最近因為一個項目,要折騰一下linux下的iptables。好久沒有用這個東西了,感覺也不會有啥問題,所以連想都沒想就開始弄。開啟內核選項,交叉編譯iptables,移植運行後才發現。我靠~不支持了,需要用新的nftables。奶奶的,我老了,被時代所淘汰了。nfatbles是個啥,就是取代ipta ...
最近因為一個項目,要折騰一下linux下的iptables。好久沒有用這個東西了,感覺也不會有啥問題,所以連想都沒想就開始弄。開啟內核選項,交叉編譯iptables,移植運行後才發現。我靠~不支持了,需要用新的nftables。奶奶的,我老了,被時代所淘汰了。nfatbles是個啥,就是取代iptables的。好吧,那就弄吧,弄起來才知道,麻煩啊,尤其是移植到arm板子上。
主要涉及到以下幾個方面:
- 交叉編譯工具
- 內核netfilter配置
- 所需的組件交叉編譯(flex、bsion、libmnl、libnftnl、gmp、readline)
- nftables交叉編譯
- nftables基本使用
(一) 交叉編譯工具: 我使用的系統是ubuntu16.04 x32, 我將交叉編譯工具安裝在/opt下,具體版本如下
因為我使用的是zsh,所以我將環境變數添加到了~/.zshrc下
1 export PATH=/opt/toolchain/bin:$PATH
(二)先折騰內核,開啟內核netfilter選項如圖,按以下步驟執行
下麵開始進入netfilter的配置選項,這裡可以根據具體的需求開始相應的配置,這裡我為了測試nftables,將開始所有的選項
開始選項有兩種方式:一種是[*] ,另一種是[M]。前者是內核運行起來以後自動包含了netfilter的模塊功能。後者是以*.ko的方式存在,在需要的時候
使用insmod *.ko的方式啟用,ko文件是有依賴關係的,在載入ko文件的時候需要提供modules.dep文件,如下圖
modules.dep文件內容如下
好了,接下來我是按照[*]的方式載入模塊的,為了驗證nftables的各種功能,我開啟了所有模塊,下圖是主要配置項,
紅色方塊內部的選項根據需求開啟。
如上配置也可以直接修改內核源碼路徑下的.config文件,設置方法如下
CONFIG_NETFILTER=y CONFIG_NETFILTER_DEBUG=y CONFIG_NETFILTER_ADVANCED=y # # Core Netfilter Configuration # CONFIG_NETFILTER_NETLINK=y CONFIG_NETFILTER_NETLINK_ACCT=y CONFIG_NETFILTER_NETLINK_QUEUE=y CONFIG_NETFILTER_NETLINK_LOG=y CONFIG_NF_CONNTRACK=y CONFIG_NF_CONNTRACK_MARK=y CONFIG_NF_CONNTRACK_PROCFS=y CONFIG_NF_CONNTRACK_EVENTS=y CONFIG_NF_CONNTRACK_TIMEOUT=y CONFIG_NF_CONNTRACK_TIMESTAMP=y CONFIG_NF_CONNTRACK_LABELS=y CONFIG_NF_CT_PROTO_DCCP=y CONFIG_NF_CT_PROTO_GRE=y CONFIG_NF_CT_PROTO_SCTP=y CONFIG_NF_CT_PROTO_UDPLITE=y CONFIG_NF_CONNTRACK_AMANDA=y CONFIG_NF_CONNTRACK_FTP=y CONFIG_NF_CONNTRACK_H323=y CONFIG_NF_CONNTRACK_IRC=y CONFIG_NF_CONNTRACK_BROADCAST=y CONFIG_NF_CONNTRACK_NETBIOS_NS=y CONFIG_NF_CONNTRACK_SNMP=y CONFIG_NF_CONNTRACK_PPTP=y CONFIG_NF_CONNTRACK_SANE=y CONFIG_NF_CONNTRACK_SIP=y CONFIG_NF_CONNTRACK_TFTP=y CONFIG_NF_CT_NETLINK=y CONFIG_NF_CT_NETLINK_TIMEOUT=y CONFIG_NF_CT_NETLINK_HELPER=y CONFIG_NETFILTER_NETLINK_QUEUE_CT=y CONFIG_NF_NAT=y CONFIG_NF_NAT_NEEDED=y CONFIG_NF_NAT_PROTO_DCCP=y CONFIG_NF_NAT_PROTO_UDPLITE=y CONFIG_NF_NAT_PROTO_SCTP=y CONFIG_NF_NAT_AMANDA=y CONFIG_NF_NAT_FTP=y CONFIG_NF_NAT_IRC=y CONFIG_NF_NAT_SIP=y CONFIG_NF_NAT_TFTP=y CONFIG_NETFILTER_SYNPROXY=y CONFIG_NF_TABLES=y CONFIG_NF_TABLES_INET=y CONFIG_NFT_EXTHDR=y CONFIG_NFT_META=y CONFIG_NFT_CT=y CONFIG_NFT_RBTREE=y CONFIG_NFT_HASH=y CONFIG_NFT_COUNTER=y