碼上歡樂
相關內容    簡體    繁體

折騰nftables的那點事兒 (一)

本文轉載自   查看原文   2016-06-29 14:25   6420 

  最近因為一個項目,要折騰一下linux下的iptables。好久沒有用這個東西了,感覺也不會有啥問題,所以連想都沒想就開始弄。開啟內核選項,交叉編譯iptables,移植運行后才發現。我靠~不支持了,需要用新的nftables。奶奶的,我老了,被時代所淘汰了。nfatbles是個啥,就是取代iptables的。好吧,那就弄吧,弄起來才知道,麻煩啊,尤其是移植到arm板子上。

主要涉及到以下幾個方面:

  • 交叉編譯工具
  • 內核netfilter配置
  • 所需的組件交叉編譯(flex、bsion、libmnl、libnftnl、gmp、readline)
  • nftables交叉編譯
  • nftables基本使用

(一) 交叉編譯工具: 我使用的系統是ubuntu16.04 x32, 我將交叉編譯工具安裝在/opt下,具體版本如下

因為我使用的是zsh,所以我將環境變量添加到了~/.zshrc下

1 export PATH=/opt/toolchain/bin:$PATH

 

(二)先折騰內核,開啟內核netfilter選項如圖,按以下步驟執行

下面開始進入netfilter的配置選項,這里可以根據具體的需求開始相應的配置,這里我為了測試nftables,將開始所有的選項

開始選項有兩種方式:一種是[*] ,另一種是[M]。前者是內核運行起來以后自動包含了netfilter的模塊功能。后者是以*.ko的方式存在,在需要的時候

使用insmod *.ko的方式啟用,ko文件是有依賴關系的,在加載ko文件的時候需要提供modules.dep文件,如下圖

 modules.dep文件內容如下

好了,接下來我是按照[*]的方式加載模塊的,為了驗證nftables的各種功能,我開啟了所有模塊,下圖是主要配置項,

紅色方塊內部的選項根據需求開啟。

 

如上配置也可以直接修改內核源碼路徑下的.config文件,設置方法如下

CONFIG_NETFILTER=y
CONFIG_NETFILTER_DEBUG=y
CONFIG_NETFILTER_ADVANCED=y

#
# Core Netfilter Configuration
#
CONFIG_NETFILTER_NETLINK=y
CONFIG_NETFILTER_NETLINK_ACCT=y
CONFIG_NETFILTER_NETLINK_QUEUE=y
CONFIG_NETFILTER_NETLINK_LOG=y
CONFIG_NF_CONNTRACK=y
CONFIG_NF_CONNTRACK_MARK=y
CONFIG_NF_CONNTRACK_PROCFS=y
CONFIG_NF_CONNTRACK_EVENTS=y
CONFIG_NF_CONNTRACK_TIMEOUT=y
CONFIG_NF_CONNTRACK_TIMESTAMP=y
CONFIG_NF_CONNTRACK_LABELS=y
CONFIG_NF_CT_PROTO_DCCP=y
CONFIG_NF_CT_PROTO_GRE=y
CONFIG_NF_CT_PROTO_SCTP=y
CONFIG_NF_CT_PROTO_UDPLITE=y
CONFIG_NF_CONNTRACK_AMANDA=y
CONFIG_NF_CONNTRACK_FTP=y
CONFIG_NF_CONNTRACK_H323=y
CONFIG_NF_CONNTRACK_IRC=y
CONFIG_NF_CONNTRACK_BROADCAST=y
CONFIG_NF_CONNTRACK_NETBIOS_NS=y
CONFIG_NF_CONNTRACK_SNMP=y
CONFIG_NF_CONNTRACK_PPTP=y
CONFIG_NF_CONNTRACK_SANE=y
CONFIG_NF_CONNTRACK_SIP=y
CONFIG_NF_CONNTRACK_TFTP=y
CONFIG_NF_CT_NETLINK=y
CONFIG_NF_CT_NETLINK_TIMEOUT=y
CONFIG_NF_CT_NETLINK_HELPER=y
CONFIG_NETFILTER_NETLINK_QUEUE_CT=y
CONFIG_NF_NAT=y
CONFIG_NF_NAT_NEEDED=y
CONFIG_NF_NAT_PROTO_DCCP=y
CONFIG_NF_NAT_PROTO_UDPLITE=y
CONFIG_NF_NAT_PROTO_SCTP=y
CONFIG_NF_NAT_AMANDA=y
CONFIG_NF_NAT_FTP=y
CONFIG_NF_NAT_IRC=y
CONFIG_NF_NAT_SIP=y
CONFIG_NF_NAT_TFTP=y
CONFIG_NETFILTER_SYNPROXY=y
CONFIG_NF_TABLES=y
CONFIG_NF_TABLES_INET=y
CONFIG_NFT_EXTHDR=y
CONFIG_NFT_META=y
CONFIG_NFT_CT=y
CONFIG_NFT_RBTREE=y
CONFIG_NFT_HASH=y
CONFIG_NFT_COUNTER=y
CONFIG_NFT_LOG=y
CONFIG_NFT_LIMIT=y
# CONFIG_NFT_NAT is not set
CONFIG_NFT_QUEUE=m
CONFIG_NFT_REJECT=y
CONFIG_NFT_REJECT_INET=y
CONFIG_NFT_COMPAT=y
CONFIG_NETFILTER_XTABLES=y

