[ bridge firewall ]
1. 下載 http://bridge.sourceforge.net/devel/bridge-nf/bridge-nf-0.0.8-against-2.4.19.diff
2. 下載 http://www.kernel.org/pub/linux/kernel/v2.4/linux-2.4.20.tar.gz
3. 下載 http://bridge.sourceforge.net/bridge-utils/bridge-utils-0.9.6.tar.gz
4. tar zxf linux-2.4.20.tar.gz –C /usr/src/
5. mv bridge-nf-0.0.8-against-2.4.19.diff /usr/src/linux-2.4.20/
6. cd /usr/src/linux-2.4.20/ ; patch –p1 < bridge-nf-0.0.8-against-2.4.19.diff
7. make mrproper ; make menuconfig 以下為必要選項
a.Code maturity level options
[*] Prompt for development and/or incomplete code/drivers
b.Loadable module support
[*] Enable loadable module support
[*] Set version information on all module symbols
[*] Kernel module loader
c. Networking options
[*] Network packet filtering (replaces ipchains)
[*] Network packet filtering debugging
IP: Netfilter Configuration
<*> 802.1d Ethernet Bridging
8. make dep clean bzImage modules modules_install ; depmod –a
小弟的核心版本是 2.4.18-3
依上面的修補方法
執行下面的補件
cd /usr/src/linux-2.4.20/
zcat ../bridge-nf-0.0.10-against-2.4.20.diff.gz | patch -p1
make mrproper;make menuconfig
make dep clean bzImage modules modules_install
卻無法將核心編譯完成,出現下面的錯誤!
出了什麼問題呢?????
br_netfilter.c: In function `br_nf_pre_routing_finish_bridge':
br_netfilter.c:134: `BRNF_PKT_TYPE' undeclared (first use in this function)
br_netfilter.c:134: (Each undeclared identifier is reported only once
br_netfilter.c:134: for each function it appears in.)
br_netfilter.c: In function `br_nf_pre_routing_finish':
br_netfilter.c:152: `BRNF_PKT_TYPE' undeclared (first use in this function)
br_netfilter.c:157: dereferencing pointer to incomplete type
br_netfilter.c:181: `BRNF_BRIDGED_DNAT' undeclared (first use in this function)
br_netfilter.c:183: sizeof applied to an incomplete type
br_netfilter.c:183: dereferencing pointer to incomplete type
br_netfilter.c:183: sizeof applied to an incomplete type
br_netfilter.c:183: dereferencing pointer to incomplete type
br_netfilter.c:183: sizeof applied to an incomplete type
br_netfilter.c:183: sizeof applied to an incomplete type
br_netfilter.c:183: dereferencing pointer to incomplete type
br_netfilter.c:183: sizeof applied to an incomplete type
br_netfilter.c:183: dereferencing pointer to incomplete type
br_netfilter.c:183: sizeof applied to an incomplete type
br_netfilter.c:198: sizeof applied to an incomplete type
br_netfilter.c:198: dereferencing pointer to incomplete type
br_netfilter.c:198: sizeof applied to an incomplete type
br_netfilter.c:198: dereferencing pointer to incomplete type
br_netfilter.c:198: sizeof applied to an incomplete type
br_netfilter.c:198: sizeof applied to an incomplete type
br_netfilter.c:198: dereferencing pointer to incomplete type
br_netfilter.c:198: sizeof applied to an incomplete type
br_netfilter.c:198: dereferencing pointer to incomplete type
br_netfilter.c:198: sizeof applied to an incomplete type
br_netfilter.c:201: `br_handle_frame_finish' undeclared (first use in this function)
br_netfilter.c: In function `br_nf_pre_routing':
br_netfilter.c:254: warning: implicit declaration of function `nf_bridge_alloc'
br_netfilter.c:254: warning: assignment makes pointer from integer without a cast
br_netfilter.c:259: `BRNF_PKT_TYPE' undeclared (first use in this function)
br_netfilter.c:264: dereferencing pointer to incomplete type
br_netfilter.c: In function `br_nf_forward_finish':
br_netfilter.c:313: `BRNF_PKT_TYPE' undeclared (first use in this function)
br_netfilter.c: In function `br_nf_forward':
br_netfilter.c:349: `BRNF_PKT_TYPE' undeclared (first use in this function)
br_netfilter.c: In function `br_nf_local_out_finish':
br_netfilter.c:369: `NF_BR_PRI_FIRST' undeclared (first use in this function)
br_netfilter.c: In function `br_nf_local_out':
br_netfilter.c:424: `BRNF_BRIDGED_DNAT' undeclared (first use in this function)
br_netfilter.c:427: `BRNF_PKT_TYPE' undeclared (first use in this function)
br_netfilter.c:440: `BRNF_DONT_TAKE_PARENT' undeclared (first use in this function)
br_netfilter.c: In function `br_nf_post_routing':
br_netfilter.c:501: `BRNF_PKT_TYPE' undeclared (first use in this function)
br_netfilter.c: In function `ipv4_sabotage_out':
br_netfilter.c:558: `BRNF_DONT_TAKE_PARENT' undeclared (first use in this function)
br_netfilter.c: At top level:
br_netfilter.c:574: `NF_BR_PRI_BRNF' undeclared here (not in a function)
br_netfilter.c:574: initializer element is not constant
br_netfilter.c:574: (near initialization for `br_nf_ops[0].priority')
br_netfilter.c:575: `NF_BR_PRI_BRNF' undeclared here (not in a function)
br_netfilter.c:575: initializer element is not constant
br_netfilter.c:575: (near initialization for `br_nf_ops[1].priority')
br_netfilter.c:576: `NF_BR_PRI_BRNF' undeclared here (not in a function)
br_netfilter.c:576: initializer element is not constant
br_netfilter.c:576: (near initialization for `br_nf_ops[2].priority')
br_netfilter.c:577: `NF_BR_PRI_FIRST' undeclared here (not in a function)
br_netfilter.c:577: initializer element is not constant
br_netfilter.c:577: (near initialization for `br_nf_ops[3].priority')
br_netfilter.c:578: `NF_BR_PRI_LAST' undeclared here (not in a function)
br_netfilter.c:578: initializer element is not constant
br_netfilter.c:578: (near initialization for `br_nf_ops[4].priority')
make[3]: *** [br_netfilter.o] Error 1
make[3]: Leaving directory `/usr/src/linux-2.4.20/net/bridge'
make[2]: *** [first_rule] Error 2
make[2]: Leaving directory `/usr/src/linux-2.4.20/net/bridge'
make[1]: *** [_subdir_bridge] Error 2
make[1]: Leaving directory `/usr/src/linux-2.4.20/net'
make: *** [_dir_net] Error 2