CONFIG_NFT_LOG=y CONFIG_NFT_LIMIT=y # CONFIG_NFT_NAT is not set CONFIG_NFT_QUEUE=m CONFIG_NFT_REJECT=y CONFIG_NFT_REJECT_INET=y CONFIG_NFT_COMPAT=y CONFIG_NETFILTER_XTABLES=y # # Xtables combined modules # CONFIG_NETFILTER_XT_MARK=y CONFIG_NETFILTER_XT_CONNMARK=y # CONFIG_NETFILTER_XT_SET is not set # # Xtables targets # # CONFIG_NETFILTER_XT_TARGET_CHECKSUM is not set CONFIG_NETFILTER_XT_TARGET_CLASSIFY=y CONFIG_NETFILTER_XT_TARGET_CONNMARK=y # CONFIG_NETFILTER_XT_TARGET_CT is not set # CONFIG_NETFILTER_XT_TARGET_DSCP is not set CONFIG_NETFILTER_XT_TARGET_HL=y CONFIG_NETFILTER_XT_TARGET_HMARK=y CONFIG_NETFILTER_XT_TARGET_IDLETIMER=y CONFIG_NETFILTER_XT_TARGET_LED=y CONFIG_NETFILTER_XT_TARGET_LOG=y CONFIG_NETFILTER_XT_TARGET_MARK=y CONFIG_NETFILTER_XT_TARGET_NETMAP=y CONFIG_NETFILTER_XT_TARGET_NFLOG=y CONFIG_NETFILTER_XT_TARGET_NFQUEUE=y # CONFIG_NETFILTER_XT_TARGET_NOTRACK is not set CONFIG_NETFILTER_XT_TARGET_RATEEST=y CONFIG_NETFILTER_XT_TARGET_REDIRECT=y CONFIG_NETFILTER_XT_TARGET_TEE=y # CONFIG_NETFILTER_XT_TARGET_TPROXY is not set # CONFIG_NETFILTER_XT_TARGET_TRACE is not set CONFIG_NETFILTER_XT_TARGET_TCPMSS=y # CONFIG_NETFILTER_XT_TARGET_TCPOPTSTRIP is not set # # Xtables matches # CONFIG_NETFILTER_XT_MATCH_ADDRTYPE=y CONFIG_NETFILTER_XT_MATCH_BPF=y CONFIG_NETFILTER_XT_MATCH_CGROUP=y CONFIG_NETFILTER_XT_MATCH_CLUSTER=y CONFIG_NETFILTER_XT_MATCH_COMMENT=y CONFIG_NETFILTER_XT_MATCH_CONNBYTES=y CONFIG_NETFILTER_XT_MATCH_CONNLABEL=y CONFIG_NETFILTER_XT_MATCH_CONNLIMIT=y CONFIG_NETFILTER_XT_MATCH_CONNMARK=y CONFIG_NETFILTER_XT_MATCH_CONNTRACK=y CONFIG_NETFILTER_XT_MATCH_CPU=y CONFIG_NETFILTER_XT_MATCH_DCCP=y CONFIG_NETFILTER_XT_MATCH_DEVGROUP=y CONFIG_NETFILTER_XT_MATCH_DSCP=y CONFIG_NETFILTER_XT_MATCH_ECN=y CONFIG_NETFILTER_XT_MATCH_ESP=y CONFIG_NETFILTER_XT_MATCH_HASHLIMIT=y CONFIG_NETFILTER_XT_MATCH_HELPER=y CONFIG_NETFILTER_XT_MATCH_HL=y CONFIG_NETFILTER_XT_MATCH_IPCOMP=y CONFIG_NETFILTER_XT_MATCH_IPRANGE=y CONFIG_NETFILTER_XT_MATCH_L2TP=y CONFIG_NETFILTER_XT_MATCH_LENGTH=y CONFIG_NETFILTER_XT_MATCH_LIMIT=y CONFIG_NETFILTER_XT_MATCH_MAC=y CONFIG_NETFILTER_XT_MATCH_MARK=y CONFIG_NETFILTER_XT_MATCH_MULTIPORT=y CONFIG_NETFILTER_XT_MATCH_NFACCT=y CONFIG_NETFILTER_XT_MATCH_OSF=y CONFIG_NETFILTER_XT_MATCH_OWNER=y CONFIG_NETFILTER_XT_MATCH_POLICY=y CONFIG_NETFILTER_XT_MATCH_PKTTYPE=y CONFIG_NETFILTER_XT_MATCH_QUOTA=y