Thank you for the report, and apologies for being slow to respond.

I interpret this as: kernel 5.6 needs ipt_NETFLOW-2.5
Assigning to kernel team.

Summary: need update ipt_NETFLOW upto 2.5 for kernel 5.6 => need to update ipt_NETFLOW to 2.5 for kernel 5.6
Assignee: bugsquad => kernel

Updated packages in core/updates_testing:
----------------------------------------
iptables-NETFLOW-2.5.1-1.mga7
dkms-ipt_NETFLOW-2.5.1-1.mga7

from ipt_NETFLOW-2.5.1-1.mga7.src.rpm

Advisory to upload to SVN:
----------------------------------------
type: bugfix
subject: Updated ipt_NETFLOW packages adds kernel 5.8 support
src:
  7:
   core:
     - ipt_NETFLOW-2.5.1-1.mga7
description: |
  The ipt_NETFLOW package has been updated to version 2.5.1, with full support
  for the 5.6 and 5.8 series Linux kernels, bug fixes, and other enhancements.
  See the upstream announcements for details.
references:
 - https://bugs.mageia.org/show_bug.cgi?id=26844
 - https://github.com/aabc/ipt-netflow/releases/tag/v2.5
 - https://github.com/aabc/ipt-netflow/releases/tag/v2.5.1

Assignee: kernel => qa-bugs

For dkms-ipt, installing it fails with ...
Error! Bad return status for module build on kernel: 5.7.14-desktop-1.mga7 (x86_64)
Consult the make.log in the build directory
/var/lib/dkms/ipt_NETFLOW/2.5.1-1.mga7/build/ for more information.

Error! Could not locate ipt_NETFLOW.ko.xz for module ipt_NETFLOW in the DKMS tree.
You must run a dkms build for kernel 5.7.14-desktop-1.mga7 (x86_64) first.
warning: %post(dkms-ipt_NETFLOW-2.5.1-1.mga7.noarch) scriptlet failed, exit status 4
ERROR: 'script' failed for dkms-ipt_NETFLOW-2.5.1-1.mga7.noarch

The make log ends with ...
DKMS make.log for ipt_NETFLOW-2.5.1-1.mga7 for kernel 5.7.14-desktop-1.mga7 (x86_64)
Thu Aug 20 12:48:07 EDT 2020
make: Entering directory '/usr/src/kernel-5.7.14-desktop-1.mga7'
  AR      /var/lib/dkms/ipt_NETFLOW/2.5.1-1.mga7/build/built-in.a
  CC [M]  /var/lib/dkms/ipt_NETFLOW/2.5.1-1.mga7/build/ipt_NETFLOW.o
In file included from /var/lib/dkms/ipt_NETFLOW/2.5.1-1.mga7/build/ipt_NETFLOW.c:76:
/var/lib/dkms/ipt_NETFLOW/2.5.1-1.mga7/build/compat.h:9:10: fatal error: compat_def.h: No such file or directory
 #include "compat_def.h"
          ^~~~~~~~~~~~~~
compilation terminated.
make[1]: *** [scripts/Makefile.build:267: /var/lib/dkms/ipt_NETFLOW/2.5.1-1.mga7/build/ipt_NETFLOW.o] Error 1
make: *** [Makefile:1724: /var/lib/dkms/ipt_NETFLOW/2.5.1-1.mga7/build] Error 2
make: Leaving directory '/usr/src/kernel-5.7.14-desktop-1.mga7'

CC: (none) => davidwhodgins
Keywords: (none) => feedback

Build procedure fixed, which should fix that issue.

Updated packages in core/updates_testing:
----------------------------------------
iptables-NETFLOW-2.5.1-1.1.mga7
dkms-ipt_NETFLOW-2.5.1-1.1.mga7

from ipt_NETFLOW-2.5.1-1.1.mga7.src.rpm

Advisory to upload to SVN:
----------------------------------------
type: bugfix
subject: Updated ipt_NETFLOW packages adds kernel 5.8 support
src:
  7:
   core:
     - ipt_NETFLOW-2.5.1-1.1.mga7
description: |
  The ipt_NETFLOW package has been updated to version 2.5.1, with full support
  for the 5.6 and 5.8 series Linux kernels, bug fixes, and other enhancements.
  See the upstream announcements for details.
references:
 - https://bugs.mageia.org/show_bug.cgi?id=26844
 - https://github.com/aabc/ipt-netflow/releases/tag/v2.5
 - https://github.com/aabc/ipt-netflow/releases/tag/v2.5.1

Keywords: feedback => (none)

Hello David,

Thank you for your help.

