加点自已内容的新内核下L7-FILTER的应用实例!

1238801

本人实验的环境：
RED HAT LINUX AS4 （KERNEL 2.6.9）
1.下载
linux-2.6.13.tar.bz2
iptables-1.3.3.tar.bz2
patch-o-matic-ng-20050925.tar.bz2
netfilter-layer7-v2.0-beta.tar.gz
l7-protocols-2005-09-12.tar.gz
分别解压到/usr/local/src 下面
/sbin/lspci >> /root/hardward.conf
cat /proc/cpuinfo >> /root/hardward.conf
cd /usr/local/src/patch-o-matic-ng-20050925
KERNEL_DIR=/usr/local/src/linux-2.6.13 IPTABLES_DIR=/usr/local/src/iptables-1.3.3 ./runme time
KERNEL_DIR=/usr/local/src/linux-2.6.13 IPTABLES_DIR=/usr/local/src/iptables-1.3.3 ./runme ipv4options
KERNEL_DIR=/usr/local/src/linux-2.6.13 IPTABLES_DIR=/usr/local/src/iptables-1.3.3 ./runme psd
KERNEL_DIR=/usr/local/src/linux-2.6.13 IPTABLES_DIR=/usr/local/src/iptables-1.3.3 ./runme mport
KERNEL_DIR=/usr/local/src/linux-2.6.13 IPTABLES_DIR=/usr/local/src/iptables-1.3.3 ./runme ipp2p
KERNEL_DIR=/usr/local/src/linux-2.6.13 IPTABLES_DIR=/usr/local/src/iptables-1.3.3 ./runme quota
KERNEL_DIR=/usr/local/src/linux-2.6.13 IPTABLES_DIR=/usr/local/src/iptables-1.3.3 ./runme comment
KERNEL_DIR=/usr/local/src/linux-2.6.13 IPTABLES_DIR=/usr/local/src/iptables-1.3.3 ./runme connlimit
KERNEL_DIR=/usr/local/src/linux-2.6.13 IPTABLES_DIR=/usr/local/src/iptables-1.3.3 ./runme iprange
KERNEL_DIR=/usr/local/src/linux-2.6.13 IPTABLES_DIR=/usr/local/src/iptables-1.3.3 ./runme nth
KERNEL_DIR=/usr/local/src/linux-2.6.13 IPTABLES_DIR=/usr/local/src/iptables-1.3.3 ./runme geoip
cd /usr/local/src/linux-2.6.13
patch -p1
cd /usr/local/src/iptables-1.3.3
patch -p1
cd /usr/local/src/linux-2.6.13
make menuconfig
make dep #可选(make by rickyfang)
make all
make modules_install
(如果按照此操作，可能导致KERNEL没有加载成功，也就是提示找不到.CONFIG文件，故还要运行make，也许原作者的make all是此作用，但我用不行的！)
cp /usr/local/src/linux-2.6.13/arch/i386/boot/bzImage   /boot/vmlinuz-2.6.13
su -
/sbin/depmod -a
mkinitrd /boot/initrd-2.6.13.img 2.6.13
cd /usr/local/src/iptables-1.3.3
chmod +x extensions/.layer7-test
export KERNEL_DIR=/usr/local/src/linux-2.6.13
export IPTABLES_DIR=/usr/local/src/iptables-1.3.3
make PREFIX=/usr LIBDIR=/lib BINDIR=/sbin &&
make PREFIX=/usr LIBDIR=/lib BINDIR=/sbin install
#make PREFIX=/usr LIBDIR=/lib BINDIR=/sbin MANDIR=/usr/share/man install

安装l7-filter协议文件：
cd /usr/local/src/l7-protocols-2005-09-12
make install
[root@ns grub]# vi grub.conf
# grub.conf generated by anaconda
#
# Note that you do not have to rerun grub after making changes to this file
# NOTICE:  You have a /boot partition.  This means that
#          all kernel and initrd paths are relative to /boot/, eg.
#          root (hd0,0)
#          kernel /vmlinuz-version ro root=/dev/hda2
#          initrd /initrd-version.img
#boot=/dev/hda
default=0
timeout=5
splashimage=(hd0,0)/grub/splash.xpm.gz
hiddenmenu
title Red Hat AS By RickyFang  (2.6.13)
        root (hd0,0)
        kernel /vmlinuz-2.6.13 ro root=LABEL=/ rhgb quiet
        initrd /initrd-2.6.13.img
上面的做完，并不能实现新内核的应用，以及IPTABLES子系统IPP2P的应用，所参考的文中原作者并没有改变GRUB的设置，故而造成了，实验并不成功，后来，我改动了GRUB.CONF，并重启系统，重新进入编译好的2.6.13的内核，成功实现IPTABLES命令的应用！！！


本文来自ChinaUnix博客，如果查看原文请点：http://blog.chinaunix.net/u/31162/showart_250255.html