CONFIG_NETFILTER_XT_MATCH_RATEEST=y CONFIG_NETFILTER_XT_MATCH_REALM=y CONFIG_NETFILTER_XT_MATCH_RECENT=y CONFIG_NETFILTER_XT_MATCH_SCTP=y CONFIG_NETFILTER_XT_MATCH_SOCKET=y CONFIG_NETFILTER_XT_MATCH_STATE=y CONFIG_NETFILTER_XT_MATCH_STATISTIC=y CONFIG_NETFILTER_XT_MATCH_STRING=y CONFIG_NETFILTER_XT_MATCH_TCPMSS=y CONFIG_NETFILTER_XT_MATCH_TIME=y CONFIG_NETFILTER_XT_MATCH_U32=y CONFIG_IP_SET=y CONFIG_IP_SET_MAX=256 CONFIG_IP_SET_BITMAP_IP=y CONFIG_IP_SET_BITMAP_IPMAC=y CONFIG_IP_SET_BITMAP_PORT=y CONFIG_IP_SET_HASH_IP=y CONFIG_IP_SET_HASH_IPPORT=y CONFIG_IP_SET_HASH_IPPORTIP=y CONFIG_IP_SET_HASH_IPPORTNET=y CONFIG_IP_SET_HASH_NETPORTNET=y CONFIG_IP_SET_HASH_NET=y CONFIG_IP_SET_HASH_NETNET=y CONFIG_IP_SET_HASH_NETPORT=y CONFIG_IP_SET_HASH_NETIFACE=y CONFIG_IP_SET_LIST_SET=y # CONFIG_IP_VS is not set # # IP: Netfilter Configuration # CONFIG_NF_DEFRAG_IPV4=y CONFIG_NF_CONNTRACK_IPV4=y CONFIG_NF_CONNTRACK_PROC_COMPAT=y CONFIG_NF_TABLES_IPV4=y CONFIG_NFT_CHAIN_ROUTE_IPV4=y CONFIG_NFT_REJECT_IPV4=y CONFIG_NF_TABLES_ARP=y CONFIG_IP_NF_IPTABLES=y CONFIG_IP_NF_MATCH_AH=y CONFIG_IP_NF_MATCH_ECN=y CONFIG_IP_NF_MATCH_RPFILTER=y CONFIG_IP_NF_MATCH_TTL=y CONFIG_IP_NF_FILTER=y CONFIG_IP_NF_TARGET_REJECT=y CONFIG_IP_NF_TARGET_SYNPROXY=y CONFIG_IP_NF_TARGET_ULOG=y CONFIG_NF_NAT_IPV4=y CONFIG_IP_NF_TARGET_MASQUERADE=y CONFIG_IP_NF_TARGET_NETMAP=y CONFIG_IP_NF_TARGET_REDIRECT=y CONFIG_NF_NAT_SNMP_BASIC=y CONFIG_NF_NAT_PROTO_GRE=y CONFIG_NF_NAT_PPTP=y CONFIG_NF_NAT_H323=y CONFIG_IP_NF_MANGLE=y CONFIG_IP_NF_TARGET_CLUSTERIP=y CONFIG_IP_NF_TARGET_ECN=y CONFIG_IP_NF_TARGET_TTL=y CONFIG_IP_NF_RAW=y CONFIG_IP_NF_ARPTABLES=y CONFIG_IP_NF_ARPFILTER=y CONFIG_IP_NF_ARP_MANGLE=y # # IPv6: Netfilter Configuration # CONFIG_NF_DEFRAG_IPV6=y CONFIG_NF_CONNTRACK_IPV6=y CONFIG_NF_TABLES_IPV6=y CONFIG_NFT_CHAIN_ROUTE_IPV6=y CONFIG_NFT_REJECT_IPV6=y CONFIG_IP6_NF_IPTABLES=y CONFIG_IP6_NF_MATCH_AH=y CONFIG_IP6_NF_MATCH_EUI64=y CONFIG_IP6_NF_MATCH_FRAG=y CONFIG_IP6_NF_MATCH_OPTS=y CONFIG_IP6_NF_MATCH_HL=y CONFIG_IP6_NF_MATCH_IPV6HEADER=y CONFIG_IP6_NF_MATCH_MH=y # CONFIG_IP6_NF_MATCH_RPFILTER is not set CONFIG_IP6_NF_MATCH_RT=y CONFIG_IP6_NF_TARGET_HL=y CONFIG_IP6_NF_FILTER=y CONFIG_IP6_NF_TARGET_REJECT=y CONFIG_IP6_NF_TARGET_SYNPROXY=y CONFIG_IP6_NF_MANGLE=y CONFIG_IP6_NF_RAW=y CONFIG_NF_NAT_IPV6=y CONFIG_IP6_NF_TARGET_MASQUERADE=y CONFIG_IP6_NF_TARGET_NPT=y CONFIG_NF_TABLES_BRIDGE=y