I could not build this package on my environment, because i have not latest kernel (i have trouble with nvidia driver on lastest kernels).
It possible define KPKG and KDIR without rpm-command ?

current code:
# set kernel-devel dir
KPKG=$(rpm -q --requires kernel-desktop-devel-latest | grep kernel-desktop-devel)
KDIR=$(rpm -ql $KPKG | grep '/usr/src/[^/]*$')

my result:
# export LC_ALL=C
# rpm -q --requires kernel-desktop-devel-latest | grep kernel-desktop-devel
package kernel-desktop-devel-latest is not installed 


==== error ====
make -j4 KERNELRELEASE=5.5.15-desktop-3.mga7 -C /lib/modules/5.5.15-desktop-3.mga7/build M=/var/lib/dkms/ipt_NETFLOW/2.5.1-1.1.mga7/build......(bad exit status: 2)

Error! Bad return status for module build on kernel: 5.5.15-desktop-3.mga7 (x86_64)
Consult the make.log in the build directory
/var/lib/dkms/ipt_NETFLOW/2.5.1-1.1.mga7/build/ for more information.

Error! Could not locate ipt_NETFLOW.ko.xz for module ipt_NETFLOW in the DKMS tree.
You must run a dkms build for kernel 5.5.15-desktop-3.mga7 (x86_64) first.
предупреждение: %post(dkms-ipt_NETFLOW-2.5.1-1.1.mga7.noarch) scriptlet failed, exit status 4
iptables-NETFLOW-2.5.1-1.1.mga7.x86_64
==== error ====

==== error log ====
/var/lib/dkms/ipt_NETFLOW/2.5.1-1.1.mga7/build/compat.h:217:8: ошибка: повторное определение «struct timeval»
 struct timeval {
        ^~~~~~~
==== error log ====

==== loaded kernel ====
# uname -a
Linux Z2 5.5.15-desktop-3.mga7 #1 SMP Sat Apr 4 19:06:09 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
==== loaded kernel ====

==== compat_def.h ====
# cat /var/lib/dkms/ipt_NETFLOW/2.5.1-1.1.mga7/build/compat_def.h |grep -P '(Autogenerated|^#)'
// Autogenerated for /usr/src/kernel-5.7.14-desktop-1.mga7
#define HAVE_XT_FAMILY
#undef HAVE_TIMEVAL
#define HAVE_PROC_OPS
#undef HAVE_SYNCHRONIZE_SCHED
==== compat_def.h ====


I have not kernel kernel-5.7.14-desktop-1.mga7:

# rpm -qa | grep kernel
kernel-desktop-5.5.15-3.mga7-1-1.mga7
xtables-addons-kernel-5.3.13-desktop-2.mga7-3.5-10.mga7
kernel-firmware-20190603-1.mga7
kernel-desktop-5.4.17-1.mga7-1-1.mga7
xtables-addons-kernel-5.5.15-desktop-3.mga7-3.8-11.mga7
kernel-desktop-5.3.13-2.mga7-1-1.mga7
kernel-userspace-headers-5.5.15-1.mga7
kernel-desktop-devel-5.5.15-3.mga7-1-1.mga7
kernel-desktop-devel-5.3.13-2.mga7-1-1.mga7
kernel-desktop-devel-5.4.17-1.mga7-1-1.mga7
virtualbox-kernel-5.5.15-desktop-3.mga7-6.0.20-1.mga7

We issued nvidia package updates to make them work with kernel 5.7.  This package should be tested with 5.7 as well.

I found reason of issue on my environment.
1) russian language in error message of gcc. Need to add: export LC_MESSAGES=C
2) incorrent pattern for grep.

