校花娇喘呻吟校长陈若雪视频 ,香港经典a毛片免费观看播放

論壇徽章:: 0

電梯直達(dá)

1樓 [收藏(0)] [報(bào)告]

發(fā)表于 2008-09-20 17:33 |只看該作者 |倒序?yàn)g覽

RHEL 5.2 kenel 2.6.18 iptable 添加模塊

好多朋友沒(méi)做出來(lái),我又試了一邊,沒(méi)問(wèn)題哦...
5樓增加了我這次做的過(guò)程.
另外說(shuō)明一下..安裝系統(tǒng)的時(shí)候選包,把開(kāi)發(fā)包,開(kāi)發(fā)工具選上,包的個(gè)數(shù)默認(rèn)就可以

1.內(nèi)核版本檢查
[root@seker SRPMS]# uname -a
Linux seker 2.6.18-92.el5 #1 SMP Tue Jun 10 18:49:47 EDT 2008 i686 i686 i386 GNU/Linux

RPM 源碼包下載要選擇和OS內(nèi)核一致的. 地址 http://rpmfind.net/linux/sourceforge/l/li/linux-ntfs/

2.下載對(duì)應(yīng)源碼包
[root@seker SRPMS]# ls
kernel-2.6.18-92.el5.src.rpm
[root@seker SRPMS]# pwd
/usr/src/redhat/SRPMS

3.解開(kāi)rpm源碼包
[root@seker SRPMS]# useradd mockbuild
[root@seker SRPMS]# rpm -ivh kernel-2.6.18-92.el5.src.rpm
1:kernel                ################ [100%]
[root@seker SRPMS]#
[root@seker SPECS]# pwd
/usr/src/redhat/SPECS
[root@seker SPECS]# ls
kernel-2.6.spec
[root@seker SPECS]# rpmbuild -bp --target=$(uname -m) ./kernel-2.6.spec
Building target platforms: i686
Building for target i686
.....
+ exit 0
[root@seker kernel-2.6.18]# pwd
/usr/src/redhat/BUILD/kernel-2.6.18
[root@seker kernel-2.6.18]# ls
config  Config.mk  linux-2.6.18.i686  vanilla  xen

4.將內(nèi)核源代碼cp到 /usr/src目錄
[root@seker kernel-2.6.18]#  cp -a linux-2.6.18.i686/ /usr/src/
[root@seker kernel-2.6.18]#  cd /usr/src/linux-2.6.18.i686

5.修改makefile頭與OS上的內(nèi)核相同
[root@seker linux-2.6.18.i686]# head -n4 Makefile
VERSION = 2
PATCHLEVEL = 6
SUBLEVEL = 18
EXTRAVERSION = -92.el5
[root@seker linux-2.6.18.i686]# uname -r
2.6.18-92.el5

6.下載各種軟件
[root@seker src]# wget http://ftp.netfilter.org/pub/pat ... ng-20080918.tar.bz2
[root@seker src]# wget ftp://ftp.netfilter.org/pub/iptables/iptables-1.3.8.tar.bz2
[root@seker src]# wget http://downloads.sourceforge.net ... s-2008-04-23.tar.gz
[root@seker src]# wget http://ie.archive.ubuntu.com/sou ... -layer7-v2.9.tar.gz

7.解壓軟件包
[root@seker src]# tar jxvf patch-o-matic-ng-20080918.tar.bz2
[root@seker src]# tar jxvf iptables-1.3.8.tar.bz2
[root@seker src]# tar zxvf l7-protocols-2008-04-23.tar.gz
[root@seker src]# tar zxvf ipp2p-0.99.15.tar.gz
[root@seker src]# tar zxvf netfilter-layer7-v2.9.tar.gz

8.設(shè)置環(huán)境變量.下載補(bǔ)丁
[root@seker patch-o-matic-ng-20080918]# export KERNEL_DIR=/usr/src/linux-2.6.18.i686/
[root@seker patch-o-matic-ng-20080918]# export IPTABLES_DIR=/usr/src/iptables-1.3.8/
[root@seker patch-o-matic-ng-20080918]# export KERNEL_SRC=/usr/src/linux-2.6.18.i686/
[root@seker patch-o-matic-ng-20080918]# export IPTABLES_SRC=/usr/src/iptables-1.3.8/
[root@seker patch-o-matic-ng-20080918]#
[root@seker patch-o-matic-ng-20080918]# ./runme --download
.....
Successfully downloaded external patch connlimit
Successfully downloaded external patch ipp2p
Successfully downloaded external patch time
Excellent! Source trees are ready for compilation.

自帶的IPP2P不要安裝..我們用最新的.到這里下載.
http://linux.chinaunix.net/bbs/thread-914377-1-2.html

[root@seker patch-o-matic-ng-20080918]# ./runme time
[root@seker patch-o-matic-ng-20080918]# ./runme connlimit

9.安裝l7
[root@seker linux-2.6.18.i686]# patch -p1 < /usr/src/netfilter-layer7-v2.9/kernel-2.6.18-2.6.19-layer7-2.9.patch
[root@seker iptables-1.3.8]# patch -p1 < /usr/src/netfilter-layer7-v2.9/iptables-layer7-2.9.patch
[root@seker iptables-1.3.8]# chmod +x extensions/.layer7-test

10.編輯內(nèi)核選上新添加的模塊
[root@seker linux-2.6.18.i686]# make menuconfig
  Networking  --->
Networking options  --->

Network packet filtering (replaces ipchains)  --->
IP: Netfilter Configuration  --->
      <M> Layer 7 match support (EXPERIMENTAL)
      <M> TIME match support
      <M> Connections/IP limit match support

[root@seker linux-2.6.18.i686]# make modules_prepare

11.備份原來(lái)的Makefile，里面包含了原始的編譯信息，直接編譯會(huì)無(wú)法通過(guò)
[root@seker linux-2.6.18.i686]# mv net/ipv4/netfilter/Makefile net/ipv4/netfilter/Makefile.bak
創(chuàng)建新的Makefile
[root@seker linux-2.6.18.i686]# vi net/ipv4/netfilter/Makefile

obj-m := ipt_connlimit.o
obj-m := ipt_time.o
obj-m := ipt_layer7.o

KDIR := /lib/modules/$(shell uname -r)/build
PWD := $(shell pwd)

default:
$(MAKE) -C $(KDIR) M=$(PWD) modules

然后編譯該模塊,如果不能一次全部編譯,每次在net/ipv4/netfilter/Makefile中只加一個(gè)模塊,一次次編

譯得出 ipt_*.ko文件.
[root@seker linux-2.6.18.i686]# make M=net/ipv4/netfilter/
LD    net/ipv4/netfilter/built-in.o
CC [M] net/ipv4/netfilter/ipt_connlimit.o
CC    net/ipv4/netfilter/ipt_connlimit.mod.o
LD [M] net/ipv4/netfilter/ipt_connlimit.ko
  CC    net/ipv4/netfilter/ipt_time.mod.o
  LD [M]  net/ipv4/netfilter/ipt_time.ko