#
# Xtables combined modules
#
CONFIG_NETFILTER_XT_MARK=y
CONFIG_NETFILTER_XT_CONNMARK=y
# CONFIG_NETFILTER_XT_SET is not set

#
# Xtables targets
#
# CONFIG_NETFILTER_XT_TARGET_CHECKSUM is not set
CONFIG_NETFILTER_XT_TARGET_CLASSIFY=y
CONFIG_NETFILTER_XT_TARGET_CONNMARK=y
# CONFIG_NETFILTER_XT_TARGET_CT is not set
# CONFIG_NETFILTER_XT_TARGET_DSCP is not set
CONFIG_NETFILTER_XT_TARGET_HL=y
CONFIG_NETFILTER_XT_TARGET_HMARK=y
CONFIG_NETFILTER_XT_TARGET_IDLETIMER=y
CONFIG_NETFILTER_XT_TARGET_LED=y
CONFIG_NETFILTER_XT_TARGET_LOG=y
CONFIG_NETFILTER_XT_TARGET_MARK=y
CONFIG_NETFILTER_XT_TARGET_NETMAP=y
CONFIG_NETFILTER_XT_TARGET_NFLOG=y
CONFIG_NETFILTER_XT_TARGET_NFQUEUE=y
# CONFIG_NETFILTER_XT_TARGET_NOTRACK is not set
CONFIG_NETFILTER_XT_TARGET_RATEEST=y
CONFIG_NETFILTER_XT_TARGET_REDIRECT=y
CONFIG_NETFILTER_XT_TARGET_TEE=y
# CONFIG_NETFILTER_XT_TARGET_TPROXY is not set
# CONFIG_NETFILTER_XT_TARGET_TRACE is not set
CONFIG_NETFILTER_XT_TARGET_TCPMSS=y
# CONFIG_NETFILTER_XT_TARGET_TCPOPTSTRIP is not set

