Some issues with compiling/running Sebek

[Rock Lobster <rocklobster () cheerful com>]

Hi,
I'm trying to run a Gen2 pot with a vmware'd win2k guest on the same system.

I'm having problems with both the server and client, unfortunatly.  Firstly I've taken a look at the sebek FAQ and it 
says that the client/server cannot be run on the same system. Is that valid in my case with two different ip stacks?  
I'm trying to send the sebek data to the 2nd nic in my box (the managment interface, which I've modded the rc.firewall 
iptables rules to accomodate)

Now, when I compile/use sebek server 2.1.6 and run the command "sbk_extract -i eth1 -p 1101 | sbk_ks_log.pl" I get no 
keystrokes from my client. If I do a "netstat -an" sebek doesn't show up!?!?    So, with this in mind I tried to 
download/compile 2.1.7 but got some errors compiling regarding 'af_packet.c'. From previous posts here with the same 
problem I took the advice from someone and commented out these lines in that file. 

/*module_init(packet_init);
module_exit(packet_exit);
MODULE_LICENSE("GPL");*/
(its a gentoo box btw with a 2.4.27 kern)

Now, when I try a make I get either this error:

cp /usr/src/linux-2.4/net/packet/af_packet.c .
patch  af_packet.c af_packet.diff
patching file af_packet.c
Hunk #1 succeeded at 37 with fuzz 2 (offset 2 lines).
Hunk #2 succeeded at 160 (offset 2 lines).
Hunk #3 FAILED at 195.
Hunk #4 succeeded at 1041 (offset 19 lines).
Hunk #5 succeeded at 1075 (offset 19 lines).
Hunk #6 succeeded at 1090 (offset 19 lines).
Hunk #7 FAILED at 1953.
2 out of 7 hunks FAILED -- saving rejects to file af_packet.c.rej

[Or I get this output,  its not consistent :(  ]

./gen_fudge.pl > fudge.h
gcc -c -I/usr/src/linux-2.4/include  -O2 -DUSE_MOD_LICENSE -DUSE_FUDGE ./sebek.c -o sebek.o
In file included from sebek.c:41:
af_packet.c: In function `packet_recvmsg':
af_packet.c:1102: warning: use of cast expressions as lvalues is deprecated
af_packet.c:1103: warning: use of cast expressions as lvalues is deprecated
sebek.c: At top level:
sebek.c:369: warning: conflicting types for built-in function `log'
sebek.c: In function `init_module':
sebek.c:599: warning: use of cast expressions as lvalues is deprecated
rm af_packet.c
gcc -c -I/usr/src/linux-2.4/include -O2 -DUSE_MOD_LICENSE -DUSE_FUDGE ./cleaner.c -o cleaner.o
mkdir sebek-linux-2.1.7-bin
cp sebek.o sebek-linux-2.1.7-bin
cp cleaner.o sebek-linux-2.1.7-bin
cp ./parameters.sh sebek-linux-2.1.7-bin
cp ./sbk_install.sh sebek-linux-2.1.7-bin
chmod u+x sebek-linux-2.1.7-bin/sbk_install.sh
tar -cf sebek-linux-2.1.7-bin.tar sebek-linux-2.1.7-bin
rm -rf sebek-linux-2.1.7-bin

Apologies for the long post. Has anyone got any ideas?