12.cp新編譯的模塊到老內(nèi)核
[root@seker linux-2.6.18.i686]# cp net/ipv4/netfilter/ipt_time.ko /lib/modules/2.6.18-92.el5/kernel/net/ipv4/netfilter/
[root@seker linux-2.6.18.i686]# cp net/ipv4/netfilter/ipt_layer7.ko /lib/modules/2.6.18-92.el5/kernel/net/ipv4/netfilter/
[root@seker linux-2.6.18.i686]# cp net/ipv4/netfilter/ipt_connlimit.ko /lib/modules/2.6.18-92.el5/kernel/net/ipv4/netfilter/
[root@seker linux-2.6.18.i686]# chmod 755 /lib/modules/2.6.18-92.el5/kernel/net/ipv4/netfilter/*.ko

13.安裝IPP2P
[root@seker ipp2p-0.99.15]# make
[root@seker ipp2p-0.99.15]# make install
cp ipt_ipp2p.ko /lib/modules/2.6.18-92.el5/kernel/net/ipv4/netfilter/
cp libipt_ipp2p.so /lib/iptables/
depmod -a
[root@seker ipp2p-0.99.15]#

14.安裝新的IPTABLE
[root@seker iptables-1.3.8]# make BINDIR=/sbin LIBDIR=/lib MANDIR=/usr/share/man install

這步成功會(huì)有 cp *.so 的日志..

[root@seker iptables-1.3.8]# make BINDIR=/sbin LIBDIR=/lib MANDIR=/usr/share/man install
....
cp extensions/libipt_limit.so /lib/iptables/libipt_limit.so
....
cp extensions/libipt_layer7.so /lib/iptables/libipt_layer7.so
....
cp extensions/libipt_time.so /lib/iptables/libipt_time.so
....
rm libiptc/libip6tc.o libipq/libipq.o libiptc/libip4tc.o
[root@seker iptables-1.3.8]#

復(fù)制代碼

15.加載模塊
[root@seker iptables-1.3.8]# modprobe ipt_connlimit
[root@seker iptables-1.3.8]# modprobe ipt_time
[root@seker iptables-1.3.8]# modprobe ipt_ipp2p
[root@seker iptables-1.3.8]# modprobe ipt_layer7
[root@seker iptables-1.3.8]#
[root@seker iptables-1.3.8]# lsmod |grep x_tables
x_tables             17349  7

ipt_layer7,ipt_iprange,ipt_ipp2p,ipt_time,ipt_connlimit,xt_tcpudp,ip_tables
[root@seker iptables-1.3.8]#

16.測(cè)試layer7,time,ip2p2..
[root@seker iptables-1.3.8]# iptables -A FORWARD -m layer7 --l7proto qq  -m time --timestart 8:00 --timestop 17:30 --days Mon,Tue,Wed,Thu,Fri -m iprange --src-range 192.168.1.5-192.168.1.239 -m ipp2p --ipp2p -m ipp2p --xunlei -j DROP

如果time有問(wèn)題加個(gè)下面的附件里.ko .so (我沒(méi)測(cè)試過(guò),不保證可以在你的系統(tǒng)上使用)
http://linux.chinaunix.net/bbs/attachment.php?aid=214364
[root@seker iptables-1.3.8]#

CENTOS4.4  kernel 2.6.9  IPTABLES添加模塊

1、系統(tǒng)安裝CentOS4.4 Linux 2.6.9-42.EL默認(rèn)內(nèi)核
安裝時(shí)選包：vi編輯器 DHCP DNS 開(kāi)發(fā)工具（里面的圖形支持庫(kù)就不要選啦，其他三項(xiàng)都選，以免以后安

裝軟件缺東少西的）防火墻選擇不安裝。關(guān)閉SELINUX 配好網(wǎng)卡IP 開(kāi)始安裝系統(tǒng)

刪掉沒(méi)用的sendmail 等RPM包
# rpm -qa | grep sendmail
# service sendmail stop
# rpm -e --nodeps sendmail
# rpm -qa | grep kernel
把 kernel-smp*.rpm 和 kernel-smp-devel*.rpm 這兩個(gè)包卸掉
# rpm -e --nodeps kernel-smp
# rpm -e --nodeps kernel-smp-devel
查看grub.conf 啟動(dòng)項(xiàng)就變成一項(xiàng)啦否則系統(tǒng)默認(rèn)啟動(dòng)項(xiàng)是SMP多處理器的，我的機(jī)器只有一個(gè)CPU，所以就卸掉啦。
# cat /boot/grub.conf
default=1
timeout=5
splashimage=(hd0,0)/grub/splash.xpm.gz
hiddenmenu
title CentOS-4 i386-up (2.6.9-42.EL)
            root (hd0,0)
            kernel /vmlinuz-2.6.9-42.EL ro root=LABEL=/ rhgb quiet
            initrd /initrd-2.6.9-42.EL.img

重新啟動(dòng)系統(tǒng) 使上面的更改都全部生效主要是使 uname –r 結(jié)果以CPU個(gè)數(shù)匹配其他修改其實(shí)可以重
新啟動(dòng)服務(wù)就可以完成的 service XXX restart
關(guān)閉防火墻的命令： # service iptables stop
OK 以上步驟都是在主機(jī)上做的，以后的我們就到終端SSH上去啦。

遠(yuǎn)程用SSH登陸到這臺(tái)主機(jī)
修改字符集
locale 查看一下當(dāng)前字符集
默認(rèn)字符集是LANG="zh_CN.UTF-8"
因?yàn)槲疫x的中文安裝，因?yàn)槲沂怯肵shell這個(gè)SSH工具登陸的
在某一目錄使用 cd lskdj 就是一個(gè)不存在的目錄就看到亂碼啦
解決方法：
# cp /etc/sysconfig/i18n /etc/sysconfig/i18n.bak
修改前做好備份
# vi /etc/sysconfig/i18n
      將此文件里的默認(rèn)內(nèi)容全部刪除然后加入下面這幾行
            LANG="zh_CN.GB18030"
                     LANGUAGE="zh_CN.GB18030:zh_CN.GB2312:zh_CN"
                     SUPPORTED="zh_CN.GB18030:zh_CN:zh"
                     SYSFONT="lat0-sun16"
                     SYSFONTACM="8859-15"
      保存退出
然后重新用SSH登陸再用locale 命令查看一下
OK 羅嗦到此為止。開(kāi)工

TFTP上傳所需軟件包到 /usr/src/ 目錄下
ipp2p-0.8.2.tar.gz
patch-o-matic-ng-20060509
iptables-1.3.5.tar.bz2
l7-protocols-2006-10-18.tar.gz
kernel-2.6.9-42.EL.src.rpm
netfilter-layer7-v2.6.tar.gz
這里說(shuō)一下因?yàn)閕pp2p0.8.2不支持iptabls1.3.6 所以選用1.3.5
patch-o-matic-ng-20060509 這個(gè)補(bǔ)丁包里面的模塊是我自己選的
在 patchlets/ 目錄下把自己需要的模塊留下其他刪除既可
這個(gè)配置文件要保留patchlets/config
另外需要注意一點(diǎn)20060509這個(gè)包里的 time模塊在2.6下編譯時(shí)是出錯(cuò)的，但在2.4內(nèi)核上編譯就沒(méi)問(wèn)題