#
# Xtables matches
#
CONFIG_NETFILTER_XT_MATCH_ADDRTYPE=y
CONFIG_NETFILTER_XT_MATCH_BPF=y
CONFIG_NETFILTER_XT_MATCH_CGROUP=y
CONFIG_NETFILTER_XT_MATCH_CLUSTER=y
CONFIG_NETFILTER_XT_MATCH_COMMENT=y
CONFIG_NETFILTER_XT_MATCH_CONNBYTES=y
CONFIG_NETFILTER_XT_MATCH_CONNLABEL=y
CONFIG_NETFILTER_XT_MATCH_CONNLIMIT=y
CONFIG_NETFILTER_XT_MATCH_CONNMARK=y
CONFIG_NETFILTER_XT_MATCH_CONNTRACK=y
CONFIG_NETFILTER_XT_MATCH_CPU=y
CONFIG_NETFILTER_XT_MATCH_DCCP=y
CONFIG_NETFILTER_XT_MATCH_DEVGROUP=y
CONFIG_NETFILTER_XT_MATCH_DSCP=y
CONFIG_NETFILTER_XT_MATCH_ECN=y
CONFIG_NETFILTER_XT_MATCH_ESP=y
CONFIG_NETFILTER_XT_MATCH_HASHLIMIT=y
CONFIG_NETFILTER_XT_MATCH_HELPER=y
CONFIG_NETFILTER_XT_MATCH_HL=y
CONFIG_NETFILTER_XT_MATCH_IPCOMP=y
CONFIG_NETFILTER_XT_MATCH_IPRANGE=y
CONFIG_NETFILTER_XT_MATCH_L2TP=y
CONFIG_NETFILTER_XT_MATCH_LENGTH=y
CONFIG_NETFILTER_XT_MATCH_LIMIT=y
CONFIG_NETFILTER_XT_MATCH_MAC=y
CONFIG_NETFILTER_XT_MATCH_MARK=y
CONFIG_NETFILTER_XT_MATCH_MULTIPORT=y
CONFIG_NETFILTER_XT_MATCH_NFACCT=y
CONFIG_NETFILTER_XT_MATCH_OSF=y
CONFIG_NETFILTER_XT_MATCH_OWNER=y
CONFIG_NETFILTER_XT_MATCH_POLICY=y
CONFIG_NETFILTER_XT_MATCH_PKTTYPE=y
CONFIG_NETFILTER_XT_MATCH_QUOTA=y
CONFIG_NETFILTER_XT_MATCH_RATEEST=y
CONFIG_NETFILTER_XT_MATCH_REALM=y
CONFIG_NETFILTER_XT_MATCH_RECENT=y
CONFIG_NETFILTER_XT_MATCH_SCTP=y
CONFIG_NETFILTER_XT_MATCH_SOCKET=y
CONFIG_NETFILTER_XT_MATCH_STATE=y
CONFIG_NETFILTER_XT_MATCH_STATISTIC=y
CONFIG_NETFILTER_XT_MATCH_STRING=y
CONFIG_NETFILTER_XT_MATCH_TCPMSS=y
CONFIG_NETFILTER_XT_MATCH_TIME=y
CONFIG_NETFILTER_XT_MATCH_U32=y
CONFIG_IP_SET=y
CONFIG_IP_SET_MAX=256
CONFIG_IP_SET_BITMAP_IP=y
CONFIG_IP_SET_BITMAP_IPMAC=y
CONFIG_IP_SET_BITMAP_PORT=y
CONFIG_IP_SET_HASH_IP=y
CONFIG_IP_SET_HASH_IPPORT=y
CONFIG_IP_SET_HASH_IPPORTIP=y
CONFIG_IP_SET_HASH_IPPORTNET=y
CONFIG_IP_SET_HASH_NETPORTNET=y
CONFIG_IP_SET_HASH_NET=y
CONFIG_IP_SET_HASH_NETNET=y
CONFIG_IP_SET_HASH_NETPORT=y
CONFIG_IP_SET_HASH_NETIFACE=y
CONFIG_IP_SET_LIST_SET=y
# CONFIG_IP_VS is not set