以上配置完畢後,netfilter就設置完畢了,重新編譯內核,生成zImage,燒寫到開發板上。
(三) 交叉編譯必須的組件:nftables的正常運行需要以下組件,下麵每個程式編譯完畢後需要將安裝路徑裡面生成的內容添加到交叉編譯工具鏈中,這樣依賴它的程式才能找到相應的頭文件和庫文件
- 交叉編譯flex-2.5.38:需要修改conf.in文件,否則提示找不到malloc和realloc兩個函數
sed -i 's/#undef malloc//g' conf.in sed -i 's/#undef realloc//g' conf.in ./configure --host=arm-linux-gnueabihf CC=arm-linux-gnueabihf-gcc --with-gnu-ld --prefix=安裝路徑 make -j6 make install
- 交叉編譯bison-3.0.4
1 ./configure --host=arm-linux-gnueabihf CC=arm-linux-gnueabihf-gcc --with-gnu-ld --prefix=$root_release_path 2 make -j6 3 make install
- 交叉編譯gmp-6.1.1
1 ./configure --host=arm-linux-gnueabihf CC=arm-linux-gnueabihf-gcc --with-gnu-ld --prefix=$root_release_path 2 make -j6 3 make install
- 交叉編譯libmnl-1.0.3
1 ./configure --host=arm-linux-gnueabihf CC=arm-linux-gnueabihf-gcc --with-gnu-ld --prefix=$root_release_path
2 make -j6
3 make install
- 交叉編譯libnftnl-1.0.6
1 LIBMNL_CFLAGS="-I/opt/toolchain/arm-linux-gnueabihf/include/libmnl/" LIBMNL_LIBS="-L/opt/toolchain/arm-linux-gnueabihf/lib -lmnl" ./configure --host=arm-linux-gnueabihf CC=arm-linux-gnueabihf-gcc --with-gnu-ld --prefix=$root_release_path
2 make -j6
3 make install
- 交叉編譯readline-6.3
1 ./configure --host=arm-linux-gnueabihf CC=arm-linux-gnueabihf-gcc --prefix=$root_release_path
2 make -j6
3 make install
(四)交叉編譯nftables-0.6
LIBMNL_CFLAGS="-I/opt/toolchain/arm-linux-gnueabihf/include/libmnl/" \
LIBMNL_LIBS="-L/opt/toolchain/arm-linux-gnueabihf/lib -lmnl" \
LIBNFTNL_CFLAGS="-I/opt/toolchain/arm-linux-gnueabihf/include/libnftnl/" \
LIBNFTNL_LIBS="-L/opt/toolchain/arm-linux-gnueabihf/lib -lnftnl" \
./configure --host=arm-linux-gnueabihf CC=arm-linux-gnueabihf-gcc --without-cli \
--prefix=$root_release_path
交叉編譯玩nftables之後,請將上面的交叉編譯的組件和nftables文件移植到到開發板上,越久是$root_release_path路徑的所有文件按照系統目錄結構拷貝上去,
千萬記得,內核是你重新編譯過的內核。
下麵我提供一個編譯腳本,根據自己的情況可以修改,這裡支持安裝必要的開發包、交叉編譯部分源碼包
1 #!/bin/bash 2 3 # author : nanye 2016/06/28 4 # compile these source pacakge under ubunt 16.04 x32 5 # please make sure that your system is connected to internet 6 # 7 8 root_path=$PWD 9 root_tar_path=$root_path'/src' 10 root_release_path=$root_path'/release' 11 root_build_path=$root_path'/build' 12 crosstool_path=`which arm-linux-gnueabihf-g++` 13 compile_args=$1 14 15 # help information 16 if [ "$compile_args" = "-h" ] 17 then 18 echo "./compile [openssl | snmp | iptables | sqlite | pam | orderd | zhttpd 19 flex | bison | gmp | libmnl | libnftnl | readline | nftables]" 20 echo " no args for compiling all package" 21 exit 22 fi 23 24 # need to compile source module 25 module_name=( 26 [1]=openssl-1.0.2h 27 [2]=net-snmp-5.7.2 28 [3]=iptables-1.4.18 29 [4]=sqlite 30 [5]=Linux-PAM-1.3.0 31 [6]=orderd 32 [7]=zhttpd 33 [8]=flex-2.5.38 34 [9]=bison-3.0.4 35 [10]=gmp-6.1.1 36 [11]=libmnl-1.0.3 37 [12]=libnftnl-1.0.6 38 [13]=readline-6.3 39 [14]=nftables-0.6 40 ) 41 42 # install package 43 package_name=( 44 [1]=g++ 45 [2]=build-essential 46 [3]=texlive 47 [4]=gettext 48 [5]=m4 49 [6]=help2man 50 [7]=indent 51 [8]=autopoint 52 [9]=makeinfo 53 [10]=odblatex 54 [11]=docbook2x 55 [12]=flex 56 [13]=bison 57 [14]=automake 58 [15]=autoconf 59 ) 60 for var in ${package_name[@]}; 61 do 62 echo -e "\e[0;32;1m[info] : install $var\e[0m" 63 sudo apt-get install $var 64 done 65 66 67 # check crosstool exist 68 if [ "$crosstool_path" = "" ] 69 then 70 echo -e "\e[0;31;1m[erro] : have no crosstool in /opt/toolchain\e[0m" 71 exit 72 fi 73 74 # create release dirrent 75 if [ ! -d $root_release_path ] 76 then 77 echo -e "\e[0;32;1m[info] : create release success\e[0m" 78 mkdir $PWD'/release' 79 fi 80 81 # create build dirrent 82 if [ ! -d $root_build_path ] 83 then 84 echo -e "\e[0;32;1m[info] : create build success\e[0m" 85 mkdir $PWD'/build' 86 fi 87 88 # compile openssl 89 if [ "$compile_args" = "" ] || [ "$compile_args" = "openssl" ] 90 then 91 cd $root_build_path 92 echo -e "\e[0;32;1m[info] : tar xf ${module_name[1]}.tar.gz to build\e[0m" 93 tar xf $root_tar_path'/'${module_name[1]}.tar.gz 94 cd $root_build_path'/'${module_name[1]} 95 /bin/bash config shared no-asm --prefix=$root_release_path 96 sed -i 's/PLATFORM=linux-elf/PLATFORM=linux-elf-arm/g' Makefile 97 sed -i 's/CC= gcc/CC= arm-linux-gnueabihf-gcc/g' Makefile 98 sed -i 's/AR= ar/AR= arm-linux-gnueabihf-ar/g' Makefile 99 sed -i 's/RANLIB= /usr/bin/ranlib/RANLIB= arm-linux-gnueabihf-ranlib/g' Makefile 100 sed -i 's/NM= nm/NM= arm-linux-gnueabihf-nm/g' Makefile 101 sed -i 's/MAKEDEPPROG= gcc/MAKEDEPPROG= arm-linux-gnueabihf-gcc/g' Makefile 102 make -j4 103 make install 104 fi 105 106 # compile net-snmp 107 if [ "$compile_args" = "" ] || [ "$compile_args" = "snmp" ] 108 then 109 cd $root_build_path 