[[linux:iptables:l7patch]]
Trace: l7patch
Show pagesource
AdminRecent ChangesSitemap

This is an old revision of the document!

Playing with netfiltering-l7 and ipp2p under Debian (Sarge)

Problem: Debian + patched kernel as debian package + patched iptables with latest netfilter-l7 and ipp2p patches.

need some more restyling

Get the source!

apt-get source iptables (take it from debian-packports 1.3.3x)

get ipp2p source get netfilter-l7 source

untar iptables source from upstream and patch it with netfilter-l7-iptables patch. Create a .tgz and put it back at the same location.

untar patch-o-matic stuff .. put ipp2p stuff there ..

.. more to come

Another way to do it

FIXME Need some styling

I downloaded the source package for iptables v1.3.5 and copied the source in '/usr/src/iptables-1.3.5.0debian1. Install the iptables-dev package (although I think it's not necessary if you install the iptables source package). You'll need the kernel-headers package too. I sent you my Makefile. With this setup you just need to do make in the directory where the sources are. If you succeed, you will find a dynamic library libipt_ipp2p.so, which you'll have to copy to /lib/iptables/ and a kernel module called ipt_ipp2p.ko (supposing you have a 2.6.x kernel in your system). Copy ipt_ipp2p.ko in '/lib/modules/<your_kernel_version>/kernel/net/ipv4/netfilter/ipt_ipp2p.ko and type depmod -a.

Try loading the module with modprobe ipt_ipp2p. If everything is OK try the following command: 

 iptables -m ipp2p --help

You should see some info about the usage of this module.

Thanks to Abel Martín at debian-firewall mailinglist.

Yet another way to do it ..

1) Download:
 * iptables-dev (apt-get)
 * kernel-headers-2.x.x (your kernel, "uname -r")
 * src of your iptables (iptables -V and apt-get source)
 * ipp2p-0.8.0.tar.gz (stable)
 2) untar ipp2p and cd ipp2p
 3) Edit Makefile, if it's necesary:
 * IPTABLES_SRC = /usr/src/iptables
 * In my case, the headers are detected automaticaly.
 4) make (WITHOUT ERRORS!!! ;) )
 5) cp libipt_ipp2p.so /lib/iptables
 6) cp ipt_ipp2p.ko /lib/modules/`uname -r`/kernel/net/ipv4/netfilter
 7) depmod -A
 8) insmod ipt_ipp2p.ko (or modprobe)
 9) lsmod | grep ipp2p
10) iptables -m ipp2p --help
 root@servidor:/usr/src/ipp2p-0.8.0# make
 make -C /lib/modules/2.6.15-28-386/build SUBDIRS=/usr/src/ipp2p-0.8.0 
 modules
 make[1]: se ingresa al directorio `/usr/src/linux-headers-2.6.15-28-386'
   CC [M]  /usr/src/ipp2p-0.8.0/ipt_ipp2p.o
   Building modules, stage 2.
   MODPOST
   CC      /usr/src/ipp2p-0.8.0/ipt_ipp2p.mod.o
   LD [M]  /usr/src/ipp2p-0.8.0/ipt_ipp2p.ko
   make[1]: se sale del directorio `/usr/src/linux-headers-2.6.15-28-386'
  gcc -O3 -Wall -DIPTABLES_VERSION=\"\" -I/usr/src/iptables-1.3.3/include 
 -fPIC -c  libipt_ipp2p.c
 ld -shared -o libipt_ipp2p.so libipt_ipp2p.o
linux/iptables/l7patch.1175422545.txt.gz · Last modified: 2009/05/25 00:34 (external edit)
Show pagesourceOld revisions
Media ManagerBack to top
CC Attribution-Share Alike 4.0 International
Driven by DokuWiki Recent changes RSS feed Valid CSS Valid XHTML 1.0 ipv6 ready