#
# IP: Netfilter Configuration
#
CONFIG_NF_DEFRAG_IPV4=y
CONFIG_NF_CONNTRACK_IPV4=y
CONFIG_NF_CONNTRACK_PROC_COMPAT=y
CONFIG_NF_TABLES_IPV4=y
CONFIG_NFT_CHAIN_ROUTE_IPV4=y
CONFIG_NFT_REJECT_IPV4=y
CONFIG_NF_TABLES_ARP=y
CONFIG_IP_NF_IPTABLES=y
CONFIG_IP_NF_MATCH_AH=y
CONFIG_IP_NF_MATCH_ECN=y
CONFIG_IP_NF_MATCH_RPFILTER=y
CONFIG_IP_NF_MATCH_TTL=y
CONFIG_IP_NF_FILTER=y
CONFIG_IP_NF_TARGET_REJECT=y
CONFIG_IP_NF_TARGET_SYNPROXY=y
CONFIG_IP_NF_TARGET_ULOG=y
CONFIG_NF_NAT_IPV4=y
CONFIG_IP_NF_TARGET_MASQUERADE=y
CONFIG_IP_NF_TARGET_NETMAP=y
CONFIG_IP_NF_TARGET_REDIRECT=y
CONFIG_NF_NAT_SNMP_BASIC=y
CONFIG_NF_NAT_PROTO_GRE=y
CONFIG_NF_NAT_PPTP=y
CONFIG_NF_NAT_H323=y
CONFIG_IP_NF_MANGLE=y
CONFIG_IP_NF_TARGET_CLUSTERIP=y
CONFIG_IP_NF_TARGET_ECN=y
CONFIG_IP_NF_TARGET_TTL=y
CONFIG_IP_NF_RAW=y
CONFIG_IP_NF_ARPTABLES=y
CONFIG_IP_NF_ARPFILTER=y
CONFIG_IP_NF_ARP_MANGLE=y

#
# IPv6: Netfilter Configuration
#
CONFIG_NF_DEFRAG_IPV6=y
CONFIG_NF_CONNTRACK_IPV6=y
CONFIG_NF_TABLES_IPV6=y
CONFIG_NFT_CHAIN_ROUTE_IPV6=y
CONFIG_NFT_REJECT_IPV6=y
CONFIG_IP6_NF_IPTABLES=y
CONFIG_IP6_NF_MATCH_AH=y
CONFIG_IP6_NF_MATCH_EUI64=y
CONFIG_IP6_NF_MATCH_FRAG=y
CONFIG_IP6_NF_MATCH_OPTS=y
CONFIG_IP6_NF_MATCH_HL=y
CONFIG_IP6_NF_MATCH_IPV6HEADER=y
CONFIG_IP6_NF_MATCH_MH=y
# CONFIG_IP6_NF_MATCH_RPFILTER is not set
CONFIG_IP6_NF_MATCH_RT=y
CONFIG_IP6_NF_TARGET_HL=y
CONFIG_IP6_NF_FILTER=y
CONFIG_IP6_NF_TARGET_REJECT=y
CONFIG_IP6_NF_TARGET_SYNPROXY=y
CONFIG_IP6_NF_MANGLE=y
CONFIG_IP6_NF_RAW=y
CONFIG_NF_NAT_IPV6=y
CONFIG_IP6_NF_TARGET_MASQUERADE=y
CONFIG_IP6_NF_TARGET_NPT=y
CONFIG_NF_TABLES_BRIDGE=y

以上配置完畢后,netfilter就設置完畢了,重新編譯內核,生成zImage,燒寫到開發板上。 

 

(三) 交叉編譯必須的組件:nftables的正常運行需要以下組件,下面每個程序編譯完畢后需要將安裝路徑里面生成的內容添加到交叉編譯工具鏈中,這樣依賴它的程序才能找到相應的頭文件和庫文件