110 echo -e "\e[0;32;1m[info] : tar xf ${module_name[2]}.tar.gz to build\e[0m" 111 tar xf $root_tar_path'/'${module_name[2]}.tar.gz 112 cd $root_build_path'/'${module_name[2]} 113 CC=arm-linux-gnueabihf-gcc ./configure --build=i686-linux \ 114 --host=arm-linux --disable-manuals --enable-mfd-rewrites \ 115 --enable-shared=no --with-mib-modules='ucd-snmp/diskio ip-mib/ipv4InterfaceTable' \ 116 --with-cc=arm-linux-gnueabihf-gcc --with-ar=arm-linux-gnueabihf-ar \ 117 --prefix=$root_release_path 118 make -j4 119 make install 120 fi 121 122 # compile iptables 123 if [ "$compile_args" = "" ] || [ "$compile_args" = "iptables" ] 124 then 125 cd $root_build_path 126 echo -e "\e[0;32;1m[info] : tar xf ${module_name[3]}.tar.gz to build\e[0m" 127 tar xf $root_tar_path'/'${module_name[3]}.tar.gz 128 cd $root_build_path'/'${module_name[3]} 129 ./configure --host=arm-linux-gnueabihf \ 130 --disable-static --enable-shared \ 131 --prefix=$root_release_path 132 make -j4 133 make install 134 fi 135 136 # compile sqlite 137 if [ "$compile_args" = "" ] || [ "$compile_args" = "sqlite" ] 138 then 139 cd $root_build_path 140 echo -e "\e[0;32;1m[info] : tar xf ${module_name[4]}.tar.gz to build\e[0m" 141 tar xf $root_tar_path'/'${module_name[4]}.tar.gz 142 cd $root_build_path'/'${module_name[4]} 143 ./configure --disable-tcl --host=arm-linux-gnueabihf \ 144 --prefix=$root_release_path 145 make -j4 146 make install 147 fi 148 149 # compile pam 150 if [ "$compile_args" = "" ] || [ "$compile_args" = "pam" ] 151 then 152 cd $root_build_path 153 echo -e "\e[0;32;1m[info] : tar xf ${module_name[5]}.tar.gz to build\e[0m" 154 tar xf $root_tar_path'/'${module_name[5]}.tar.gz 155 cd $root_build_path'/'${module_name[5]} 156 ./configure --host=arm-linux-gnueabihf --disable-static --enable-shared \ 157 --prefix=$root_release_path 158 make -j4 159 make install 160 fi 161 162 # compile orderd 163 if [ "$compile_args" = "" ] || [ "$compile_args" = "orderd" ] 164 then 165 cp -r $root_tar_path/${module_name[6]} $root_build_path 166 cd $root_build_path/${module_name[6]}/src 167 make 168 if [ ! -d $root_release_path/sbin ] 169 then 170 mkdir $root_release_path/sbin 171 fi 172 cp orderd $root_release_path/sbin 173 fi 174 175 # compile zhttpd 176 if [ "$compile_args" = "" ] || [ "$compile_args" = "zhttpd" ] 177 then 178 cp -r $root_tar_path/${module_name[7]} $root_build_path 179 cd $root_build_path/${module_name[7]} 180 make 181 if [ ! -d $root_release_path/sbin ] 182 then 183 mkdir $root_release_path/sbin 184 fi 185 cp zhttpd $root_release_path/sbin 186 fi 187 188 # compile flex 189 if [ "$compile_args" = "" ] || [ "$compile_args" = "flex" ] 190 then 191 cd $root_build_path 192 echo -e "\e[0;32;1m[info] : tar xf ${module_name[8]}.tar.gz to build\e[0m" 193 tar xf $root_tar_path'/'${module_name[8]}.tar.gz 194 cd $root_build_path'/'${module_name[8]} 195 sed -i 's/#undef malloc//g' conf.in 196 sed -i 's/#undef realloc//g' conf.in 197 ./configure --host=arm-linux-gnueabihf CC=arm-linux-gnueabihf-gcc --with-gnu-ld \ 198 --prefix=$root_release_path 199 make -j6 200 make install 201 fi 202 203 # compile bison 204 if [ "$compile_args" = "" ] || [ "$compile_args" = "bison" ] 205 then 206 cd $root_build_path 207 echo -e "\e[0;32;1m[info] : tar xf ${module_name[9]}.tar.gz to build\e[0m" 208 tar xf $root_tar_path'/'${module_name[9]}.tar.gz 209 cd $root_build_path'/'${module_name[9]} 210 ./configure --host=arm-linux-gnueabihf CC=arm-linux-gnueabihf-gcc --with-gnu-ld \ 211 --prefix=$root_release_path 212 make -j6 213 make install 214 cp $root_build_path/${module_name[9]}/lib/libbison.a $root_release_path/lib 215 fi 216 217 # compile gmp 218 if [ "$compile_args" = "" ] || [ "$compile_args" = "gmp" ] 219 then 220 cd $root_build_path 221 echo -e "\e[0;32;1m[info] : tar xf ${module_name[10]}.tar.gz to build\e[0m" 222 tar xf $root_tar_path'/'${module_name[10]}.tar.gz 223 cd $root_build_path'/'${module_name[10]} 224 ./configure --host=arm-linux-gnueabihf CC=arm-linux-gnueabihf-gcc --with-gnu-ld \ 225 --prefix=$root_release_path 226 make -j6 227 make install 228 fi 229 230 # compile libmnl 231 if [ "$compile_args" = "" ] || [ "$compile_args" = "libmnl" ] 232 then 233 cd $root_build_path 234 echo -e "\e[0;32;1m[info] : tar xf ${module_name[11]}.tar.gz to build\e[0m" 235 tar xf $root_tar_path'/'${module_name[11]}.tar.bz2 236 cd $root_build_path'/'${module_name[11]} 237 ./configure --host=arm-linux-gnueabihf CC=arm-linux-gnueabihf-gcc --with-gnu-ld \ 238 --prefix=$root_release_path 239 make -j6 240 make install 241 fi 242 243 244 # compile libnftnl 245 if [ "$compile_args" = "" ] || [ "$compile_args" = "libnftnl" ] 246 then 247 cd $root_build_path 248 echo -e "\e[0;32