，你可以用20050801 這個(gè)包內(nèi)的time模塊來(lái)安裝或者你就直接用這個(gè)補(bǔ)丁包來(lái)安裝也一樣，只要你找到

自己用的模塊將模塊放在patchlets/ 里即可
L7的就沒(méi)什么說(shuō)的啦都是最新的
kernel-2.6.9-42.EL.src.rpm 這個(gè)內(nèi)核源碼包你可以去網(wǎng)上下或在光盤里找

解開(kāi)所有壓縮包
# tar zxvf ipp2p-0.8.2.tar.gz
# tar zxvf l7-protocols-2006-10-18.tar.gz
# tar zxvf netfilter-layer7-v2.6.tar.gz
# tar xvjf iptables-1.3.5.tar.bz2
修正rpm包安裝key警告問(wèn)題
# rpm --import /usr/share/doc/centos-release-4/RPM-GPG-KEY*
建立內(nèi)核源碼包安裝所需用戶
# useradd  buildsvn
安裝源碼包考一份內(nèi)核到 /usr/src/linux-2.6.9做編譯使用，如果編譯失敗可以刪除后再考新的所以

不建議做軟連接操作
# rpm -ivh kernel-2.6.9-42.EL.src.rpm
# cd /usr/src/redhat/SPECS
# rpmbuild -bp --target=i686 kernel-2.6.spec
# cp -a /usr/src/redhat/BUILD/kernel-2.6.9/linux-2.6.9 /usr/src
修改拷貝的內(nèi)核與當(dāng)前系統(tǒng)內(nèi)核版本一致（很重要，否則編譯出來(lái)的模塊不能被當(dāng)前內(nèi)核使用）
# cd /usrs/src/linux-2.6.9
# vi Makefile
修改 EXTRAVERSION = -prep
該成EXTRAVERSION = -42.EL
保持跟uname -r 的版本一致檢測(cè)一下
# uname -r
2.6.9-42.EL
# head -n4 Makefile
VERSION = 2
PATCHLEVEL = 6
SUBLEVEL = 9
EXTRAVERSION = -42.EL

# make mrproper
該命令確保源代碼目錄下沒(méi)有不正確的.o文件以及文件的互相依賴。
# make menuconfig
直接保存退出，生成 .config 文件。

為內(nèi)核打補(bǔ)丁并添加模塊
# cd  /usr/src/patch-o-matic-ng-20060509
設(shè)置內(nèi)核和iptables的環(huán)境變量
# export KERNEL_DIR=/usr/src/linux-2.6.9
# export IPTABLES_DIR=/usr/src/iptables-1.3.5
添加模塊

# ./runme time
# ./runme ipp2p
# ./runme iprange（已經(jīng)自帶）
其實(shí)你若明確了 patchlets/ 下的模塊后
可以用 ./runme xxxx 隨意字符然后它會(huì)自動(dòng)到patchlets/ 下檢測(cè)每一個(gè)模塊提示你

添加Layer-7模塊
# cd /usr/src/linux-2.6.9
# patch -p1 < /usr/src/netfilter-layer7-v2.6/for_older_kernels/kernel-2.6.9-2.6.10-layer7-

1.2.patch
# cd /usr/src/iptables-1.3.5
# patch -p1 < /usr/src/netfilter-layer7-v2.6/iptables-layer7-2.6.patch
# chmod +x extensions/.layer7-test
l7-filter模塊加入完成

為內(nèi)核選擇新添加的模塊
# cd /usr/src/linux-2.6.9
# make menuconfig
路徑：Device Drivers  --->
         Networking support  --->
               Networking options  --->
                  Network packet filtering (replaces ipchains)  --->
                     IP: Netfilter Configuration  --->
新加入的模塊都在這里選中新加入的模塊
<M> Layer 7 match support (EXPERIMENTAL)
[ ]    Layer 7 debugging output (NEW) （這個(gè)debug 就不要選啦）
(2048)  Buffer size for application layer data (NEW)
保存退出

編譯netfilter模塊
　# cd /usr/src/linux-2.6.9
　# make modules_prepare
  # make M=net/ipv4/netfilter
編譯完成netfilter模塊后拷貝編譯完成的模塊到當(dāng)前系統(tǒng)netfilter中
# \cp -f /usr/src/linux-2.6.9/net/ipv4/netfilter/*.ko /lib/modules/2.6.9-

42.EL/kernel/net/ipv4/netfilter/
# chmod +x /lib/modules/2.6.9-42.EL/kernel/net/ipv4/netfilter/*.ko
# depmod -a
安裝l7協(xié)議
# cd /usr/src/l7-protocols-2006-10-18
# make install
安裝新的 iptables
（這個(gè)注釋不明白是什么意思）
# vi /usr/src/linux-2.6.9/include/linux/config.h
用 // 把下面的中間三行注釋掉

#include <linux/autoconf.h>
//#if !defined (__KERNEL__) && !defined(__KERNGLUE__)
//#error including kernel header in userspace; use the glibc headers instead!
//#endif
#endif
保存退出

# cd /usr/src/iptables-1.3.5
# export KERNEL_DIR=/usr/src/linux-2.6.9
# export IPTABLES_DIR=/usr/src/iptables-1.3.5
保證有這兩個(gè)環(huán)境變量存在（前面我們已經(jīng)做過(guò)，可用 echo $ KERNEL_DIR和echo $ IPTABLES_DIR 查看

目錄設(shè)置是否正確）然后安裝
# make BINDIR=/sbin LIBDIR=/lib MANDIR=/usr/share/man install
更新ipp2p模塊,使他支持更多的協(xié)議
# cd /usr/src/ipp2p-0.8.2
# make
備份原模塊 # cp /lib/iptables/libipt_ipp2p.so /
# cp /usr/src/ipp2p-0.8.2/libipt_ipp2p.so /lib/iptables

安裝白金寫的域名模塊
[root@ES-vcmres patchlets]# cd domain-0.0.2/
[root@ES-vcmres domain-0.0.2]# ls
ChangeLog  ipt_domain.c  ipt_domain.o    libipt_domain.o Makefile
INSTALL ipt_domain.h  libipt_domain.c  libipt_domain.so  tags

[root@ES-vcmres domain-0.0.2]# make
make -C /lib/modules/2.6.9-42.EL/build SUBDIRS=/usr/src/patch-o-matic-ng-