  • 交叉編譯flex-2.5.38:需要修改conf.in文件,否則提示找不到malloc和realloc兩個函數
sed -i 's/#undef malloc//g' conf.in
sed -i 's/#undef realloc//g' conf.in
./configure --host=arm-linux-gnueabihf CC=arm-linux-gnueabihf-gcc --with-gnu-ld --prefix=安裝路徑
make -j6
make install
  • 交叉編譯bison-3.0.4
1  ./configure --host=arm-linux-gnueabihf CC=arm-linux-gnueabihf-gcc --with-gnu-ld --prefix=$root_release_path
2 make -j6
3 make install
  • 交叉編譯gmp-6.1.1
1 ./configure --host=arm-linux-gnueabihf CC=arm-linux-gnueabihf-gcc --with-gnu-ld --prefix=$root_release_path
2 make -j6
3 make install
  • 交叉編譯libmnl-1.0.3
1 ./configure --host=arm-linux-gnueabihf CC=arm-linux-gnueabihf-gcc --with-gnu-ld --prefix=$root_release_path
2 make -j6 3 make install
  • 交叉編譯libnftnl-1.0.6
1 LIBMNL_CFLAGS="-I/opt/toolchain/arm-linux-gnueabihf/include/libmnl/" LIBMNL_LIBS="-L/opt/toolchain/arm-linux-gnueabihf/lib -lmnl" ./configure --host=arm-linux-gnueabihf CC=arm-linux-gnueabihf-gcc --with-gnu-ld --prefix=$root_release_path 
2 make -j6 3 make install
  • 交叉編譯readline-6.3
1 ./configure --host=arm-linux-gnueabihf CC=arm-linux-gnueabihf-gcc         --prefix=$root_release_path
2 make -j6 3 make install

 

(四)交叉編譯nftables-0.6

    LIBMNL_CFLAGS="-I/opt/toolchain/arm-linux-gnueabihf/include/libmnl/" \ LIBMNL_LIBS="-L/opt/toolchain/arm-linux-gnueabihf/lib -lmnl" \ LIBNFTNL_CFLAGS="-I/opt/toolchain/arm-linux-gnueabihf/include/libnftnl/" \ LIBNFTNL_LIBS="-L/opt/toolchain/arm-linux-gnueabihf/lib -lnftnl" \ ./configure --host=arm-linux-gnueabihf CC=arm-linux-gnueabihf-gcc --without-cli \ --prefix=$root_release_path

交叉編譯玩nftables之后,請將上面的交叉編譯的組件和nftables文件移植到到開發板上,越久是$root_release_path路徑的所有文件按照系統目錄結構拷貝上去,

