为iptables 添加模块的问题（未解决）

maminlong

debian -------  内核 2.6.21.7--------- itpables 1.3.8  

这是参照别人的教程：

————————————————————————————————————————————--

2、下载新的ng

cd /usr/src/patch-o-matic-ng-20071128

看看sources.list，需要下geoip、condition、IPMARK、ROUTE、connlimit、ipp2p等external patch

#./runme --download

就会下载相关的patch了。在这过程中，你需要指定内核和iptables源码的目录，由于我在上面做了链接，直接默认的就可以了。


Successfully downloaded external patch geoip
Successfully downloaded external patch condition
Successfully downloaded external patch IPMARK
Successfully downloaded external patch ROUTE
Successfully downloaded external patch connlimit
Successfully downloaded external patch ipp2p
Successfully downloaded external patch time
./patchlets/ipv4options exists and is not external
./patchlets/TARPIT exists and is not external
Successfully downloaded external patch ACCOUNT
Successfully downloaded external patch pknock
Hey! KERNEL_DIR is not set.
Where is your kernel source directory? [/usr/src/linux]
Hey! IPTABLES_DIR is not set.
Where is your iptables source code directory? [/usr/src/iptables]
Loading patchlet definitions......................... done


Excellent! Source trees are ready for compilation.

3、用ng对kernel和iptables打上相关的patch

# pwd
/usr/src/new/patch-o-matic-ng-20071128

打上需要的ng patch，下面是我需要的。

KERNEL_DIR=/usr/src/linux-2.6.18 IPTABLES_DIR=/usr/src/iptables-1.3.6 ./runme connlimit
KERNEL_DIR=/usr/src/linux-2.6.18 IPTABLES_DIR=/usr/src/iptables-1.3.6 ./runme geoip
KERNEL_DIR=/usr/src/linux-2.6.18 IPTABLES_DIR=/usr/src/iptables-1.3.6 ./runme ipp2p
KERNEL_DIR=/usr/src/linux-2.6.18 IPTABLES_DIR=/usr/src/iptables-1.3.6 ./runme time
KERNEL_DIR=/usr/src/linux-2.6.18 IPTABLES_DIR=/usr/src/iptables-1.3.6 ./runme u32

在这过程中，会询问你。由于我是需要这些ng patch的，直接y就答应。
————————————————————————————————————————————————————
以下是我的操作：

WG:/usr/src/patch-o-matic-ng-20090830# export KERNEL_DIR=/usr/src/linux
WG:/usr/src/patch-o-matic-ng-20090830# export IPTABLES_DIR=/usr/src/iptables
WG:/usr/src/patch-o-matic-ng-20090830# ./runme --download
Successfully downloaded external patch geoip
Successfully downloaded external patch condition
Successfully downloaded external patch IPMARK
Successfully downloaded external patch ROUTE
Successfully downloaded external patch connlimit
Successfully downloaded external patch ipp2p
Successfully downloaded external patch time
Successfully downloaded external patch ipv4options
Successfully downloaded external patch TARPIT
Successfully downloaded external patch ACCOUNT
Successfully downloaded external patch pknock
Can't find a valid termcap file at ./runme line 324     （到这里就中断）



看了好多iptables 添加模块的的说明文档，参照别人说明的方法来做，步步都一样，但我的却不行，不知道为什么。

聚焦深空

您应当首先升级系统。
用最新的 linux-kernel iptables 会好很多。
有您要的功能的话，没必要自己动手编译。

http://www.netfilter.org/documen ... tensions-HOWTO.html 描述很清楚的。
http://www.debian-administration.org/articles/518 也可参考。