Rebuild procedure for patch-o-matic-ng : - download latest version of patch-o-matic-ng and iptables from ftp://ftp.netfilter.org/ (20051202 at the moment) - untar iptables into a fresh directory A (AND DON'T USE A PREVIOUSLY PATCHED ONE !) - untar patch-o-matic-ng into directory B - copy the latest kernel [pre-]release to a new directory - cd $B - patch -p1 < ../patch-o-matic+old.diff ;# to restore old patches - ##patch -p1 < /doc/pom-ng-20050205-wintrk-fix.diff - run /tools/pom-ng.sh -l | less - run /tools/pom-ng.sh -n - paste the output into pom-ng.sh at proper locations - then run "KERNEL_DIR=path_to_new_kernel IPTABLES_DIR=$A bash-205b /tools/pom-ng.sh -a" - cd to the new kernel - make distclean - cd .. && diff the two trees The following patches should be merged : CLASSIFY IPV4OPTSSTRIP NETLINK NETMAP REJECT ROUTE SAME TARPIT TTL XOR account addrtype condition connlimit cuseeme-nat eggdrop-conntrack geoip goto h323-conntrack-nat iprange ipv4options mms-conntrack-nat mport msnp-conntrack-nat nth osf owner-socketlookup ownercmd pool psd quake3-conntrack-nat random rpc rsh rtsp-conntrack set string talk-conntrack-nat time u32 Note: nf-log and tcp-window-tracking should be merged afterwards