千萬記得,內核是你重新編譯過的內核。

下面我提供一個編譯腳本,根據自己的情況可以修改,這里支持安裝必要的開發包、交叉編譯部分源碼包

  1 #!/bin/bash  2 
 3 #  author : nanye    2016/06/28
 4 #  compile these source pacakge under ubunt 16.04 x32  5 #  please make sure that your system is connected to internet  6 #  7 
 8 root_path=$PWD  9 root_tar_path=$root_path'/src'
 10 root_release_path=$root_path'/release'
 11 root_build_path=$root_path'/build'
 12 crosstool_path=`which arm-linux-gnueabihf-g++`  13 compile_args=$1
 14 
 15 # help information  16 if [ "$compile_args" = "-h" ]  17 then
 18     echo "./compile [openssl | snmp | iptables | sqlite | pam | orderd | zhttpd
 19                      flex | bison | gmp | libmnl | libnftnl | readline | nftables]"  20     echo " no args for compiling all package"
 21  exit  22 fi
 23 
 24 # need to compile source module  25 module_name=(  26 [1]=openssl-1.0.2h  27 [2]=net-snmp-5.7.2
 28 [3]=iptables-1.4.18
 29 [4]=sqlite  30 [5]=Linux-PAM-1.3.0
 31 [6]=orderd  32 [7]=zhttpd  33 [8]=flex-2.5.38
 34 [9]=bison-3.0.4
 35 [10]=gmp-6.1.1
 36 [11]=libmnl-1.0.3
 37 [12]=libnftnl-1.0.6
 38 [13]=readline-6.3
 39 [14]=nftables-0.6
 40 )  41 
 42 # install package  43 package_name=(  44 [1]=g++
 45 [2]=build-essential  46 [3]=texlive  47 [4]=gettext  48 [5]=m4  49 [6]=help2man  50 [7]=indent  51 [8]=autopoint  52 [9]=makeinfo  53 [10]=odblatex  54 [11]=docbook2x  55 [12]=flex  56 [13]=bison  57 [14]=automake  58 [15]=autoconf  59 )  60 for var in ${package_name[@]};  61 do
 62     echo -e "\e[0;32;1m[info] : install $var\e[0m"
 63     sudo apt-get install $var  64 done
 65 
 66 
 67 # check crosstool exist  68 if [ "$crosstool_path" = "" ]  69 then
 70     echo -e "\e[0;31;1m[erro] : have no crosstool in /opt/toolchain\e[0m"
 71  exit  72 fi
 73 
 74 # create release dirrent  75 if [ ! -d $root_release_path ]  76 then
 77     echo -e "\e[0;32;1m[info] : create release success\e[0m"
 78     mkdir $PWD'/release'
 79 fi
 80 
 81 # create build dirrent  82 if [ ! -d $root_build_path ]  83 then
 84     echo -e "\e[0;32;1m[info] : create build success\e[0m"
 85     mkdir $PWD'/build'
 86 fi
 87 
 88 # compile openssl  89 if [ "$compile_args" = "" ] || [ "$compile_args" = "openssl" ]  90 then
 91  cd $root_build_path  92     echo -e "\e[0;32;1m[info] : tar xf ${module_name[1]}.tar.gz to build\e[0m"
 93     tar xf $root_tar_path'/'${module_name[1]}.tar.gz  94     cd $root_build_path'/'${module_name[1]}  95     /bin/bash config shared no-asm --prefix=$root_release_path  96     sed -i 's/PLATFORM=linux-elf/PLATFORM=linux-elf-arm/g' Makefile  97     sed -i 's/CC= gcc/CC= arm-linux-gnueabihf-gcc/g' Makefile  98     sed -i 's/AR= ar/AR= arm-linux-gnueabihf-ar/g' Makefile  99     sed -i 's/RANLIB= /usr/bin/ranlib/RANLIB= arm-linux-gnueabihf-ranlib/g' Makefile 100     sed -i 's/NM= nm/NM= arm-linux-gnueabihf-nm/g' Makefile 101     sed -i 's/MAKEDEPPROG= gcc/MAKEDEPPROG= arm-linux-gnueabihf-gcc/g' Makefile 102     make -j4 103     make install
104 fi
105 
106 # compile net-snmp 107 if [ "$compile_args" = "" ] || [ "$compile_args" = "snmp" ] 108 then
109  cd $root_build_path 110     echo -e "\e[0;32;1m[info] : tar xf ${module_name[2]}.tar.gz to build\e[0m"
111     tar xf $root_tar_path'/'${module_name[2]}.tar.gz 112     cd $root_build_path'/'${module_name[2]} 113     CC=arm-linux-gnueabihf-gcc ./configure --build=i686-linux \ 114         --host=arm-linux --disable-manuals --enable-mfd-rewrites \ 115         --enable-shared=no --with-mib-modules='ucd-snmp/diskio ip-mib/ipv4InterfaceTable' \ 116         --with-cc=arm-linux-gnueabihf-gcc --with-ar=arm-linux-gnueabihf-ar \ 117         --prefix=$root_release_path 118     make -j4 119     make install
