-Howto- Iptables
Posted: 01 May 2007, 09:45
Hi,
I just updated the excellent guide bjorn did for creating the iptables modules. I tried this and could not get the crosstools to compile, so then
osa gave me a tip to use the already precompiled crosstools.
Now I finally could get iptables up and running.
I used ubuntu feisty fawn.
Download required tools for compiling.
#sudo apt-get install make libncurses5-dev gcc
#cd /tmp
Download precompiled crosstools.
#wget http://download.excito.net/kernel/arm-g ... 2-1.tar.gz
Get kernel source
#wget http://ftp.sunet.se/pub/Linux/kernels/v ... 16.tar.bz2
Get at91patch
#wget http://download.excito.net/kernel/2.6.1 ... 1.patch.gz
Get Excito patches and config
#wget http://download.excito.net/kernel/2.6.1 ... .16.tar.gz
Create build directory
#mkdir build
Move into that
#cd build
Extract kernel source
#tar jxvf ../linux-2.6.16.16.tar.bz2
Move into the kernel directory
#cd linux-2.6.16.16/
Apply atmel patch
#zcat ../../2.6.16-at91.patch.gz | patch -p1
Apply Excito patch while in /tmp/linux-2.6.16.16/
#cat /tmp/excito.patch | patch -p1
Add excito config
#cp /tmp/excito.config .config
Build initial config
#make ARCH=arm CROSS_COMPILE=/tmp/opt/crosstool/gcc-4.0.1-glibc-2.3.2/arm-unknown-linux-gnu/bin/arm-unknown-linux-gnu- oldconfig
Change config as needed
(make sure you have installed ncurses for this to work. On ubuntu: sudo apt-get install libncurses5-dev)
#make ARCH=arm CROSS_COMPILE=/tmp/opt/crosstool/gcc-4.0.1-glibc-2.3.2/arm-unknown-linux-gnu/bin/arm-unknown-linux-gnu- menuconfig
Navigate:
Networking -->
Networking options -->
Network packet filtering(replaces ipchains) -->
Core Netfilter Configuration --> Mark all as modules
IP: Netfilter Configuration --> Marl all as modules
Then anwser yes att "Do you wish to save your new kernel configuration?" and exit.
Build modules
#make ARCH=arm CROSS_COMPILE=/tmp/opt/crosstool/gcc-4.0.1-glibc-2.3.2/arm-unknown-linux-gnu/bin/arm-unknown-linux-gnu- modules
Install modules locally
#make ARCH=arm CROSS_COMPILE=/tmp/opt/crosstool/gcc-4.0.1-glibc-2.3.2/arm-unknown-linux-gnu/bin/arm-unknown-linux-gnu- INSTALL_MOD_PATH=`pwd`/tmpinstall modules_install
Make archive of modules
#cd tmpinstall
#tar zcvf modules.tar.gz *
Copy modules.tar.gz over to Bubba
#scp modules.tar.gz user@bubba:\modules.tar.gz
Log in to bubba and become root.
#user@bubba#sudo su
#cd /
#tar zxvf /home/user/modules.tar.gz /
This will install all modules in /lib
Create dependencies for all modules listed in /etc/modules.conf, so that modprobe knows which available modules to use.
#depmod -a
load the modules you want, for example:
modprobe ip_tables
/Limpo
I just updated the excellent guide bjorn did for creating the iptables modules. I tried this and could not get the crosstools to compile, so then
osa gave me a tip to use the already precompiled crosstools.
Now I finally could get iptables up and running.
I used ubuntu feisty fawn.
Download required tools for compiling.
#sudo apt-get install make libncurses5-dev gcc
#cd /tmp
Download precompiled crosstools.
#wget http://download.excito.net/kernel/arm-g ... 2-1.tar.gz
Get kernel source
#wget http://ftp.sunet.se/pub/Linux/kernels/v ... 16.tar.bz2
Get at91patch
#wget http://download.excito.net/kernel/2.6.1 ... 1.patch.gz
Get Excito patches and config
#wget http://download.excito.net/kernel/2.6.1 ... .16.tar.gz
Create build directory
#mkdir build
Move into that
#cd build
Extract kernel source
#tar jxvf ../linux-2.6.16.16.tar.bz2
Move into the kernel directory
#cd linux-2.6.16.16/
Apply atmel patch
#zcat ../../2.6.16-at91.patch.gz | patch -p1
Apply Excito patch while in /tmp/linux-2.6.16.16/
#cat /tmp/excito.patch | patch -p1
Add excito config
#cp /tmp/excito.config .config
Build initial config
#make ARCH=arm CROSS_COMPILE=/tmp/opt/crosstool/gcc-4.0.1-glibc-2.3.2/arm-unknown-linux-gnu/bin/arm-unknown-linux-gnu- oldconfig
Change config as needed
(make sure you have installed ncurses for this to work. On ubuntu: sudo apt-get install libncurses5-dev)
#make ARCH=arm CROSS_COMPILE=/tmp/opt/crosstool/gcc-4.0.1-glibc-2.3.2/arm-unknown-linux-gnu/bin/arm-unknown-linux-gnu- menuconfig
Navigate:
Networking -->
Networking options -->
Network packet filtering(replaces ipchains) -->
Core Netfilter Configuration --> Mark all as modules
IP: Netfilter Configuration --> Marl all as modules
Then anwser yes att "Do you wish to save your new kernel configuration?" and exit.
Build modules
#make ARCH=arm CROSS_COMPILE=/tmp/opt/crosstool/gcc-4.0.1-glibc-2.3.2/arm-unknown-linux-gnu/bin/arm-unknown-linux-gnu- modules
Install modules locally
#make ARCH=arm CROSS_COMPILE=/tmp/opt/crosstool/gcc-4.0.1-glibc-2.3.2/arm-unknown-linux-gnu/bin/arm-unknown-linux-gnu- INSTALL_MOD_PATH=`pwd`/tmpinstall modules_install
Make archive of modules
#cd tmpinstall
#tar zcvf modules.tar.gz *
Copy modules.tar.gz over to Bubba
#scp modules.tar.gz user@bubba:\modules.tar.gz
Log in to bubba and become root.
#user@bubba#sudo su
#cd /
#tar zxvf /home/user/modules.tar.gz /
This will install all modules in /lib
Create dependencies for all modules listed in /etc/modules.conf, so that modprobe knows which available modules to use.
#depmod -a
load the modules you want, for example:
modprobe ip_tables
/Limpo