Difference between revisions of "Layer7 IMQ Route Multipath Loadbalance Debian Lenny 2.6.28"
From MS Computech
| Line 4: | Line 4: | ||
apt-get install libncurses5-dev kernel-package build-essential zlib1g-dev | apt-get install libncurses5-dev kernel-package build-essential zlib1g-dev | ||
</pre> | </pre> | ||
| − | ดาวโหลด Package | + | ดาวโหลด Package |
| − | <pre> | + | <pre>wget http://www.kernel.org/pub/linux/kernel/v2.6/linux-2.6.28.tar.bz2 |
| − | wget http://www.kernel.org/pub/linux/kernel/v2.6/linux-2.6.28.tar.bz2 | ||
wget http://ufpr.dl.sourceforge.net/sourceforge/l7-filter/netfilter-layer7-v2.21.tar.gz | wget http://ufpr.dl.sourceforge.net/sourceforge/l7-filter/netfilter-layer7-v2.21.tar.gz | ||
wget http://ufpr.dl.sourceforge.net/sourceforge/l7-filter/netfilter-layer7-v2.21.tar.gz | wget http://ufpr.dl.sourceforge.net/sourceforge/l7-filter/netfilter-layer7-v2.21.tar.gz | ||
| Line 21: | Line 20: | ||
</pre> | </pre> | ||
Patch Kernel ด้วย patch file | Patch Kernel ด้วย patch file | ||
| − | <pre>cd linux patch -p1 | + | <pre> |
| + | cd linux | ||
| + | patch -p1 </usr/src/netfilter-layer7-v2.21/kernel-2.6.25-2.6.28-layer7-2.21.patch | ||
</pre> | </pre> | ||
Config Kernel | Config Kernel | ||
Revision as of 12:06, 14 June 2009
Debian Lenny,Kernel 2.6.28+iptables 1.4.2 Contribute post and test by phat@mscompute June 13 2009
apt-get install bzip2 gzip unzip apt-get install debhelper modutils apt-get install libncurses5-dev kernel-package build-essential zlib1g-dev
ดาวโหลด Package
wget http://www.kernel.org/pub/linux/kernel/v2.6/linux-2.6.28.tar.bz2 wget http://ufpr.dl.sourceforge.net/sourceforge/l7-filter/netfilter-layer7-v2.21.tar.gz wget http://ufpr.dl.sourceforge.net/sourceforge/l7-filter/netfilter-layer7-v2.21.tar.gz wget http://ufpr.dl.sourceforge.net/sourceforge/l7-filter/l7-protocols-2009-05-28.tar.gz wget http://www.netfilter.org/projects/iptables/files/iptables-1.4.2.tar.bz2
แตกไฟล์ออกมา
tar xjfv linux-2.6.28.tar.bz2 tar xjfv iptables-1.4.2.tar.bz2 tar zxvf netfilter-layer7-v2.21.tar.gz tar xzfv l7-protocols-2009-05-28.tar.gz
สร้าง Symbol Link
ln -s /usr/src/linux-2.6.28 /usr/src/linux
Patch Kernel ด้วย patch file
cd linux patch -p1 </usr/src/netfilter-layer7-v2.21/kernel-2.6.25-2.6.28-layer7-2.21.patch
Config Kernel
make menuconfig Networking support —> Networking options —> Network packet filtering framework (Netfilter) —> Core Netfilter Configuration. <M> layer7 match support [*] Layer 7 debugging output <M> “string” match support
Exit Save config
คอมไพล์และติดตั้งมันซะ
make make modules make modules_install make install
ทำให้มันบูท Kernel ใหม่
cd /boot mkinitramfs -o initrd.img-2.6.28 2.6.28 update-grub reboot
คอมไพล์ iptables v1.4.2 เพื่อให้รองรับกับ layer7
cd /usr/src/iptables-1.4.2 cp /usr/src/netfilter-layer7-v2.21/iptables-1.4.1.1-for-kernel-2.6.20forward/* /usr/src/iptables-1.4.2/extensions/ ./configure --with-kernel=/usr/src/linux make make install cd /usr/src/l7-protocols-2009-05-28 make install cp /usr/local/sbin/iptables /sbin/
ลอง
iptables -A FORWARD -m layer7 –l7proto msnmessenger -j DROP iptables -A FORWARD -m layer7 –l7proto httpvideo -j DROP iptables -A FORWARD -m layer7 --l7proto bittorrent -j DROP
http://l7-filter.sourceforge.net/protocols
Protocal Definition /etc/l7-protocols