20060509/patchlets/domain-0.0.2 modules
make[1]: Entering directory `/usr/src/kernels/2.6.9-42.EL-i686'
  CC [M]  /usr/src/patch-o-matic-ng-20060509/patchlets/domain-0.0.2/ipt_domain.o
  Building modules, stage 2.
  MODPOST
  CC    /usr/src/patch-o-matic-ng-20060509/patchlets/domain-0.0.2/ipt_domain.mod.o
  LD [M]  /usr/src/patch-o-matic-ng-20060509/patchlets/domain-0.0.2/ipt_domain.ko
make[1]: Leaving directory `/usr/src/kernels/2.6.9-42.EL-i686'

[root@ES-vcmres domain-0.0.2]# make install
cp -rf libipt_domain.so /lib/iptables/
cp -rf ipt_domain.ko /lib/modules/`uname -r`/kernel/net/ipv4/netfilter/
depmod -a

安裝白金寫的多IP模塊
[root@ES-vcmres patchlets]# cd multiip/
[root@ES-vcmres multiip]# ls
INSTALL       ipt_multiip.h  libipt_multiip.c  libipt_multiip.so
ipt_multiip.c  ipt_multiip.o  libipt_multiip.o  Makefile

[root@ES-vcmres multiip]# make
make -C /lib/modules/2.6.9-42.EL/build SUBDIRS=/usr/src/patch-o-matic-ng-
........
[root@ES-vcmres multiip]# make install
cp -rf libipt_multiip.so /lib/iptables/
cp -rf ipt_multiip.ko /lib/modules/`uname -r`/kernel/net/ipv4/netfilter/
[root@ES-vcmres multiip]# depmod -a

安裝結(jié)束
測(cè)試
1、查看 iptables版本
# iptables –V
iptables v1.3.5
查看 ipp2p 版本
# iptables -m ipp2p -h | grep IPP2P
IPP2P v0.8.2 options:
2、IPP2P range
# iptables -A FORWARD -m iprange --src-range 192.168.1.2-192.168.1.254 -m ipp2p --ipp2p -j

DROP
3、layer 7 ,time ,iprange
# iptables -A FORWARD -m layer7 --l7proto qq  -m time --timestart 8:00 --timestop 17:30 --

days Mon,Tue,Wed,Thu,Fri -m iprange --src-range 192.168.1.5-192.168.1.239 -j DROP

3、白金寫的域名和多IP模塊測(cè)試
# iptables -A FORWARD -m domain --name "sohu.com" -j DROP
# iptables -A FORWARD -m multiip --sip 192.168.1.3,192.168.1.8,192.168.1.33 -j DROP
#

CentOS 3.8 kernel 2.4.21 Iptables添加模塊

1. 安裝系統(tǒng)。
因只做網(wǎng)關(guān)用，所以選包比較少，只選了編輯器里的VI，和網(wǎng)絡(luò)里的DHCP，以及開(kāi)發(fā)工具中的內(nèi)核和原始

開(kāi)發(fā)工具。僅此而已。
進(jìn)入系統(tǒng)用uname –r 命令會(huì)看到2.4.21-47.Elsmp ，默認(rèn)是多處理器，而我的網(wǎng)關(guān)是一個(gè)CPU的，所以

卸掉沒(méi)用的包
# service sendmail stop
# rpm -e --nodeps kernel-smp
# rpm -e --nodeps kernel-smp-devel
# rpm -e --nodeps sendmial
修改SSH啟用root登陸 vi /etc/ssh/sshd.config  啟用PermitRootLogin yes
重新啟動(dòng)系統(tǒng)開(kāi)始配置
# uname -r (查看當(dāng)前版本)
2.4.21-47.EL
可以cd  /usr/src 查看是否有這個(gè)目錄2.4.21-47.EL 和軟鏈 linux_2.4
b. 或者查是否安裝了源碼包
# rpm -qa|grep kernel
kernel-source-2.4.21-47.EL
如果沒(méi)有安裝,可以在光盤中拷貝過(guò)來(lái)或安裝  rpm -ivh kernel-source-2.4.21-47.i386.rpm. 安裝后會(huì)

在/usr/src/出現(xiàn)linux-2.4連接和linux-2.4.21-47.EL目錄.

二.安裝說(shuō)明
處理內(nèi)核源碼.
刪除原有的軟連接 cp副本來(lái)做如果做錯(cuò) 以后可以從新cp 再重新做
# cp -a linux-2.4.21-47.EL/ ./linux-2.4
# cd /usr/src/linux-2.4
# vi Makefile
EXTRAVERSION = -47.EL
EXTRAVERSION = -47.ELcustom 注釋這個(gè) 改成上面的
# head -n4 Makefile
仔細(xì)檢查一下版本與 uname -r
# make mrproper
# make menuconfig 直接保存退出
給netfilter打補(bǔ)丁

# cd /usr/src/patch-o-matic-ng-20060509
KERNEL_DIR=/usr/src/linux-2.4 IPTABLES_DIR=/usr/src/iptables-1.3.5 ./runme time
KERNEL_DIR=/usr/src/linux-2.4 IPTABLES_DIR=/usr/src/iptables-1.3.5 ./runme connlimit
KERNEL_DIR=/usr/src/linux-2.4 IPTABLES_DIR=/usr/src/iptables-1.3.5 ./runme iprange
KERNEL_DIR=/usr/src/linux-2.4 IPTABLES_DIR=/usr/src/iptables-1.3.5 ./runme ipp2p

加入l7-filter 模塊
# cd /usr/src/linux-2.4
# patch -p1 < /usr/src/netfilter-layer7-v2.6/kernel-2.4-layer7-2.6.patch
# cd /usr/src/iptables-1.3.5
# patch -p1 < /usr/src/netfilter-layer7-v2.6/iptables-layer7-2.6.patch
# chmod +x extensions/.layer7-test
l7-filter安裝結(jié)束

# cd /usr/src/linux-2.4
# make menuconfig
確認(rèn)
Prompt for development and/or incomplete code/drivers要選中
然后進(jìn)入Networking options
再進(jìn)入IP:Netfilter Configuration 把其想要的選中為模塊"M"
保存退出，給netfilter打補(bǔ)丁完成

編譯netfilter,
# cd /usr/src/linux-2.4
# make dep
# make modules SUBDIRS=net/ipv4/netfilter

應(yīng)用新的模塊
# \cp -f /usr/src/linux-2.4/net/ipv4/netfilter/*.o /lib/modules/2.4.21-

47.EL/kernel/net/ipv4/netfilter/

更新modules.dep
# depmod -a
當(dāng)出現(xiàn)錯(cuò)誤時(shí)可以把出錯(cuò)的刪除.
例如：rm -rf /lib/modules/2.4.21-47.EL/kernel/net/ipv4/netfilter/ipchains_core.o
depmod: *** Unresolved symbols in /lib/modules/2.4.21-

47.EL/kernel/net/ipv4/netfilter/ipchains_core.o
depmod: *** Unresolved symbols in /lib/modules/2.4.21-

47.EL/kernel/net/ipv4/netfilter/ipfwadm_core.o
直到再執(zhí)行 depmod -a 不在出錯(cuò)

