参考贴子:
硬件:PD820-CPU
版本:centos4.4+iptables1.3.8+netfilter-l7-2007-07-11+patch-o-matic-ng20050918
redhatAS4和CENTOS4.4自带内核不能使用,需下载kernel-版本号.src.rpm包.(F7也曾试过,似乎也是此问题)
1. 安装 kernel源代码
# rpm --import /usr/share/rhn/RPM-GPG-KEY
# up2date redhat-rpm-config rpm-build
# up2date --get-source kernel
# useradd buildcentos
# rpm -ivh /var/spool/up2date/kernel*.src.rpm
# cd /usr/src/redhat/SPECS
# rpmbuild -bp --target=i686 kernel-2.6.spec
# cp -a /usr/src/redhat/BUILD/kernel-2.6.9/linux-2.6.9 /usr/src
2. 初始化内核
cd /usrs/src/linux-2.6.9
uname –a
vi Makefile 改EXTRAVERSION =-49.ELsmp(保持跟uname -a 的版本一致)
# make mrproper
# make menuconfig 直接退出。(为了生成.config)
cd /usr/src/patch-o-matic-ng-20050918(2006年以后的版本,time模块打不进去?!)
KERNEL_DIR=/usr/src/linux-2.6.9 IPTABLES_DIR=/usr/src/iptables-1.3.8 ./runme time
ipp2p等
tar -xzvf l7-protocols-2007-07-11
mv l7-protocols-2007-07-11 /etc/l7-protocols
cd /usr/src/linux-2.6.9
patch –p1
kernel-2.6.9-2.6.10-layer7-1.2.patch
cd /data/iptables-1.3.8
patch –p1
chmod +x extensions/.layer7-test
4. 选中你增加的模块
cd /usr/src/linux-2.6.9 make menuconfig
5.编译netfilter模块
cd /usr/src/linux-2.6.9
make modules_prepare
make M=net/ipv4/netfilter
编译完成netfilter的模块后拷贝编译完成的模块
cp -f /usr/src/linux/net/ipv4/netfilter/*.ko /lib/modules/2.6.5-1.358/kernel/net/ipv4/netfilter/
chmod +x chmod +x /lib/modules/2.6.9-42.ELsmp/kernel/net/ipv4/netfilter/*.ko
depmod –a
6.编译iptables
vi /usr/src/linux-2.6.9/include/linux/config.h把下面的三行注释掉
//#ifndef __KERNEL__
//#error including kernel header in userspace; use the glibc headers instead!
//#endif
cd /data/iptables-1.3.8
export KERNEL_DIR=/usr/src/linux-2.6.9 IPTABLES_DIR=/usr/src/iptables-1.3.8
make BINDIR=/sbin LIBDIR=/lib MANDIR=/usr/share/man install
完成安装以后测试一下
# iptables -V
阅读(1544) | 评论(0) | 转发(0) |
