Difference between revisions of "Layer7 IMQ Route Multipath Loadbalance Debian Lenny 2.6.28"

Revision as of 17:35, 13 June 2009

Debian Lenny,Kernel 2.6.28+iptables 1.4.2

apt-get install bzip2 gzip unzip
apt-get install debhelper modutils 
apt-get install libncurses5-dev kernel-package build-essential zlib1g-dev

wget http://www.kernel.org/pub/linux/kernel/v2.6/linux-2.6.28.tar.bz2

wget http://ufpr.dl.sourceforge.net/sourceforge/l7-filter/netfilter-layer7-v2.21.tar.gz wget http://ufpr.dl.sourceforge.net/sourceforge/l7-filter/l7-protocols-2009-05-28.tar.gz wget http://www.netfilter.org/projects/iptables/files/iptables-1.4.2.tar.bz2

Extract Download Files

tar xjfv linux-2.6.28.tar.bz2
tar xjfv iptables-1.4.2.tar.bz2
tar xzfv netfilter-v2.21.tar.gz
tar xzfv l7-protocols-2009-05-28.tar.gz

Symbol Link >

ln -s /usr/src/linux-2.6.28 /usr/src/linux
<pre>
Now Patch Kernel with patch file

cd linux patch -p1 </usr/src/netfilter-layer7-v2.21/kernel-2.6.25-2.6.28-layer7-2.21.patch

</pre>

make menuconfig

Networking support —> Networking options —> Network packet filtering framework (Netfilter) —> Core Netfilter Configuration.
<M> layer7 match support

[*] Layer 7 debugging output

<M> “string” match support

Exit Save config

Compile and install them

make
make modules
make modules_install
make install

Make it boot

cd /boot
mkinitramfs -o initrd.img-2.6.28 2.6.28
update-grub
reboot

Compile iptables v1.4.2 support layer7

cd /usr/src/iptables-1.4.2
cp /usr/src/netfilter-layer7-v2.21/iptables-1.4.1.1-for-kernel-2.6.20forward/* /usr/src/iptables-1.4.2/extensions/
./configure --with-kernel=/usr/src/linux
make
make install
cd /usr/src/l7-protocols-2009-05-28
make install
cp /usr/local/sbin/iptables /sbin/

Test it

iptables -A FORWARD -m layer7 –l7proto msnmessenger -j DROP
iptables -A FORWARD -m layer7 –l7proto httpvideo -j DROP
iptables -A FORWARD -m layer7 --l7proto bittorrent -j DROP

http://l7-filter.sourceforge.net/protocols

Protocal Definition /etc/l7-protocols

Difference between revisions of "Layer7 IMQ Route Multipath Loadbalance Debian Lenny 2.6.28"

Revision as of 17:35, 13 June 2009

Navigation menu

Personal tools

Namespaces

Variants

Views

More

Search

mega security computer

Tools

@@ Line 1: / Line 1: @@
 Debian Lenny,Kernel 2.6.28+iptables 1.4.2
+<pre>apt-get install bzip2 gzip unzip
-<pre>
-apt-get install bzip2 gzip unzip
 apt-get install debhelper modutils
 apt-get install libncurses5-dev kernel-package build-essential zlib1g-dev
-</pre>
+</pre><pre>wget http://www.kernel.org/pub/linux/kernel/v2.6/linux-2.6.28.tar.bz2
-<pre>
-wget http://www.kernel.org/pub/linux/kernel/v2.6/linux-2.6.28.tar.bz2
 wget http://ufpr.dl.sourceforge.net/sourceforge/l7-filter/netfilter-layer7-v2.21.tar.gz
 wget http://ufpr.dl.sourceforge.net/sourceforge/l7-filter/l7-protocols-2009-05-28.tar.gz
 wget http://www.netfilter.org/projects/iptables/files/iptables-1.4.2.tar.bz2
 </pre>
 Extract Download Files
-<pre>
+<pre>tar xjfv linux-2.6.28.tar.bz2
-tar xjfv linux-2.6.28.tar.bz2
 tar xjfv iptables-1.4.2.tar.bz2
 tar xzfv netfilter-v2.21.tar.gz
 tar xzfv l7-protocols-2009-05-28.tar.gz
 </pre>
-Symbol Link >
+Symbol Link &gt;
-<pre>
+<pre>ln -s /usr/src/linux-2.6.28 /usr/src/linux
-ln -s /usr/src/linux-2.6.28 /usr/src/linux
+&lt;pre&gt;
-<pre>
 Now Patch Kernel with patch file
-<pre>
+</pre>
 cd linux
-patch -p1 </usr/src/netfilter-layer7-v2.21/kernel-2.6.25-2.6.28-layer7-2.21.patch
+patch -p1 &lt;/usr/src/netfilter-layer7-v2.21/kernel-2.6.25-2.6.28-layer7-2.21.patch
-</pre>
+</pre><pre>make menuconfig
-<pre>
-make menuconfig
-Networking support —> Networking options —> Network packet filtering framework (Netfilter) —> Core Netfilter Configuration.
+Networking support —&gt; Networking options —&gt; Network packet filtering framework (Netfilter) —&gt; Core Netfilter Configuration.
-<M> layer7 match support
+&lt;M&gt; layer7 match support
 [*] Layer 7 debugging output
-<M> “string” match support
+&lt;M&gt; “string” match support
 </pre>
 Exit Save config
 Compile and install them
-<pre>
+<pre>make
-make
 make modules
 make modules_install
 make install
 </pre>
 Make it boot
-<pre>
+<pre>cd /boot
-cd /boot
 mkinitramfs -o initrd.img-2.6.28 2.6.28
 update-grub
 reboot
 </pre>
 Compile iptables v1.4.2 support layer7
-<pre>
+<pre>cd /usr/src/iptables-1.4.2
-cd /usr/src/iptables-1.4.2
 cp /usr/src/netfilter-layer7-v2.21/iptables-1.4.1.1-for-kernel-2.6.20forward/* /usr/src/iptables-1.4.2/extensions/
 ./configure --with-kernel=/usr/src/linux
@@ Line 66: / Line 55: @@
 </pre>
 Test it
-<pre>
+<pre>iptables -A FORWARD -m layer7 –l7proto msnmessenger -j DROP
-iptables -A FORWARD -m layer7 –l7proto msnmessenger -j DROP
 iptables -A FORWARD -m layer7 –l7proto httpvideo -j DROP
 iptables -A FORWARD -m layer7 --l7proto bittorrent -j DROP
 </pre>
+http://l7-filter.sourceforge.net/protocols
-http://l7-filter.sourceforge.net/protocols
+Protocal Definition /etc/l7-protocols
-Protocal Definition
-/etc/l7-protocols