編譯安裝新的iptables
# cd /usr/src/iptables-1.3.5
# export KERNEL_DIR=/usr/src/linux-2.4
# export IPTABLES_DIR=/usr/src/iptables-1.3.5
# chmod +x extensions/.ipp2p-test
# make BINDIR=/sbin LIBDIR=/lib MANDIR=/usr/share/man install

安裝l7-filter協(xié)議：
cd /usr/src/l7-protocols-2006-10-18
make install

更新ipp2p模塊,使他支持更多的協(xié)議
# cd /usr/src/ipp2p-0.8.2
# make
備份 # cp /lib/iptables/libipt_ipp2p.so /
# cp /usr/src/ipp2p-0.8.2/libipt_ipp2p.so /lib/iptables/
# make && make install
# make && make install
# depmod -a

修正modprobe ip_nat_ftp 加載出錯(cuò)
A：先刪除 /lib/modules/2.4.21-47.EL/kernel/net/ipv4/netfilter/ip_nat_core.o
修改/lib/modules/2.4.21-47.EL/modules.dep，找到 ip_nat_ftp行，刪除含有 ip_nat_core 的

行，/lib/modules/2.4.21-47.EL/kernel/net/ipv4/ip_nat_core.o
然后再depmod -a，發(fā)現(xiàn)有錯(cuò)誤，
繼續(xù)刪除發(fā)生錯(cuò)誤的文件，直到depmod -a，沒(méi)有錯(cuò)誤為止

測(cè)試是否成功：
1、查看 iptables版本
# iptables -V
iptables v1.3.5

查看 ipp2p 版本
# iptables -m ipp2p -h | grep IPP2P
IPP2P v0.8.2 options:

2、IPP2P range
# iptables -A FORWARD -m iprange --src-range 192.168.1.2-192.168.1.254 -m ipp2p --ipp2p -j

DROP

3、layer 7 ,time ,iprange
# iptables -A FORWARD -m layer7 --l7proto qq  -m time --timestart 8:00 --timestop 17:30 --

days Mon,Tue,Wed,Thu,Fri -m iprange --src-range 192.168.1.5-192.168.1.239 -j DROP

測(cè)試多IP
iptables -A FORWARD -m multiip --sip 192.168.1.3,192.168.1.8,192.168.1.33 -j DROP

4、connlimit
# iptables -I FORWARD -s 192.168.1.15 -p tcp --syn --dport 80 -m connlimit --connlimit-above

3 --connlimit-mask 24 -j DROP

5、測(cè)試域名
iptables -A FORWARD -m domain --name "sohu.com" -j DROP

[ 本帖最后由 Seker 于 2009-4-27 22:45 編輯 ]

ko.zip

281.64 KB, 下載次數(shù): 600

so.zip

18.22 KB, 下載次數(shù): 197

文庫(kù)|博客

Apache官方強(qiáng)心劑：開(kāi)源不受出口管理?xiàng)l例約束！
Linux基礎(chǔ)命令---lynx瀏覽器
Dell R740服務(wù)器設(shè)置磁盤直通,不做RAID虛擬磁盤陣列
Linux基礎(chǔ)命令---elinks文本瀏覽器
Linux基礎(chǔ)命令---wget下載工具

hc_ttcm

豐衣足食

論壇徽章:: 1

2樓 [報(bào)告]

發(fā)表于 2008-09-20 18:07 |只看該作者

標(biāo)記下

學(xué)習(xí)了

實(shí)戰(zhàn)分享：從技術(shù)角度談機(jī)器學(xué)習(xí)入門| 【大話IT】RadonDB低門檻向MySQL集群下戰(zhàn)書 | ChinaUnix打賞功能已上線！ | 新一代分布式關(guān)系型數(shù)據(jù)庫(kù)RadonDB知多少？

劍次狼

大富大貴

論壇徽章:: 0

3樓 [報(bào)告]

發(fā)表于 2008-09-20 19:52 |只看該作者

不錯(cuò)比較詳細(xì)。LZ辛苦了

實(shí)戰(zhàn)分享：從技術(shù)角度談機(jī)器學(xué)習(xí)入門| 【大話IT】RadonDB低門檻向MySQL集群下戰(zhàn)書 | ChinaUnix打賞功能已上線！ | 新一代分布式關(guān)系型數(shù)據(jù)庫(kù)RadonDB知多少？

9esu

白手起家

論壇徽章:: 0

4樓 [報(bào)告]

發(fā)表于 2008-09-21 07:40 |只看該作者

能說(shuō)說(shuō)kernel-2.6.18-92.el5.src.rpm在哪下載嗎?給個(gè)地址！
http://www.kernel.org/pub/linux/kernel/v2.6/里面就沒(méi)有rpm的��！

實(shí)戰(zhàn)分享：從技術(shù)角度談機(jī)器學(xué)習(xí)入門| 【大話IT】RadonDB低門檻向MySQL集群下戰(zhàn)書 | ChinaUnix打賞功能已上線！ | 新一代分布式關(guān)系型數(shù)據(jù)庫(kù)RadonDB知多少？

Seker

稍有積蓄

論壇徽章:: 0

5樓 [報(bào)告]

