PageRenderTime 45ms CodeModel.GetById 18ms RepoModel.GetById 0ms app.codeStats 0ms

/iptables-module/README.compile

https://github.com/mobilipia/IPTV-Analyzer
Unknown | 170 lines | 99 code | 71 blank | 0 comment | 0 complexity | 0eb5bf1368a96f4dcb589a8d9a804510 MD5 | raw file
Possible License(s): GPL-3.0 
    

  1. 

  2. = Howto Compile =
    3. 

  3. 

  4. This is a quick howto, on getting the iptables module compiled.
    5. 

  5. Including howto install an newer/compatible iptables version.
    6. 

  6. 

  7. I'm using GNU tool 'stow' to handle my out-of-distro installed
    8. 

  8. software.  To follow these compile instructions, you should have stow
    9. 

  9. installed on your machine.
    10. 

  10. 

  11. 

  12. == Iptables dependency ==
    13. 

  13. 

  14. This iptables module requires minimum iptables 1.4.3.
    15. 

  15. 

  16. 

  17. == Developement tree ==
    18. 

  18. 

  19. Get the development git development tree here:
    20. 

  20. (FIXME: Move this to the new domain iptv-analyzer.org)
    21. 

  21. 

  22.  git clone git://people.netfilter.org/hawk/iptv-analyzer.git
    23. 

  23. 

  24. 

  25. === Compiling the userspace iptables module ===
    26. 

  26. 

  27. The default make command tries to compile both the iptables userspace
    28. 

  28. library and kernel module.  If you only want to compile the iptables
    29. 

  29. userspace library call:
    30. 

  30. 

  31.   make lib
    32. 

  32. 

  33. Every iptables extension/module is based upon a dynamically loadable
    34. 

  34. library file (suffix .so).  These libraries/modules are installed in
    35. 

  35. e.g. /usr/local/libexec/xtables/ and are loaded by iptables when
    36. 

  36. needed.
    37. 

  37. 

  38. Thus, the makefile trick is "simply" to create an iptables dynamically
    39. 

  39. loadable library "out-of-tree".
    40. 

  40. 

  41. All the details can be found in the excellent document titled:
    42. 

  42. "Writing Netfilter modules" by Jan Engelhardt:
    43. 

  43. 

  44.   http://jengelh.medozas.de/documents/Netfilter_Modules.pdf
    45. 

  45. 

  46. 

  47. === Trick: Fake stow install ===
    48. 

  48. 

  49. TODO: Currently the Makefile does not contain an install target for
    50. 

  50. the userspace iptables library.  Below is the manual procedure.
    51. 

  51. 

  52. Make a fake stow software package for the development version of the
    53. 

  53. source.
    54. 

  54. 

  55. Create directory:
    56. 

  56. 

  57.   mkdir /usr/local/stow/mpeg2ts_development_fake/
    58. 

  58. 

  59. And create the directories libexec/xtables/ within.
    60. 

  60. 

  61.   mkdir -p /usr/local/stow/mpeg2ts_development_fake/libexec/xtables/
    62. 

  62.   cd       /usr/local/stow/mpeg2ts_development_fake/libexec/xtables/
    63. 

  63. 

  64. Create a symlink from this directory to your development edition of
    65. 

  65. the file 'libxt_mpeg2ts.so'
    66. 

  66. 

  67.   ln -s ~/git/iptv-analyzer/iptables-module/libxt_mpeg2ts.so .
    68. 

  68. 

  69. Activate the stow software package 'mpeg2ts_development_fake'.
    70. 

  70. 

  71.   cd /usr/local/stow
    72. 

  72.   stow mpeg2ts_development_fake
    73. 

  73. 

  74. 

  75. == Compiling the kernel module ==
    76. 

  76. 

  77. No patching of the Linux kernel is required, but the kernel source is
    78. 

  78. required.  The module takes advantage of the kernel build/make system.
    79. 

  79. 

  80. Minimum kernel version required is 2.6.28 (due to some RCU changes).
    81. 

  81. 

  82. If you only want to compile the kernel module call:
    83. 

  83. 

  84.   make modules
    85. 

  85. 

  86. The Makefile tries to detect the kernel source via the symlink in:
    87. 

  87. 

  88.   /lib/modules/2.6.xx/build
    89. 

  89. 

  90. The kernel version is extracted by calling 'uname -r' in the makefile.
    91. 

  91. 

  92. But its also possibly to compile against another kernel than the
    93. 

  93. current running version, by calling:
    94. 

  94. 

  95.   make KERNEL_DIR=~/git/kernel/davem/net-next-2.6/
    96. 

  96. 

  97. If you have a fresh kernel source you might need to call:
    98. 

  98. 

  99.   make oldconfig
    100. 

  100.   make prepare
    101. 

  101.   make modules_prepare
    102. 

  102. 

  103. TODO/Issue?: Is it possible to link against a fresh source? As the
    104. 

  104. module needs to know the C "extern" adresses.
    105. 

  105. 

  106. === Loading the kernel module manually ===
    107. 

  107. 

  108. Its possibly to load the kernel module via insmod, without installing
    109. 

  109. the module into /lib/modules/2.6.xx/ (see below howto perform the
    110. 

  110. install).
    111. 

  111. 

  112. * But be warned that the systems does not automatically load
    113. 

  113.   dependencies.
    114. 

  114. 

  115. First of all you need to make sure that the iptables module have been
    116. 

  116. loaded (e.g x_tables, ip_tables, iptable_mangle, iptable_filter etc.).
    117. 

  117. The easiest way to get these modules loaded is simple to invoke the
    118. 

  118. 'iptables -L' command line tool.
    119. 

  119. 

  120. The kernel module compile, actually produced two kernel modules:
    121. 

  121. 

  122. * xt_mpeg2ts.ko
    123. 

  123. * compat_xtables.ko
    124. 

  124. 

  125. If you kernel version <= 2.6.34, then you also need to load the kernel
    126. 

  126. module "compat_xtables.ko"
    127. 

  127. 

  128.   insmod ./compat_xtables.ko
    129. 

  129. 

  130. Next, you need to load the real kernel module:
    131. 

  131. 

  132.   insmod ./xt_mpeg2ts.ko
    133. 

  133. 

  134. If the loading failed with (e.g. "Unknown symbol in module") use
    135. 

  135. 'dmesg' to see the real error message.
    136. 

  136. 

  137. 

  138. === Reloading kernel module ===
    139. 

  139. 

  140. When making modifications to the kernel module remember to manually
    141. 

  141. rmmod and insmod the kernel module again.
    142. 

  142. 

  143.   rmmod xt_mpeg2ts
    144. 

  144.   insmod ./xt_mpeg2ts.ko
    145. 

  145. 

  146. 

  147. === Installing the kernel module ===
    148. 

  148. 

  149. When the kernel module has been compiled successfully, its possibly to
    150. 

  150. install the kernel module, as root, via:
    151. 

  151. 

  152.   make modules_install
    153. 

  153. 

  154. This will install the kernel module into /lib/modules/2.6.xx/extra/
    155. 

  155. (via a call to the kernel build system, this might call depmod for
    156. 

  156. you).
    157. 

  157. 

  158. After the install you should call (as root):
    159. 

  159. 

  160.   depmod -a
    161. 

  161. 

  162. If its another kernel than the running kernel you need to add the
    163. 

  163. kernel-version as an argument to depmod
    164. 

  164. 

  165. A small test to see if the kernel module got installed and depmod
    166. 

  166. correctly call:
    167. 

  167. 

  168.  modinfo -k $KERNEL_VER xt_mpeg2ts
    169. 

  169. 

  170. 

  171.