==== test grep pattern ====
# cat log
make -s -C /usr/src/kernel-5.5.15-desktop-3.mga7 M=/root/rpmbuild/BUILD/ipt-netflow-2.5.1/cc-test-build modules
/root/rpmbuild/BUILD/ipt-netflow-2.5.1/cc-test-build/test.c:4:17: error: storage size of ‘test’ isn’t known
 struct proc_ops test;
                 ^~~~
make[2]: *** [scripts/Makefile.build:266: /root/rpmbuild/BUILD/ipt-netflow-2.5.1/cc-test-build/test.o] Error 1
make[1]: *** [Makefile:1686: /root/rpmbuild/BUILD/ipt-netflow-2.5.1/cc-test-build] Error 2
[root@Z2 cc-test-build]# 

# egrep -q 'has no member named|undeclared|storage size of .* isn.t known|No such file or directory' log || echo false
false

# egrep -q 'has no member named|undeclared|storage size of .* isn.*t known|No such file or directory' log && echo true
true
==== test grep pattern ====

I could build module using 2 patches:

==== patch1 ====
--- ipt_NETFLOW.spec.orig       2020-08-20 22:54:39.000000000 +0300
+++ ipt_NETFLOW.spec    2020-08-22 10:22:31.596308018 +0300
@@ -12,10 +12,11 @@
 Source:                https://github.com/aabc/ipt-netflow/releases/%{upstream_name}-%{version}.tar.gz
 # Disable searching for iptables sources, not used anyway
 Patch0:                ipt_NETFLOW-2.4-nosrc.patch
+Patch1:                ipt_NETFLOW-2.5.1-gen_compat_def.patch
 
 BuildRequires: pkgconfig(libiptc)
 BuildRequires: pkgconfig(xtables)
-BuildRequires: kernel-desktop-devel-latest
+BuildRequires: kernel-devel
 
 %description
 ipt_netflow is very fast and effective Netflow exporting module for Linux kernel.
@@ -48,8 +49,8 @@
 %build
 %setup_compile_flags
 # set kernel-devel dir
-KPKG=$(rpm -q --requires kernel-desktop-devel-latest | grep kernel-desktop-devel)
-KDIR=$(rpm -ql $KPKG | grep '/usr/src/[^/]*$')
+KPKG=$(uname -r)
+KDIR=/usr/src/kernel-$KPKG
 ./configure --kdir=$KDIR
 %make_build libipt_NETFLOW.so LIBS=-lxtables
 %make_build compat_def.h
==== patch1 ====

==== patch2 ====
# cat ipt_NETFLOW-2.5.1-gen_compat_def.patch
--- ipt-netflow-2.5.1.orig/gen_compat_def       2020-08-22 09:36:28.064610817 +0300
+++ ipt-netflow-2.5.1/gen_compat_def       2020-08-22 10:12:00.653689062 +0300
@@ -8,6 +8,7 @@
 #
 
 export LANG=C
+export LC_MESSAGES=C
 fatal() {
   echo "Error: $*" >&2
   exit 1
@@ -39,7 +41,7 @@
     echo "// Output:"
     sed  "s/^/\/\/   /" log
     echo
-    if ! egrep -q 'has no member named|undeclared|storage size of .* isn.t known|No such file or directory' log; then
+    if ! egrep -q 'has no member named|undeclared|storage size of .* isn.*t known|No such file or directory' log; then
       echo "Error: unexpected error from compiler" >&2
       cat log >&2
       echo >&2
==== patch2 ====




==== install log ====
# rpm --force -vU /root/rpmbuild/RPMS/noarch/dkms-ipt_NETFLOW-2.5.1-1.1.mga7.noarch.rpm /root/rpmbuild/RPMS/x86_64/iptables-NETFLOW-2.5.1-1.1.mga7.x86_64.rpm
Verifying packages...
Preparing packages...
dkms-ipt_NETFLOW-2.5.1-1.1.mga7.noarch

Error! DKMS tree already contains: ipt_NETFLOW-2.5.1-1.1.mga7
You cannot add the same module/version combo more than once.