發(fā)表于 2008-09-22 11:18 |只看該作者

從解開(kāi)壓縮包后開(kāi)始,前面的參考帖子.
[root@seker src]# ls
backup kernels netfilter-layer7-v2.9.tar.gz
ipp2p-0.99.15 l7-protocols-2008-04-23 patch-o-matic-ng-20080918
ipp2p-0.99.15.tar.gz l7-protocols-2008-04-23.tar.gz patch-o-matic-ng-20080918.tar.bz2
iptables-1.3.8 linux-2.6.18.i686 redhat
iptables-1.3.8.tar.bz2 netfilter-layer7-v2.9
[root@seker src]# export KERNEL_DIR=/usr/src/linux-2.6.18.i686/
[root@seker src]# export IPTABLES_DIR=/usr/src/iptables-1.3.8/
[root@seker src]# cd patch-o-matic-ng-20080918
[root@seker patch-o-matic-ng-20080918]# ls
Netfilter_POM.pm patchlets README runme
patch2pom pom2patch README.newpatches sources.list
[root@seker patch-o-matic-ng-20080918]# ./runme --download
Successfully downloaded external patch geoip
Successfully downloaded external patch condition
Successfully downloaded external patch IPMARK
Successfully downloaded external patch ROUTE
Successfully downloaded external patch connlimit
Successfully downloaded external patch ipp2p
Successfully downloaded external patch time
./patchlets/ipv4options exists and is not external
./patchlets/TARPIT exists and is not external
Successfully downloaded external patch ACCOUNT
Successfully downloaded external patch pknock
Loading patchlet definitions......................... done
Excellent! Source trees are ready for compilation.
下載完畢
安裝模塊
[root@seker patch-o-matic-ng-20080918]# ./runme time
Loading patchlet definitions......................... done
Welcome to Patch-o-matic ($Revision$)!
Kernel: 2.6.18, /usr/src/linux-2.6.18.i686/
Iptables: 1.3.8, /usr/src/iptables-1.3.8/
Each patch is a new feature: many have minimal impact, some do not.
Almost every one has bugs, so don't apply what you don't need!
-------------------------------------------------------
Already applied:
Testing time... not applied
The time patch:
Author: Fabrice MARIE <[email]fabrice@netfilter.org[/email]>
Status: Works within it's limitations
This option adds CONFIG_IP_NF_MATCH_TIME, which supplies a time match module.
This match allows you to filter based on the packet arrival time/date
(arrival time/date at the machine which the netfilter is running on) or
departure time/date (for locally generated packets).
Supported options are:
[ --timestart value ]
Match only if it is after `value' (Inclusive, format: HH:MM ; default 00:00).
[ --timestop value ]
Match only if it is before `value' (Inclusive, format: HH:MM ; default 23:59).
[ --days listofdays ]
Match only if today is one of the given days. (format: Mon,Tue,Wed,Thu,Fri,Sat,Sun ; default everyday)
[ --datestart date ]
Match only if it is after `date' (Inclusive, format: YYYY[:MM[:DD[:hh[:mm[:ss]]]]]
h,m,s start from 0 ; default to 1970)
[ --datestop date ]
Match only if it is before `date' (Inclusive, format: YYYY[:MM[:DD[:hh[:mm[:ss]]]]]
h,m,s start from 0 ; default to 2037)
Example:
-A INPUT -m time --timestart 8:00 --timestop 18:00 --days Mon,Tue,Wed,Thu,Fri
will match packets that have an arrival timestamp in the range 8:00->18:00 from Monday
to Friday.
-A OUTPUT -m time --timestart 8:00 --timestop 18:00 --Days Mon --date-stop 2010
will match the packets (locally generated) that have a departure timestamp
in the range 8:00->18:00 on Monday only, until 2010
NOTE: the time match does not track changes in daylight savings time
-----------------------------------------------------------------
Do you want to apply this patch [N/y/t/f/a/r/b/w/q/?] y
Excellent! Source trees are ready for compilation.
[root@seker patch-o-matic-ng-20080918]# ./runme connlimit
Loading patchlet definitions......................... done
Welcome to Patch-o-matic ($Revision$)!
Kernel: 2.6.18, /usr/src/linux-2.6.18.i686/
Iptables: 1.3.8, /usr/src/iptables-1.3.8/
Each patch is a new feature: many have minimal impact, some do not.
Almost every one has bugs, so don't apply what you don't need!
-------------------------------------------------------
Already applied:
Testing connlimit... not applied
The connlimit patch:
Author: Gerd Knorr <[email]kraxel@bytesex.org[/email]>
Status: ItWorksForMe[tm]
This adds an iptables match which allows you to restrict the
number of parallel TCP connections to a server per client IP address
(or address block).
Examples:
# allow 2 telnet connections per client host
iptables -p tcp --syn --dport 23 -m connlimit --connlimit-above 2 -j REJECT
# you can also match the other way around:
iptables -p tcp --syn --dport 23 -m connlimit ! --connlimit-above 2 -j ACCEPT
# limit the nr of parallel http requests to 16 per class C sized
# network (24 bit netmask)
iptables -p tcp --syn --dport 80 -m connlimit --connlimit-above 16 \
--connlimit-mask 24 -j REJECT
-----------------------------------------------------------------
Do you want to apply this patch [N/y/t/f/a/r/b/w/q/?] y
Excellent! Source trees are ready for compilation.
[root@seker patch-o-matic-ng-20080918]# cd ../linux-2.6.18.i686/
[root@seker linux-2.6.18.i686]# patch -p1 < /usr/src/netfilter-layer7-v2.9/kernel-2.6.18-2.6.19-layer7-2.9.patch
patching file include/linux/netfilter_ipv4/ip_conntrack.h
patching file include/linux/netfilter_ipv4/ipt_layer7.h
patching file net/ipv4/netfilter/Kconfig
patching file net/ipv4/netfilter/Makefile
Hunk #1 succeeded at 66 (offset 3 lines).
patching file net/ipv4/netfilter/ip_conntrack_core.c
Hunk #1 succeeded at 338 (offset 1 line).
patching file net/ipv4/netfilter/ip_conntrack_standalone.c
Hunk #1 succeeded at 193 (offset 1 line).
patching file net/ipv4/netfilter/ipt_layer7.c
patching file net/ipv4/netfilter/regexp/regexp.c
patching file net/ipv4/netfilter/regexp/regexp.h
patching file net/ipv4/netfilter/regexp/regmagic.h
patching file net/ipv4/netfilter/regexp/regsub.c
[root@seker linux-2.6.18.i686]# cd ../iptables-1.3.8
[root@seker iptables-1.3.8]# patch -p1 < /usr/src/netfilter-layer7-v2.9/iptables-layer7-2.9.patch
patching file extensions/.layer7-test
patching file extensions/libipt_layer7.c
patching file extensions/libipt_layer7.man
[root@seker iptables-1.3.8]# chmod +x extensions/.layer7-test
[root@seker iptables-1.3.8]#
[root@seker iptables-1.3.8]# cd ../linux-2.6.18.i686/
[root@seker linux-2.6.18.i686]# make menuconfig
scripts/kconfig/mconf arch/i386/Kconfig
#
# configuration written to .config
#
*** End of Linux kernel configuration.
*** Execute 'make' to build the kernel or try 'make help'.
[root@seker linux-2.6.18.i686]# make modules_prepare
scripts/kconfig/conf -s arch/i386/Kconfig
CHK include/linux/version.h
UPD include/linux/version.h
CHK include/linux/utsrelease.h
UPD include/linux/utsrelease.h
SYMLINK include/asm -> include/asm-i386
CC arch/i386/kernel/asm-offsets.s
GEN include/asm-i386/asm-offsets.h
HOSTCC scripts/genksyms/genksyms.o
SHIPPED scripts/genksyms/lex.c
