LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Hardware > Linux - Embedded & Single-board computer
User Name
Password
Linux - Embedded & Single-board computer This forum is for the discussion of Linux on both embedded devices and single-board computers (such as the Raspberry Pi, BeagleBoard and PandaBoard). Discussions involving Arduino, plug computers and other micro-controller like devices are also welcome.

Notices

Reply
 
Search this Thread
Old 09-07-2010, 05:27 AM   #1
chxooi
LQ Newbie
 
Registered: May 2010
Posts: 24

Rep: Reputation: 0
How to build and install this iptables


I am trying to port netfilter on my embedded linux target board.
Target board has linux kernel 2.6.x I started with iptables tutorial.
Also,I extracted the iptables source code on my nfs root file system

But, I don't know how to build and install this iptables for my target board.
whenever I try to "make" and "insall" on my host, it always changes my host iptables not my target.

How can I build this iptables feature on my host for my target.
and which files should be copy(?) or install(?) into my target nfs file system.

--- This article is post on "linux network directory" too.
I don't know how to delete this post on linux-network.
so, I post this twice on linux-embedded and linux-network
If you let me know how to remove the article,I'll do that.
Sorry again.
 
Old 09-07-2010, 02:18 PM   #2
nini09
Member
 
Registered: Apr 2009
Posts: 991

Rep: Reputation: 67
You need add the packet into your target build system instead of installing on your host.
 
Old 09-07-2010, 08:37 PM   #3
chxooi
LQ Newbie
 
Registered: May 2010
Posts: 24

Original Poster
Rep: Reputation: 0
I don't understand ..." need add the packet "
What kind of packet do you mean?
"add the packet....???" ??

what's mean "add the packet??"

Sorry , can you explain more deail..?
 
Old 09-07-2010, 08:43 PM   #4
exvor
Senior Member
 
Registered: Jul 2004
Location: Phoenix, Arizona
Distribution: LFS-Version SVN-20091202, Arch 2009.08
Posts: 1,485

Rep: Reputation: 66
If your embedded root system is shared out via nfs then you need to modify your configure command to point into that directory instead of the directory on your host. A configure --prefix=<path to nfs share> should do the trick. That way you will get it installed into the correct place. However since you mention embedded linux I would suspect your embedded system is not the same architecture as your main computer, thus even if you get it to the right place it may not work. This is why the poster above asked about your build environment, since most embedded stuff is done with a build system.
 
Old 09-08-2010, 12:09 AM   #5
chxooi
LQ Newbie
 
Registered: May 2010
Posts: 24

Original Poster
Rep: Reputation: 0
Thanks a lot.
I'm totally understand...

Host is x86 , Target is also x86.

I could change the cross-compiler for my target system.
I have similar experience to porting some application like "ethool", "tcpdump" and so on.
But, most embedded targe application is needed by only one binary or one library file.

For example, if I should use "ethtool" on my target system, I just copy only one binary file "ethtool"
that I compiled by cross-compiler.

However, this "iptables" ....
After finishing compile using "make" with cross-compiler , I don't know which file to copy on target system.
I didn't see any binary and library...named "iptables" after "make"

"iptables" is different with "ethtool" or "tcpdump" ...

That is my question.

Sorry for my stupid english skill, But I want to use "iptables" feature on my target system.
 
Old 09-08-2010, 02:21 PM   #6
nini09
Member
 
Registered: Apr 2009
Posts: 991

Rep: Reputation: 67
Assume you download tarball file. Copy relative source code into your build system and add something into makefile to build it.
 
Old 09-11-2010, 06:23 AM   #7
chxooi
LQ Newbie
 
Registered: May 2010
Posts: 24

Original Poster
Rep: Reputation: 0
1.downlaod iptables-1.4.9.1.tar.bz2
2.untar this file
3.host#./configure
4.host#make
5.host#copy iptables-multi ~/NFSROOT/root_target/
6.host#cd ~/NFSROOT/root_target
7.host#chmod 777 iptables-multi
8.change terminal to the target system "root_target" (NFS)
9.target#./iptables-multi

./iptables-multi: error while loading shared libraries: libip4tc.so.0: cannot op
en shared object file: No such file or directory



Do I need to modify something for this shared libraries ?
I think that configure file should be changed..
but, I don't know how to change this file..?
 
Old 09-13-2010, 02:51 PM   #8
nini09
Member
 
Registered: Apr 2009
Posts: 991

Rep: Reputation: 67
Copy libip4tc.so.0 to target and correct directory.
 
Old 10-07-2010, 04:12 AM   #9
YasoCH
LQ Newbie
 
Registered: Oct 2010
Posts: 1

Rep: Reputation: 0
Hello

Just now I try to do the same thing like chxooi and I also ran into similar problems.
Quote:
./iptables-multi: error while loading shared libraries: libip4tc.so.0: cannot op
en shared object file: No such file or directory
Here you have to point with a link to libip4tc.so.0.0.0, the same goes to libxtables.so and libxtables.so.5 to libxtables.so.5.0.0:
Code:
ln -s libip4tc.so.0.0.0 libip4tc.so.0
-----------------------------------------------------------------
Now I have a problem:
Code:
# iptables -t mangle -A PREROUTING -s localhost -j TEE --gateway 192.168.200.5
iptables: No chain/target/match by that name.
but...

Code:
# iptables -t mangle -A PREROUTING -s localhost -j TEE
iptables v1.4.9.1: TEE target: --gateway parameter required
Try `iptables -h' or 'iptables --help' for more information.
# iptables -t mangle -A PREROUTING -s localhost -j TEE --gateway
iptables v1.4.9.1: option `--gateway' requires an argument
Try `iptables -h' or 'iptables --help' for more information.
Quote:
# iptables -t mangle -A PREROUTING -s localhost
# iptables -t mangle -L
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
all -- localhost anywhere
Code:
# lsmod
Module                  Size  Used by    Not tainted
iptable_mangle          2352  1
iptable_filter          2336  0
What I've done so far:

I have an embedded Linux board (2.6.20.11) running iptables V1.3.8 with one MASQUARADE Rule in filter table OUTPUT but in addition I need the TEE Target, so I compiled iptables V1.4.9.1 and installed it in a separate folder. Running iptables from it showed, that iptables miss the module iptable_mangle.
So I compiled the kernel module iptable_mangle with #make modules, moved it to my board and loaded into the kernel with #insmod.
And here I am...
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
How can I build this iptables feature chxooi Linux - Networking 2 09-07-2010 05:24 AM
how to build an iptables gateway/firewall targettl Linux - Networking 17 12-16-2009 06:04 AM
Build DMZ server for windows sharing printer using iptables andipurwito Linux - Networking 1 07-26-2007 04:28 PM
build and Install the module (ATI driver install) michapma Debian 5 11-13-2005 10:30 AM
IPTABLES : build NAT using IPTABLES joseph Linux - Networking 4 04-23-2004 05:08 AM


All times are GMT -5. The time now is 05:11 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration