Modify

Opened 8 years ago

Closed 8 years ago

Last modified 6 years ago

#136 closed enhancement (fixed)

iptables modules set xtables-addons

Reported by: Levon Avagyan <levon.avagyan@…> Owned by: amain
Priority: minor Milestone: milestone:
Component: debian/packages Version: 2.0
Severity: severity 4 Keywords: xtables-addons
Cc:

Description

Hi,
I wanted to do some shaping of torrent traffic with iptables's ipp2p plugin which is available with xtables-addons package.
It will be great to have xtables-addons available for installation with the 2.0 build.

Actually I've tried to compile it by myself but unfortunately the kernel version in release 2.0 is:

uname -r
2.6.32.20

and in trunk it is already 2.6.37.6 .
Thank You.

Attachments (0)

Change History (16)

comment:1 Changed 8 years ago by amain

  • Milestone set to 2.1
  • Status changed from new to accepted

Will investigate if this will be in for future releases.

For now, I advice to use DebWrtSvn to compile DebWrt yourself and include the xtables-addon package during build. Note, you only have to build the kernel, not the rootfs and the cross-compiled packages.

comment:2 follow-up: Changed 8 years ago by amain

On the other hand, probably you will need to build iptables command line util also, because it will need some code to onterface with the xtables addon. For this, use the DebWrt cross-compile env.

comment:3 in reply to: ↑ 2 Changed 8 years ago by Levon Avagyan <levon.avagyan@…>

Replying to amain:

For now, I advice to use DebWrtSvn to compile DebWrt yourself and include the xtables-addon package during build. Note, you only have to build the kernel, not the rootfs and the cross-compiled packages.

So based on the message I need to compile the kernel part of the article and re-flash it using tftp, there is no need to overwrite the SD card and settings will (hopefully) remain intact right?

On the other hand, probably you will need to build iptables command line util also, because it will need some code to onterface with the xtables addon. For this, use the DebWrt cross-compile env.

Am I right assuming that I need to do "make openwrt/menuconfig" and select from there packages I need? If not, please tell me how to add debian package to build? Do i need to add source package into debian/package/XX folder and do "make debian/package/XX" ? It is alitle unclear from wiki how exactly to add new package.
Thank You!

comment:5 Changed 8 years ago by amain

note: above package contain the kernel modules, you will need to install the command line tools:

apt-get install xtables-addons-common

comment:6 Changed 8 years ago by amain

Quick native compile howto:

Download and install DebWrt 2.0 kernel modules package for your device if these are not already installed: http://www.debwrt.net/download/releases/2.0/src/

Next, use module-assistant to compile the xtable-addons kernel modules:

apt-get install xtables-addons-source
apt-get install xtables-addons-common
apt-get install kernel-package
apt-get install libncurses5-dev

cd /usr/src/linux
make scripts

m-a -t -v --kernel-dir=/usr/src/linux-headers-2.6.32.20/ build xtables-addons

or if you want to debug the compile:
cd /usr/src/modules/xtables-addons
/usr/bin/make -C /usr/src/linux-headers-2.6.32.20/ M=/usr/src/modules/xtables-addons XA_ABSTOPSRCDIR=/usr/src/modules/xtables-addons

Last edited 8 years ago by amain (previous) (diff)

comment:7 follow-up: Changed 8 years ago by amain

@Levon: can you confirm if above package works on your RS Pro?

comment:8 in reply to: ↑ 7 Changed 8 years ago by Levon Avagyan <levon.avagyan@…>

Replying to amain:

@Levon: can you confirm if above package works on your RS Pro?

well unfortunately no :-(

iptables -t mangle -A PREROUTING -i eth0 -m ipp2p --bit -j ACCEPT
iptables: No chain/target/match by that name.
root@levinet-gate:~# find / | grep ipp2p
/lib/xtables/libxt_ipp2p.so
/lib/modules/2.6.32.20/extra/xtables-addons/xt_ipp2p.ko
root@levinet-gate:~# insmod /lib/modules/2.6.32.20/extra/xtables-addons/xt_ipp2p.ko
insmod: error inserting '/lib/modules/2.6.32.20/extra/xtables-addons/xt_ipp2p.ko': -1 Unknown symbol in module

comment:9 Changed 8 years ago by amain

Unknown symbol in table normally means another module needs to be loaded first. Use dmesg to figure out which modules are missing. How about this:?

depmod -a
modprobe xt_ipp2p

comment:10 Changed 8 years ago by Levon Avagyan <levon.avagyan@…>

I hate to say it, but it still not working :-(

root@levinet-gate:~# depmod -a
root@levinet-gate:~# insmod xt_ipp2p
insmod: can't read 'xt_ipp2p': No such file or directory
root@levinet-gate:~# insmod ipp2p
insmod: can't read 'ipp2p': No such file or directory
root@levinet-gate:~# insmod /lib/modules/2.6.32.20/extra/xtables-addons/xt_ipp2p.ko
insmod: error inserting '/lib/modules/2.6.32.20/extra/xtables-addons/xt_ipp2p.ko': -1 Unknown symbol in module
root@levinet-gate:~# 
dmesg | tail
xt_ipp2p: Unknown symbol xtnu_register_match                                                                                                                 
xt_ipp2p: Unknown symbol xtnu_unregister_match                                                                                                               
xt_ipp2p: Unknown symbol HX_memmem                                                                                                                           
xt_ipp2p: Unknown symbol xtnu_register_match
xt_ipp2p: Unknown symbol xtnu_unregister_match
xt_ipp2p: Unknown symbol HX_memmem
xt_ipp2p: Unknown symbol xtnu_register_match
xt_ipp2p: Unknown symbol xtnu_unregister_match
xt_ipp2p: Unknown symbol HX_memmem

comment:11 Changed 8 years ago by Levon Avagyan <levon.avagyan@…>

well after trick with module-assistant it does work! :-D

lsmod | grep ipp2p
xt_ipp2p                6864  2 
compat_xtables          2416  1 xt_ipp2p

And of course the rule applied as it should :-)

Thank you VERY much!

comment:12 Changed 8 years ago by amain

Great! Your'e welcome.

note: you kept using insmod in above output. Probably you should have used modprobe or multiple insmod's:

insmod /lib/module/2.6.32.20/extra/xtables-addons/compat_xtables.ko
insmod /lib/module/2.6.32.20/extra/xtables-addons/xt_ipp2p.ko
Last edited 8 years ago by amain (previous) (diff)

comment:13 Changed 8 years ago by amain

  • Resolution set to fixed
  • Status changed from accepted to closed

comment:14 Changed 6 years ago by NaladlyClaiva

<a href=http://commentjob.ru/#mpasy>link here</a> - <a href=http://commentjob.ru/#nrwll >this site</a> , http://commentjob.ru/#jrnck nice page

comment:15 Changed 6 years ago by NaladlyClaiva

<a href=http://commentjob.ru/#iqvvm>cool site</a> - <a href=http://commentjob.ru/#yjupa >mega site</a> , http://commentjob.ru/#ctltf cool page

comment:16 Changed 6 years ago by amain

  • Milestone 2.1 deleted

Milestone 2.1 deleted

Add Comment

Modify Ticket

Action
as closed The owner will remain amain.
The resolution will be deleted. Next status will be 'reopened'.
Author


E-mail address and user name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.