SHIPPED scripts/genksyms/parse.h
SHIPPED scripts/genksyms/keywords.c
HOSTCC scripts/genksyms/lex.o
SHIPPED scripts/genksyms/parse.c
HOSTCC scripts/genksyms/parse.o
HOSTLD scripts/genksyms/genksyms
CC scripts/mod/empty.o
HOSTCC scripts/mod/mk_elfconfig
MKELF scripts/mod/elfconfig.h
HOSTCC scripts/mod/file2alias.o
HOSTCC scripts/mod/modpost.o
HOSTCC scripts/mod/sumversion.o
HOSTLD scripts/mod/modpost
HOSTCC scripts/kallsyms
HOSTCC scripts/pnmtologo
HOSTCC scripts/conmakehash
[root@seker linux-2.6.18.i686]#
[root@seker linux-2.6.18.i686]# mv net/ipv4/netfilter/Makefile net/ipv4/netfilter/Makefile.bak
[root@seker linux-2.6.18.i686]# vi net/ipv4/netfilter/Makefile
[root@seker linux-2.6.18.i686]# cat net/ipv4/netfilter/Makefile
obj-m := ipt_connlimit.o
obj-m := ipt_time.o
obj-m := ipt_layer7.o
KDIR := /lib/modules/$(shell uname -r)/build
PWD := $(shell pwd)
default:
$(MAKE) -C $(KDIR) M=$(PWD) modules
[root@seker linux-2.6.18.i686]#
[root@seker linux-2.6.18.i686]# make M=net/ipv4/netfilter/
WARNING: Symbol version dump /usr/src/linux-2.6.18.i686/Module.symvers
is missing; modules will have no dependencies and modversions.
LD net/ipv4/netfilter/built-in.o
CC [M] net/ipv4/netfilter/ipt_layer7.o
Building modules, stage 2.
MODPOST
CC net/ipv4/netfilter/ipt_layer7.mod.o
LD [M] net/ipv4/netfilter/ipt_layer7.ko
[root@seker linux-2.6.18.i686]# vi net/ipv4/netfilter/Makefile
[root@seker linux-2.6.18.i686]# cat net/ipv4/netfilter/Makefile
obj-m := ipt_connlimit.o
obj-m := ipt_time.o
KDIR := /lib/modules/$(shell uname -r)/build
PWD := $(shell pwd)
default:
$(MAKE) -C $(KDIR) M=$(PWD) modules
[root@seker linux-2.6.18.i686]#
[root@seker linux-2.6.18.i686]# make M=net/ipv4/netfilter/
WARNING: Symbol version dump /usr/src/linux-2.6.18.i686/Module.symvers
is missing; modules will have no dependencies and modversions.
CC [M] net/ipv4/netfilter/ipt_time.o
Building modules, stage 2.
MODPOST
CC net/ipv4/netfilter/ipt_time.mod.o
LD [M] net/ipv4/netfilter/ipt_time.ko
[root@seker linux-2.6.18.i686]# vi net/ipv4/netfilter/Makefile
[root@seker linux-2.6.18.i686]# cat net/ipv4/netfilter/Makefile
obj-m := ipt_connlimit.o
KDIR := /lib/modules/$(shell uname -r)/build
PWD := $(shell pwd)
default:
$(MAKE) -C $(KDIR) M=$(PWD) modules
[root@seker linux-2.6.18.i686]#
[root@seker linux-2.6.18.i686]# make M=net/ipv4/netfilter/
WARNING: Symbol version dump /usr/src/linux-2.6.18.i686/Module.symvers
is missing; modules will have no dependencies and modversions.
CC [M] net/ipv4/netfilter/ipt_connlimit.o
Building modules, stage 2.
MODPOST
CC net/ipv4/netfilter/ipt_connlimit.mod.o
LD [M] net/ipv4/netfilter/ipt_connlimit.ko
[root@seker linux-2.6.18.i686]#
[root@seker linux-2.6.18.i686]# cp net/ipv4/netfilter/ipt_layer7.ko /lib/modules/2.6.18-92.el5/kernel/net/ipv4/netfilter/
[root@seker linux-2.6.18.i686]# cp net/ipv4/netfilter/ipt_time.ko /lib/modules/2.6.18-92.el5/kernel/net/ipv4/netfilter/
[root@seker linux-2.6.18.i686]# cp net/ipv4/netfilter/ipt_connlimit.ko /lib/modules/2.6.18-92.el5/kernel/net/ipv4/netfilter/
cp：是否覆蓋“/lib/modules/2.6.18-92.el5/kernel/net/ipv4/netfilter/ipt_connlimit.ko”? y
[root@seker linux-2.6.18.i686]# chmod 755 /lib/modules/2.6.18-92.el5/kernel/net/ipv4/netfilter/*.ko
[root@seker linux-2.6.18.i686]# cd ..
[root@seker src]# ls
backup kernels netfilter-layer7-v2.9.tar.gz
ipp2p-0.99.15 l7-protocols-2008-04-23 patch-o-matic-ng-20080918
ipp2p-0.99.15.tar.gz l7-protocols-2008-04-23.tar.gz patch-o-matic-ng-20080918.tar.bz2
iptables-1.3.8 linux-2.6.18.i686 redhat
iptables-1.3.8.tar.bz2 netfilter-layer7-v2.9
[root@seker src]# cd ipp2p-0.99.15
[root@seker ipp2p-0.99.15]# make
make -C /lib/modules/2.6.18-92.el5/build M=/usr/src/ipp2p-0.99.15 modules
make[1]: Entering directory `/usr/src/kernels/2.6.18-92.el5-i686'
CC [M] /usr/src/ipp2p-0.99.15/ipt_ipp2p.o
Building modules, stage 2.
MODPOST
CC /usr/src/ipp2p-0.99.15/ipt_ipp2p.mod.o
LD [M] /usr/src/ipp2p-0.99.15/ipt_ipp2p.ko
make[1]: Leaving directory `/usr/src/kernels/2.6.18-92.el5-i686'
gcc -O3 -Wall -DIPTABLES_VERSION=\"1.3.8\" -I/usr/src/iptables-1.3.8/include -fPIC -c libipt_ipp2p.c
gcc -shared -o libipt_ipp2p.so libipt_ipp2p.o
[root@seker ipp2p-0.99.15]# make install
cp ipt_ipp2p.ko /lib/modules/2.6.18-92.el5/kernel/net/ipv4/netfilter/
cp libipt_ipp2p.so /lib/iptables/
depmod -a
[root@seker ipp2p-0.99.15]# cd /lib/modules/2.6.18-92.el5/
[root@seker 2.6.18-92.el5]# depmod -a
[root@seker 2.6.18-92.el5]# cd -
/usr/src/ipp2p-0.99.15
[root@seker ipp2p-0.99.15]# cd ../iptables-1.3.8
[root@seker iptables-1.3.8]#
[root@seker iptables-1.3.8]# make BINDIR=/sbin LIBDIR=/lib MANDIR=/usr/share/man install
....
cp extensions/libipt_limit.so /lib/iptables/libipt_limit.so
....
cp extensions/libipt_layer7.so /lib/iptables/libipt_layer7.so
....
cp extensions/libipt_time.so /lib/iptables/libipt_time.so
....
rm libiptc/libip6tc.o libipq/libipq.o libiptc/libip4tc.o
[root@seker iptables-1.3.8]#
測(cè)試過(guò)程:
[root@seker iptables-1.3.8]# modprobe ipt_connlimit
[root@seker iptables-1.3.8]# modprobe ipt_time
[root@seker iptables-1.3.8]# modprobe ipt_ipp2p
[root@seker iptables-1.3.8]# modprobe ipt_layer7
[root@seker iptables-1.3.8]# lsmod | grep x_table
x_tables 17349 6 ipt_layer7,ipt_ipp2p,ipt_time,ipt_connlimit,xt_tcpudp,ip_tables
[root@seker iptables-1.3.8]#
[root@seker iptables-1.3.8]# iptables -A FORWARD -m layer7 --l7proto qq -m time --timestart 8:00 --timestop 17:30 --days Mon,Tue,Wed,Thu,Fri -m iprange --src-range 192.168.1.5-192.168.1.239 -m ipp2p --ipp2p -m ipp2p --xunlei -j DROP
[root@seker iptables-1.3.8]# iptables -A FORWARD -m layer7 --l7proto qq -m time --timestart 8:00 --timestop 17:30 --days Mon,Tue,Wed,Thu,Fri -m iprange --src-range 192.168.1.5-192.168.1.239 -m ipp2p --ipp2p -m ipp2p --xunlei -j DROP
[root@seker iptables-1.3.8]#
[root@seker iptables-1.3.8]# iptables -I FORWARD -s 192.168.1.15 -p tcp --syn --dport 80 -m connlimit --connlimit-above 3 --connlimit-mask 24 -j DROP
[root@seker iptables-1.3.8]# iptables -xvL
Chain INPUT (policy ACCEPT 7783 packets, 1163810 bytes)
pkts bytes target prot opt in out source destination
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 DROP tcp -- any any 192.168.1.15 anywhere tcp dpt:http flags:FIN,SYN,RST,ACK/SYN #conn/24 > 3
0 0 DROP all -- any any anywhere anywhere LAYER7 l7proto qq TIME from 8:0 to 17:30 on Mon,Tue,Wed,Thu,Fri source IP range 192.168.1.5-192.168.1.239 ipp2p v0.99.15 --ipp2p ipp2p v0.99.15 --xunlei
0 0 DROP all -- any any anywhere anywhere LAYER7 l7proto qq TIME from 8:0 to 17:30 on Mon,Tue,Wed,Thu,Fri source IP range 192.168.1.5-192.168.1.239 ipp2p v0.99.15 --ipp2p ipp2p v0.99.15 --xunlei
Chain OUTPUT (policy ACCEPT 5793 packets, 1041904 bytes)
pkts bytes target prot opt in out source destination
[root@seker iptables-1.3.8]#