120 fi
121 
122 # compile iptables 123 if [ "$compile_args" = "" ] || [ "$compile_args" = "iptables" ] 124 then
125  cd $root_build_path 126     echo -e "\e[0;32;1m[info] : tar xf ${module_name[3]}.tar.gz to build\e[0m"
127     tar xf $root_tar_path'/'${module_name[3]}.tar.gz 128     cd $root_build_path'/'${module_name[3]} 129     ./configure --host=arm-linux-gnueabihf \ 130         --disable-static --enable-shared \ 131         --prefix=$root_release_path 132     make -j4 133     make install
134 fi
135 
136 # compile sqlite 137 if [ "$compile_args" = "" ] || [ "$compile_args" = "sqlite" ] 138 then
139  cd $root_build_path 140     echo -e "\e[0;32;1m[info] : tar xf ${module_name[4]}.tar.gz to build\e[0m"
141     tar xf $root_tar_path'/'${module_name[4]}.tar.gz 142     cd $root_build_path'/'${module_name[4]} 143     ./configure --disable-tcl --host=arm-linux-gnueabihf \ 144         --prefix=$root_release_path 145     make -j4 146     make install
147 fi
148 
149 # compile pam 150 if [ "$compile_args" = "" ] || [ "$compile_args" = "pam" ] 151 then
152  cd $root_build_path 153     echo -e "\e[0;32;1m[info] : tar xf ${module_name[5]}.tar.gz to build\e[0m"
154     tar xf $root_tar_path'/'${module_name[5]}.tar.gz 155     cd $root_build_path'/'${module_name[5]} 156     ./configure --host=arm-linux-gnueabihf --disable-static --enable-shared \ 157         --prefix=$root_release_path 158     make -j4 159     make install
160 fi
161 
162 # compile orderd 163 if [ "$compile_args" = "" ] || [ "$compile_args" = "orderd" ] 164 then
165     cp -r $root_tar_path/${module_name[6]} $root_build_path 166     cd $root_build_path/${module_name[6]}/src 167     make
168     if [ ! -d $root_release_path/sbin ] 169     then
170         mkdir $root_release_path/sbin 171     fi
172     cp orderd $root_release_path/sbin 173 fi
174 
175 # compile zhttpd 176 if [ "$compile_args" = "" ] || [ "$compile_args" = "zhttpd" ] 177 then
178     cp -r $root_tar_path/${module_name[7]} $root_build_path 179     cd $root_build_path/${module_name[7]} 180     make
181     if [ ! -d $root_release_path/sbin ] 182     then
183         mkdir $root_release_path/sbin 184     fi
185     cp zhttpd $root_release_path/sbin 186 fi
187 
188 # compile flex 189 if [ "$compile_args" = "" ] || [ "$compile_args" = "flex" ] 190 then
191  cd $root_build_path 192     echo -e "\e[0;32;1m[info] : tar xf ${module_name[8]}.tar.gz to build\e[0m"
193     tar xf $root_tar_path'/'${module_name[8]}.tar.gz 194     cd $root_build_path'/'${module_name[8]} 195     sed -i 's/#undef malloc//g' conf.in
196     sed -i 's/#undef realloc//g' conf.in
197     ./configure --host=arm-linux-gnueabihf CC=arm-linux-gnueabihf-gcc --with-gnu-ld \ 198         --prefix=$root_release_path 199     make -j6 200     make install
201 fi
202 
203 # compile bison 204 if [ "$compile_args" = "" ] || [ "$compile_args" = "bison" ] 205 then
206  cd $root_build_path 207     echo -e "\e[0;32;1m[info] : tar xf ${module_name[9]}.tar.gz to build\e[0m"
208     tar xf $root_tar_path'/'${module_name[9]}.tar.gz 209     cd $root_build_path'/'${module_name[9]} 210     ./configure --host=arm-linux-gnueabihf CC=arm-linux-gnueabihf-gcc --with-gnu-ld \ 211         --prefix=$root_release_path 212     make -j6 213     make install
214     cp $root_build_path/${module_name[9]}/lib/libbison.a  $root_release_path/lib 215 fi
216 
217 # compile gmp 218 if [ "$compile_args" = "" ] || [ "$compile_args" = "gmp" ] 219 then
