标签:iptables
编译fw_printenv工具:
make ARCH=arm CROSS_COMPILE=arm-hisiv300-linux- hi3521a_config
make ARCH=arm CROSS_COMPILE=arm-hisiv300-linux-
make ARCH=arm CROSS_COMPILE=arm-hisiv300-linux- env
编译会出现问题:只需进入u-boot目录
vi include/linux/types.h +154
//typedef u_int32_t uintmax_t;
//typedef int32_t intmax_t;
因为在arm-hisiv300-linux/target/usr/include/stdint.h 已经定已过了
2.安装fw_printenv工具
到/tools/env目录中,将编译好的fw_printenv拷贝到目标机的文件系统中,并通过"ln -s fw_printenv fw_setenv",创建一个fw_setenv到fw_printenv的软链。
注意可以用:
arm-hisiv300-linux-strip fw_printenv
来去掉相应的符号来减少空间的浪费
3.这个工具还需要一个配置文件,以获取uboot的ENV区域的位置信息。默认状态下,请将fw_env.config文件拷贝到目标机的文件系统的/etc目录下。然后结合uboot配置中定义的ENV区和Linux下mtd分区的情况修改配置文件。具体的修改方法见fw_env.config文件中的说明及/tools/env/README文件。
移植ppp相关:
1: 配置编译内核
在内核原代码主目录下make menuconfig内核加入了ppp,socket 等选项
Device Drivers -> Network device support -> <*> PPP (point-to-point protocol)中,选中所有ppp选项:
Device Drivers ->
Network Device Support->
<*> PPP (point-to-point protocol) support
[*] PPP multilink support
<*> PPP support for async serial ports
<*> PPP support for sync tty ports
<*> SLIP (serial line) support
[*] CSLIP compressed headers
Device Drivers -> Network device support -> <*> Universal TUN/TAP device driver support
退出,保存配置,重新执行make ARCH=arm CROSS_COMPILE=arm-hisiv300-linux- uImage .
将arch/arm/boot/下的uImage下载到开发板上重启系统。
我的内核设置为:
Device Drivers -> Network device support -> <*> PPP (point-to-point protocol)中,选中所有ppp选项:
Device Drivers ->
Network Device Support->
<M> PPP (point-to-point protocol) support
[*] PPP multilink support
<M> PPP support for async serial ports
<M> PPP support for sync tty ports
<M> SLIP (serial line) support
[*] CSLIP compressed headers
Device Drivers -> Network device support -> <M> Universal TUN/TAP device driver support
需要将未安装的模块使用insmod命令加载.ko。 也可以直接向上面那样,编译出具有这些功能的内核(推荐)
2、配置
进入ppp/ppp-2.4.5/
有两个目录etc.ppp scripts
2.1 修改源代码scripts目录下的ppp-on ppp-on-dialer ppp-off
之后复制到/etc/ppp目录下
并修改执行权限,chmod +x ppp-on ppp-off ppp-on-dialer
2.2 pppd提供认证信息时,可能协商使用PAP或者CHAP认证方式,所以需要修改源代码etc.ppp目录下的pap-secrets和chap-secrets,
在pap-secrets添加需要的用户名和密码
card * card *
在chap-secrets添加需要的用户名和口令
card * card *
之后将它们复制到/etc/ppp目录下
相应的maefile如下:
TOOLS_TOP_DIR ?= $(shell pwd)
TOOL_TAR_BALL := ppp-2.4.5.tar.gz
TOOL_NAME :=ppp-2.4.5
TOOL_BIN := bin
OSDRV_CROSS ?= arm-hisiv300-linux
OSDRV_CROSS_CFLAGS ?= -mcpu=cortex-a7 -mfloat-abi=softfp -mfpu=neon-vfpv4
subdir := pppd pppdump pppstats chat
all:
-rm $(TOOLS_TOP_DIR)/$(TOOL_NAME) -rf;
tar -xvf $(TOOL_TAR_BALL);
mkdir -p $(TOOLS_TOP_DIR)/$(TOOL_NAME)/$(TOOL_BIN)/;
mkdir -p $(TOOLS_TOP_DIR)/$(TOOL_BIN)/;
pushd $(TOOLS_TOP_DIR)/$(TOOL_NAME)/; \
./configure > /dev/null; \
make CC=arm-hisiv300-linux-gcc -j 20 > /dev/null; \
for d in $(subdir); do(arm-hisiv300-linux-strip $$d/$$d;cp $$d/$$d $(TOOLS_TOP_DIR)/$(TOOL_BIN) -rf); done
popd
.PHONY: clean
-pushd $(TOOLS_TOP_DIR)/$(TOOL_NAME)/ &&\
make -C $(TOOLS_TOP_DIR)/$(TOOL_NAME)/ clean && \
popd
.PHONY: distclean
distclean:
-rm $(TOOLS_TOP_DIR)/$(TOOL_NAME) -rf;
-rm $(TOOLS_TOP_DIR)/$(TOOL_BIN) -rf;
iptables的配置:
一、配置内核并编译,支持netfilter
cd linux-3.10.y
make ARCH=arm CROSS_COMPILE=arm-hisiv300-linux- menuconfig
[*] Networking support --->
Networking options --->
[*] Network packet filtering framework (Netfilter) --->