復(fù)制代碼

[ 本帖最后由 Seker 于 2008-9-27 16:17 編輯 ]

實(shí)戰(zhàn)分享：從技術(shù)角度談機(jī)器學(xué)習(xí)入門| 【大話IT】RadonDB低門檻向MySQL集群下戰(zhàn)書 | ChinaUnix打賞功能已上線！ | 新一代分布式關(guān)系型數(shù)據(jù)庫(kù)RadonDB知多少？

hc_ttcm

豐衣足食

論壇徽章:: 1

6樓 [報(bào)告]

發(fā)表于 2008-09-22 15:17 |只看該作者

報(bào)告樓主
[root@seker SPECS]# rpmbuild -bp --target=$(uname -m) ./kernel-2.6.spec
命令錯(cuò)誤
運(yùn)行 rpmbuild -bp --target=i686 ./kernel-2.6.spec
OK

實(shí)戰(zhàn)分享：從技術(shù)角度談機(jī)器學(xué)習(xí)入門| 【大話IT】RadonDB低門檻向MySQL集群下戰(zhàn)書 | ChinaUnix打賞功能已上線！ | 新一代分布式關(guān)系型數(shù)據(jù)庫(kù)RadonDB知多少？

chenyx

版主

論壇徽章:: 381

7樓 [報(bào)告]

發(fā)表于 2008-09-22 22:13 |只看該作者

不錯(cuò),LZ辛苦,收藏先

實(shí)戰(zhàn)分享：從技術(shù)角度談機(jī)器學(xué)習(xí)入門| 【大話IT】RadonDB低門檻向MySQL集群下戰(zhàn)書 | ChinaUnix打賞功能已上線！ | 新一代分布式關(guān)系型數(shù)據(jù)庫(kù)RadonDB知多少？

root0

白手起家

論壇徽章:: 0

8樓 [報(bào)告]

發(fā)表于 2008-09-23 17:02 |只看該作者

好文章 !
詳細(xì)!!

參照rhel 5.2的,在centos 5.2編譯成功

10.編輯內(nèi)核選上新添加的模塊
[root@seker iptables-1.3.8]# make menuconfig
Networking --->
Networking options --->
指出一個(gè)小小的錯(cuò)誤.路徑應(yīng)該是內(nèi)核路徑.

iptables運(yùn)行沒(méi)問(wèn)題,就是time不能匹配秒.
樓主共享的,運(yùn)行后,iptables -L看不到時(shí)間.

實(shí)戰(zhàn)分享：從技術(shù)角度談機(jī)器學(xué)習(xí)入門| 【大話IT】RadonDB低門檻向MySQL集群下戰(zhàn)書 | ChinaUnix打賞功能已上線！ | 新一代分布式關(guān)系型數(shù)據(jù)庫(kù)RadonDB知多少？

gearfox

白手起家

論壇徽章:: 0

9樓 [報(bào)告]

發(fā)表于 2008-09-24 13:57 |只看該作者

樓主你太棒了

這個(gè)文章收藏了。。。。。。

實(shí)戰(zhàn)分享：從技術(shù)角度談機(jī)器學(xué)習(xí)入門| 【大話IT】RadonDB低門檻向MySQL集群下戰(zhàn)書 | ChinaUnix打賞功能已上線！ | 新一代分布式關(guān)系型數(shù)據(jù)庫(kù)RadonDB知多少？

gearfox

白手起家

論壇徽章:: 0

10樓 [報(bào)告]

發(fā)表于 2008-09-24 15:36 |只看該作者

我運(yùn)行
rpmbuild -bp --target=$(uname -m) ./kernel-2.6.spec
或者
rpmbuild -bp --target=i686 ./kernel-2.6.spec
都會(huì)出現(xiàn)
Building target platforms: i686
Building for target i686
error: Failed build dependencies:
redhat-rpm-config is needed by kernel-2.6.18-92.1.10.el5.i686

因?yàn)槲耶?dāng)時(shí)yum update系統(tǒng)內(nèi)核到kernel-2.6.18-92.1.10.el5.i686
下載的rpm包也是kernel-2.6.18-92.1.10.el5.i686的

為什么會(huì)出現(xiàn)這個(gè)錯(cuò)誤呢？該怎么排錯(cuò)呢？

實(shí)戰(zhàn)分享：從技術(shù)角度談機(jī)器學(xué)習(xí)入門| 【大話IT】RadonDB低門檻向MySQL集群下戰(zhàn)書 | ChinaUnix打賞功能已上線！ | 新一代分布式關(guān)系型數(shù)據(jù)庫(kù)RadonDB知多少？

亚洲av成人无遮挡网站在线观看,少妇性bbb搡bbb爽爽爽,亚洲av日韩精品久久久久久,兔费看少妇性l交大片免费,无码少妇一区二区三区

[網(wǎng)絡(luò)管理] centos AS 3.8/AS 4.4,/RHEL 5.2 三種版本為iptables添加模塊. 過(guò)程在5樓 [復(fù)制鏈接]


平臺(tái) 論壇博客文庫(kù)