROUTE extra/cuseeme-nat extra/eggdrop-conntrack extra/h323-conntrack-nat extra/ip6_tables-proc-ipv6 extra/ipt_TARPIT avoid extra/ip_conntrack-timeouts extra/mms-conntrack-nat extra/netfilter-docbook extra/nfnetlink-ctnetlink-0.11 extra/owner-socketlookup extra/ownercmd-ipv6 extra/pptp-conntrack-nat extra/quake3-conntrack extra/recent extra/rpc extra/rsh extra/string extra/talk-conntrack-nat extra/tcp-window-tracking ================ Now duplicate the last tree into a new 'optim' tree, then apply manually the optimisation patches : KERNEL_DIR=xxx ./runme optimizations/*patch