Preparing kernel 5.5.15-desktop-3.mga7 for module build:
(This is not compiling a kernel, just preparing kernel symbols)
Storing current .config to be restored when complete
Running Generic preparation routine
make mrproper....(bad exit status: 2)
using /proc/config.gz
make oldconfig....
make prepare....(bad exit status: 2)

Building module:
cleaning build area....(bad exit status: 2)
make -j4 KERNELRELEASE=5.5.15-desktop-3.mga7 -C /lib/modules/5.5.15-desktop-3.mga7/build M=/var/lib/dkms/ipt_NETFLOW/2.5.1-1.1.mga7/build.....
cleaning build area....(bad exit status: 2)
cleaning kernel tree (make mrproper)....(bad exit status: 2)

DKMS: build Completed.

ipt_NETFLOW.ko.xz:
 - Installation
   - Installing to /lib/modules/5.5.15-desktop-3.mga7/dkms/net/netfilter//

depmod........

DKMS: install Completed.
iptables-NETFLOW-2.5.1-1.1.mga7.x86_64
==== install log ====

==== check ====
# lsmod | grep -i netflow
# modprobe ipt_NETFLOW
# lsmod | grep -i netflow
ipt_NETFLOW            73728  0
x_tables               53248  24 xt_conntrack,iptable_filter,xt_LOG,xt_multiport,xt_length,xt_state,xt_string,xt_tcpudp,xt_tcpmss,xt_hashlimit,xt_ACCOUNT,ipt_NETFLOW,xt_recent,xt_nat,xt_owner,xt_set,xt_HL,ipt_REJECT,ip_tables,xt_limit,xt_MASQUERADE,iptable_mangle,xt_REDIRECT,xt_mark
# sysctl -a | grep -i netflow
net.netflow.active_timeout = 60
net.netflow.debug = 0
net.netflow.destination = 127.0.0.1:5001
net.netflow.flush = 0
net.netflow.hashsize = 503949
net.netflow.inactive_timeout = 10
net.netflow.maxflows = 2000000
net.netflow.protocol = 5
net.netflow.refresh-rate = 20
net.netflow.scan-min = 1
net.netflow.sndbuf = 212992
net.netflow.timeout-rate = 30
==== check ====

I believe that this is not enough.
I think it is necessary to run "/usr/bin/make -O -j1 compat_def.h" every time the dkms is launched on a new kernel.

Patch added, let's try again.

Updated packages in core/updates_testing:
----------------------------------------
iptables-NETFLOW-2.5.1-1.2.mga7
dkms-ipt_NETFLOW-2.5.1-1.2.mga7

from ipt_NETFLOW-2.5.1-1.2.mga7.src.rpm

Advisory to upload to SVN:
----------------------------------------
type: bugfix
subject: Updated ipt_NETFLOW packages adds kernel 5.8 support
src:
  7:
   core:
     - ipt_NETFLOW-2.5.1-1.2.mga7
description: |
  The ipt_NETFLOW package has been updated to version 2.5.1, with full support
  for the 5.6 and 5.8 series Linux kernels, bug fixes, and other enhancements.
  See the upstream announcements for details.
references:
 - https://bugs.mageia.org/show_bug.cgi?id=26844
 - https://github.com/aabc/ipt-netflow/releases/tag/v2.5
 - https://github.com/aabc/ipt-netflow/releases/tag/v2.5.1

MGA7-64 Plasma on Lenovo B50
No installation issues.
Looking for testing, found bug 12724 Comment 6, so
# modprobe -v ipt_NETFLOW
insmod /lib/modules/5.7.14-desktop-1.mga7/dkms/net/netfilter/ipt_NETFLOW.ko.xz 
That looks good.
Since this has to do with iptables, played around with shorewall settings in MCC (block everything but ping, set all open) and used ping and nmap command on my desktop towards this laptop. Everything behaves as expected.
Good enough for me.

Whiteboard: (none) => MGA7-64-OK
CC: (none) => herman.viaene

Validating. Advisory in Comment 8.

Keywords: (none) => validated_update
CC: (none) => andrewsfarm, sysadmin-bugs

An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGAA-2020-0191.html

Status: NEW => RESOLVED
Resolution: (none) => FIXED