outsource from india chennai india programmers freelance php coder freelance outsource scripts programming complicated perl patterns php module installation
outsource from india perl installation and configuration php installation linux system administration US$15,US$19,US$11,US$10 cheap programmer
india outsource outsource india chennai india programmers php perl mysql freelance freelance programmer
SHOWCASE of php and perl scripts CONTACT US for php custom perl scripts
HOME
 
Linux IPv6 HOWTO (en)
PrevChapter 16. FirewallingNext

16.2. Preparation

16.2.1. Get sources

Get the latest kernel source: http://www.kernel.org/

Get the latest iptables package:

16.2.2. Extract sources

Change to source directory: 

# cd /path/to/src

Unpack and rename kernel sources 

# tar z|jxf kernel-version.tar.gz|bz2 
# mv linux linux-version-iptables-version+IPv6

Unpack iptables sources 

# tar z|jxf iptables-version.tar.gz|bz2

16.2.3. Apply latest iptables/IPv6-related patches to kernel source

Change to iptables directory 

# cd iptables-version

Apply pending patches 

# make pending-patches KERNEL_DIR=/path/to/src/linux-version-iptables-version/

Apply additional IPv6 related patches (still not in the vanilla kernel included) 

# make patch-o-matic KERNEL_DIR=/path/to/src/linux-version-iptables-version/

Say yes at following options (iptables-1.2.2)

  • ah-esp.patch

  • masq-dynaddr.patch (only needed for systems with dynamic IP assigned WAN connections like PPP or PPPoE)

  • ipv6-agr.patch.ipv6

  • ipv6-ports.patch.ipv6

  • LOG.patch.ipv6

  • REJECT.patch.ipv6

Check IPv6 extensions 

# make print-extensions 
Extensions found: IPv6:owner IPv6:limit IPv6:mac IPv6:multiport

16.2.4. Configure, build and install new kernel

Change to kernel sources 

# cd /path/to/src/linux-version-iptables-version/

Edit Makefile 

- EXTRAVERSION = 
+ EXTRAVERSION = -iptables-version+IPv6-try

Run configure, enable IPv6 related 

            Code maturity level options 
                  Prompt for development and/or incomplete code/drivers : yes 
            Networking options 
                  Network packet filtering: yes 
                  The IPv6 protocol: module 
                       IPv6: Netfilter Configuration 
                             IP6 tables support: module 
                             All new options like following: 
                                   limit match support: module 
                                   MAC address match support: module 
                                   Multiple port match support: module 
                                   Owner match support: module 
                                   netfilter MARK match support: module 
                                   Aggregated address check: module 
                                   Packet filtering: module 
                                        REJECT target support: module 
                                        LOG target support: module 
                                   Packet mangling: module 
                                   MARK target support: module

Configure other related to your system, too

Compilation and installing: see the kernel section here and other HOWTOs

16.2.5. Rebuild and install binaries of iptables

Make sure, that upper kernel source tree is also available at /usr/src/linux/

Rename older directory 

# mv /usr/src/linux /usr/src/linux.old

Create a new softlink 

# ln -s /path/to/src/linux-version-iptables-version /usr/src/linux

Rebuild SRPMS 

# rpm --rebuild /path/to/SRPMS/iptables-version-release.src.rpm

Install new iptables packages (iptables + iptables-ipv6)

  • On RH 7.1 systems, normally, already an older version is installed, therefore use "freshen" 

# rpm -Fhv /path/to/RPMS/cpu/iptables*-version-release.cpu.rpm

  • If not already installed, use "install" 

# rpm -ihv /path/to/RPMS/cpu/iptables*-version-release.cpu.rpm

  • On RH 6.2 systems, normally, no kernel 2.4.x is installed, therefore the requirements don't fit. Use "--nodeps" to install it 

# rpm -ihv --nodeps /path/to/RPMS/cpu/iptables*-version-release.cpu.rpm

Perhaps it's necessary to create a softlink for iptables libraries where iptables looks for them 

# ln -s /lib/iptables/ /usr/lib/iptables
PrevHomeNext
Firewalling using netfilter6UpUsage

Linux HOWTO full list
   This document, LDP HOWTO-INDEX, is copyrighted (c) 1995 - 2002 by Tim Bynum, Guylhem Aznar, Joshua Drake and Greg Ferguson. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.1 or any later version published by the Free Software Foundation; with no Invariant Sections, with no Front-Cover Texts, and with no Back-Cover Texts. A copy of the license is available at http://www.gnu.org/copyleft/fdl.html. If you have questions, please contact the LDP.
Web Design Copyright © 1999-2003. Chrisranjana Software Solutions Pvt Ltd. syndicate rss feed