package xtables-addons-dkms 3.8-2 failed to install/upgrade: installed xtables-addons-dkms package post-installation script subprocess returned error exit status 7

Status changed to 'Confirmed' because the bug affects multiple users.

upgraded from 5.4.0-58-generic to 5.4.0-59-generic
upgrade installation removed xtables-addons-dkms
which was then not possible to reinstall.

Temporary workaround:,
rebooted in 5.4.0-58-generic, did sudo apt-get update, sudo apt-get install xtables-addons-dkms
which completed with errors, but allowed using geoip in iptables.
This procedure failed in 5.4.0-59-generic

continued:

DKMS: install completed.
Building initial module for 5.4.0-59-generic
ERROR: Cannot create report: [Errno 17] File exists: '/var/crash/xtables-addons-dkms.0.crash'
Error! Build of xt_ACCOUNT.ko failed for: 5.4.0-59-generic (x86_64)
Consult the make.log in the build directory
/var/lib/dkms/xtables-addons/3.8/build/ for more information.
dpkg: error processing package xtables-addons-dkms (--configure):
 installed xtables-addons-dkms package post-installation script subprocess returned error exit status 7
Errors were encountered while processing:
 xtables-addons-dkms

Same affects here during kernel update from 5.4.0-58-generic to 5.4.0-59-generic.
Same error message.

Easier workaround:
sudo apt-get install --install-recommends linux-generic-hwe-20.04

upgrades the kernel to 5.8, and xtables-addons-dkms reinstalls with no errors

A netfilter modification from 5.10 was backported to all stable kernels including 5.4
xtables-addons must be updated to 3.12 (or later) to match this change!

@MikeR: Kernel 5.8 is obsolete - that is the reason the modification did not make it into that kernel...

With kernel 5.10 the netfilter API was slightly modified.
This change was backported to the stable kernels (including 5.4) thereby breaking xtables-addons-dkms.
The API change is really very simple; the enclosed patch contains the change that were made to upstream xtables-addons from version 3.8 to 3.12

The attachment "Update to kernel API 5.10" seems to be a patch. If it isn't, please remove the "patch" flag from the attachment, remove the "patch" tag, and if you are a member of the ~ubuntu-reviewers, unsubscribe the team.

[This is an automated message performed by a Launchpad user owned by ~brian-murray, for any issues please contact him.]

Hello,

with

Package: xtables-addons-common
Version: 3.8-2ubuntu0.2
Linux dagobert 5.4.0-64-generic #72-Ubuntu SMP Fri Jan 15 10:27:54 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux

is works again!
Thanks for fixing!

Best regards
Maik

Apologies for adding this here, too; problem reappeared after automatic upgrade 24/2/2021
Reverting to previous kernel version was no help.

Updated to 5.8.0-44-generic, and problem installing or re-installing xtables-addons-dkms

from /var/lib/dkms/xtables-addons/3.8/build/make.log:

   70 | return ip_route_me_harder(net, skb, addr_type);
      | ^~~
      | |
      | struct sk_buff *
In file included from ./include/linux/netfilter/x_tables.h:245,
                 from /var/lib/dkms/xtables-addons/3.8/build/extensions/xt_CHAOS.c:17:
./include/linux/netfilter_ipv4.h:19:54: note: expected 'struct sock *' but argument is of type 'struct sk_buff *'
   19 | int ip_route_me_harder(struct net *net, struct sock *sk, struct sk_buff *skb, unsigned addr_type);
      | ~~~~~~~~~~~~~^~
In file included from /var/lib/dkms/xtables-addons/3.8/build/extensions/xt_CHAOS.c:24:
/var/lib/dkms/xtables-addons/3.8/build/extensions/compat_xtables.h:70:38: warning: passing argument 3 of 'ip_route_
me_harder' makes pointer from integer without a cast [-Wint-conversion]
   70 | return ip_route_me_harder(net, skb, addr_type);
      | ^~~~~~~~~
      | |
      |

Is there any workaround?