Core Netfilter Configuration --->(全部选上)
IP: Netfilter Configuration ---> (全部选上)
注意:这里的所有选项一定选为built-in [*],而不能选为Module [M],如果选为Module,重新烧制的系统内核里用modprobe ip_tables 命令将不能找到iptables模块。上一步还有一点要注意的是IP: Netfilter configuration中的FULL NAT选项一定要选中,否则将不能使用 iptables -t nat命令
makefile修改入下:
TOOLS_TOP_DIR ?= $(shell pwd)
TOOL_TAR_BALL := iptables-1.6.1.tar.bz2
TOOL_NAME :=iptables-1.6.1
TOOL_BIN := install
OSDRV_CROSS ?= arm-hisiv300-linux
OSDRV_CROSS_CFLAGS ?= -mcpu=cortex-a7 -mfloat-abi=softfp -mfpu=neon-vfpv4
all:
-rm $(TOOLS_TOP_DIR)/$(TOOL_NAME) -rf;
tar -xvf $(TOOL_TAR_BALL);
mkdir -p $(TOOLS_TOP_DIR)/$(TOOL_BIN)/;
pushd $(TOOLS_TOP_DIR)/$(TOOL_NAME)/; \
./configure --host=$(OSDRV_CROSS) --prefix=$(TOOLS_TOP_DIR)/$(TOOL_BIN) \
--enable-static --disable-shared --disable-ipv6 --disable-nftables \
--disable-largefile > /dev/null; \
make -j 20 > /dev/null; \
make install > /dev/null; \
arm-hisiv300-linux-strip $(TOOLS_TOP_DIR)/$(TOOL_BIN)/sbin/xtables-multi
rm -rf $(TOOLS_TOP_DIR)/$(TOOL_BIN)/sbin/iptables*
mv $(TOOLS_TOP_DIR)/$(TOOL_BIN)/sbin/xtables-multi $(TOOLS_TOP_DIR)/$(TOOL_BIN)/sbin/iptables
popd
.PHONY: clean
clean:
-pushd $(TOOLS_TOP_DIR)/$(TOOL_NAME)/ &&\
make -C $(TOOLS_TOP_DIR)/$(TOOL_NAME)/ clean && \
popd
.PHONY: distclean
distclean:
-rm $(TOOLS_TOP_DIR)/$(TOOL_NAME) -rf;
-rm $(TOOLS_TOP_DIR)/$(TOOL_BIN) -rf;
移植e2fsprogs相关
TOOLS_TOP_DIR ?= $(shell pwd)
TOOL_TAR_BALL := e2fsprogs-1.41.11.tar.gz
TOOL_NAME := e2fsprogs-1.41.11
TOOL_BIN := bin
OSDRV_CROSS ?= arm-hisiv300-linux
OSDRV_CROSS_CFLAGS ?= -mcpu=cortex-a7 -mfloat-abi=softfp -mfpu=neon-vfpv4
all:
-rm $(TOOLS_TOP_DIR)/$(TOOL_NAME) -rf;
tar -xzf $(TOOL_TAR_BALL);
mkdir -p $(TOOLS_TOP_DIR)/$(TOOL_NAME)/$(TOOL_BIN)/;
mkdir -p $(TOOLS_TOP_DIR)/$(TOOL_BIN)/;
pushd $(TOOLS_TOP_DIR)/$(TOOL_NAME)/; \
./configure --host=$(OSDRV_CROSS) CFLAGS="$(OSDRV_CROSS_CFLAGS)" \
LDFLAGS="$(OSDRV_CROSS_CFLAGS)" --prefix=$(TOOLS_TOP_DIR)/$(TOOL_NAME)/$(TOOL_BIN) \
--disable-tls > /dev/null; \
make -j 20 > /dev/null; \
make install > /dev/null; \
cp $(TOOL_BIN)/sbin/mkfs.ext2 $(TOOLS_TOP_DIR)/$(TOOL_BIN) -rf; \
cp $(TOOL_BIN)/sbin/mkfs.ext3 $(TOOLS_TOP_DIR)/$(TOOL_BIN) -rf; \
cp $(TOOL_BIN)/sbin/mkfs.ext4 $(TOOLS_TOP_DIR)/$(TOOL_BIN) -rf; \
cp $(TOOL_BIN)/sbin/mke2fs $(TOOLS_TOP_DIR)/$(TOOL_BIN) -rf; \
popd
.PHONY: clean
-pushd $(TOOLS_TOP_DIR)/$(TOOL_NAME)/ &&\
make -C $(TOOLS_TOP_DIR)/$(TOOL_NAME)/ clean && \
popd
.PHONY: distclean
distclean:
-rm $(TOOLS_TOP_DIR)/$(TOOL_NAME) -rf;
-rm $(TOOLS_TOP_DIR)/$(TOOL_BIN) -rf;
顶层makefile如下:
subdir:=ppp iptables e2fsprogs udev reg-tools bftpd
TOP_DIR:=$(shell pwd)
TOP_BIN:=bin
TOP_ETC:=etc
all:
mkdir -p $(TOP_DIR)/$(TOP_BIN)
mkdir -p $(TOP_DIR)/$(TOP_ETC)
for d in $(subdir); do (make -C $$d); done
cp creat_softlink.sh $(TOP_DIR)/$(TOP_BIN) && chmod a+x $(TOP_DIR)/$(TOP_BIN)/creat_softlink.sh
for d in $(subdir); do (cp $$d/$(TOP_BIN)/* $(TOP_DIR)/$(TOP_BIN) -rf); done
for d in $(subdir); do (cp $$d/$(TOP_ETC)/* $(TOP_DIR)/$(TOP_ETC) -rf); done
.PHONY:clean distclean
clean:
for d in $(subdir); do (make clean -C $$d); done
distclean:
-rm $(shell pwd)/bin -rf;
-rm $(shell pwd)/etc -rf;
for d in $(subdir); do (make distclean -C $$d); done
标签:iptables
原文地址:http://blog.51cto.com/13375232/2054059