220  cd $root_build_path 221     echo -e "\e[0;32;1m[info] : tar xf ${module_name[10]}.tar.gz to build\e[0m"
222     tar xf $root_tar_path'/'${module_name[10]}.tar.gz 223     cd $root_build_path'/'${module_name[10]} 224     ./configure --host=arm-linux-gnueabihf CC=arm-linux-gnueabihf-gcc --with-gnu-ld \ 225         --prefix=$root_release_path 226     make -j6 227     make install
228 fi
229 
230 # compile libmnl 231 if [ "$compile_args" = "" ] || [ "$compile_args" = "libmnl" ] 232 then
233  cd $root_build_path 234     echo -e "\e[0;32;1m[info] : tar xf ${module_name[11]}.tar.gz to build\e[0m"
235     tar xf $root_tar_path'/'${module_name[11]}.tar.bz2 236     cd $root_build_path'/'${module_name[11]} 237     ./configure --host=arm-linux-gnueabihf CC=arm-linux-gnueabihf-gcc --with-gnu-ld \ 238         --prefix=$root_release_path 239     make -j6 240     make install
241 fi
242 
243 
244 # compile libnftnl 245 if [ "$compile_args" = "" ] || [ "$compile_args" = "libnftnl" ] 246 then
247  cd $root_build_path 248     echo -e "\e[0;32;1m[info] : tar xf ${module_name[12]}.tar.gz to build\e[0m"
249     tar xf $root_tar_path'/'${module_name[12]}.tar.bz2 250     cd $root_build_path'/'${module_name[12]} 251     export LIBMNL_CFLAGS="-I/opt/toolchain/arm-linux-gnueabihf/include/libmnl/"
252     export LIBMNL_LIBS="-L/opt/toolchain/arm-linux-gnueabihf/lib -lmnl" 
253     ./configure --host=arm-linux-gnueabihf CC=arm-linux-gnueabihf-gcc --with-gnu-ld \ 254         --prefix=$root_release_path 255     make -j6 256     make install
257 fi
258 
259 # compile readline 260 if [ "$compile_args" = "" ] || [ "$compile_args" = "readline" ] 261 then
262  cd $root_build_path 263     echo -e "\e[0;32;1m[info] : tar xf ${module_name[13]}.tar.gz to build\e[0m"
264     tar xf $root_tar_path'/'${module_name[13]}.tar.gz 265     cd $root_build_path'/'${module_name[13]} 266     sed -i '6324s/yes/no/g' configure 267     ./configure --host=arm-linux-gnueabihf CC=arm-linux-gnueabihf-gcc \ 268         --prefix=$root_release_path 269     make -j6 270     make install
271 fi
272 
273 
274 # compile nftables 275 if [ "$compile_args" = "" ] || [ "$compile_args" = "nftables" ] 276 then
277  cd $root_build_path 278     echo -e "\e[0;32;1m[info] : tar xf ${module_name[14]}.tar.gz to build\e[0m"
279     tar xf $root_tar_path'/'${module_name[14]}.tar.bz2 280     cd $root_build_path'/'${module_name[14]} 281     LIBMNL_CFLAGS="-I/opt/toolchain/arm-linux-gnueabihf/include/libmnl/" \ 282         LIBMNL_LIBS="-L/opt/toolchain/arm-linux-gnueabihf/lib -lmnl" \ 283         LIBNFTNL_CFLAGS="-I/opt/toolchain/arm-linux-gnueabihf/include/libnftnl/" \ 284         LIBNFTNL_LIBS="-L/opt/toolchain/arm-linux-gnueabihf/lib -lnftnl" \ 285         ./configure --host=arm-linux-gnueabihf CC=arm-linux-gnueabihf-gcc --without-cli \ 286         --prefix=$root_release_path 287     make -j6 288     make install
289 fi
290 
291 
292 # strip bin file and delete unuseful files 293 arm-linux-gnueabihf-strip $root_release_path/bin/*
294 arm-linux-gnueabihf-strip $root_release_path/sbin/* 295 arm-linux-gnueabihf-strip $root_release_path/lib/*.a 296 arm-linux-gnueabihf-strip $root_release_path/lib/*.so.* 297 rm -rf $root_release_path/share/man 298 rm -rf $root_release_path/ssl/man

 


免責聲明!

本站轉載的文章為個人學習借鑒使用,本站對版權不負任何法律責任。如果侵犯了您的隱私權益,請聯系本站郵箱yoyou2525@163.com刪除。



猜您在找 最近的那點事兒 linux那點事兒(上) linux那點事兒(中) 關於CSRF的那點事兒 linux那點事兒(下) 研發游戲的那點事兒 互斥那點事兒(下) 關於跳槽那點事兒 面試那點事兒 推薦系統那點事兒
 
粵ICP備18138465號   © 2018-2025 CODEPRJ.COM