-Howto- Iptables

A collection of tips on howto tweak your Bubba.
Post Reply
limpo
Posts: 59
Joined: 24 Mar 2007, 06:50

-Howto- Iptables

Post by limpo » 01 May 2007, 09:45

Hi,

I just updated the excellent guide bjorn did for creating the iptables modules. I tried this and could not get the crosstools to compile, so then
osa gave me a tip to use the already precompiled crosstools.

Now I finally could get iptables up and running.

I used ubuntu feisty fawn.

Download required tools for compiling.

#sudo apt-get install make libncurses5-dev gcc

#cd /tmp

Download precompiled crosstools.
#wget http://download.excito.net/kernel/arm-g ... 2-1.tar.gz

Get kernel source
#wget http://ftp.sunet.se/pub/Linux/kernels/v ... 16.tar.bz2

Get at91patch
#wget http://download.excito.net/kernel/2.6.1 ... 1.patch.gz

Get Excito patches and config
#wget http://download.excito.net/kernel/2.6.1 ... .16.tar.gz

Create build directory
#mkdir build

Move into that
#cd build

Extract kernel source
#tar jxvf ../linux-2.6.16.16.tar.bz2

Move into the kernel directory
#cd linux-2.6.16.16/

Apply atmel patch
#zcat ../../2.6.16-at91.patch.gz | patch -p1

Apply Excito patch while in /tmp/linux-2.6.16.16/

#cat /tmp/excito.patch | patch -p1

Add excito config
#cp /tmp/excito.config .config

Build initial config
#make ARCH=arm CROSS_COMPILE=/tmp/opt/crosstool/gcc-4.0.1-glibc-2.3.2/arm-unknown-linux-gnu/bin/arm-unknown-linux-gnu- oldconfig

Change config as needed
(make sure you have installed ncurses for this to work. On ubuntu: sudo apt-get install libncurses5-dev)
#make ARCH=arm CROSS_COMPILE=/tmp/opt/crosstool/gcc-4.0.1-glibc-2.3.2/arm-unknown-linux-gnu/bin/arm-unknown-linux-gnu- menuconfig

Navigate:

Networking -->
Networking options -->
Network packet filtering(replaces ipchains) -->
Core Netfilter Configuration --> Mark all as modules
IP: Netfilter Configuration --> Marl all as modules

Then anwser yes att "Do you wish to save your new kernel configuration?" and exit.

Build modules
#make ARCH=arm CROSS_COMPILE=/tmp/opt/crosstool/gcc-4.0.1-glibc-2.3.2/arm-unknown-linux-gnu/bin/arm-unknown-linux-gnu- modules

Install modules locally
#make ARCH=arm CROSS_COMPILE=/tmp/opt/crosstool/gcc-4.0.1-glibc-2.3.2/arm-unknown-linux-gnu/bin/arm-unknown-linux-gnu- INSTALL_MOD_PATH=`pwd`/tmpinstall modules_install

Make archive of modules
#cd tmpinstall
#tar zcvf modules.tar.gz *

Copy modules.tar.gz over to Bubba
#scp modules.tar.gz user@bubba:\modules.tar.gz

Log in to bubba and become root.
#user@bubba#sudo su

#cd /

#tar zxvf /home/user/modules.tar.gz /
This will install all modules in /lib

Create dependencies for all modules listed in /etc/modules.conf, so that modprobe knows which available modules to use.
#depmod -a

load the modules you want, for example:
modprobe ip_tables

/Limpo

Post Reply