如何解决为arm发行交叉编译iptables
我正在尝试为ARM交叉编译iptables。我已经尝试了1.6.1和1.8.5版本,并且都有类似的问题。 iptables具有三个依赖项,libmnl,libnftnl和libnfnetlink。我确保所有这些文件都可以交叉编译并在这些位置可用-
/home/badri/arm_libs/nftnl2
/home/badri/arm_libs/mnl
/home/badri/arm_libs/nfnetlink
昨天我有一个类似的问题,它与配置有关。但是现在我觉得配置正确,但是不知道问题出在哪里。这个类似的问题可以在这里看到-
Issues cross compiling libnftnl for arm
我的iptables配置如下-
./configure --build=x86_64-pc-linux-gnu --host=aarch64-linux-gnu --enable-static=no --prefix=/home/badri/arm_libs/iptables2 libmnl_LIBS=-L/home/badri/arm_libs/mnl/lib libmnl_CFLAGS=-I/home/badri/arm_libs/mnl/include/ libnftnl_LIBS=-L/home/badri/arm_libs/nftnl2/lib/ libnftnl_CFLAGS=-I/home/badri/arm_libs/nftnl2/include libnfnetlink_LIBS=-L/home/badri/arm_libs/nfnetlink/lib libnfnetlink_CFLAGS=-I/home/badri/arm_libs/nfnetlink/include
配置成功,并导致这些错误。有人遇到过这个问题吗?
/home/badri/Downloads/iptables-1.8.5/utils/nfnl_osf.c:381: undefined reference to `nfnl_fill_hdr'
/home/badri/Downloads/iptables-1.8.5/utils/nfnl_osf.c:387: undefined reference to `nfnl_addattr_l'
/home/badri/Downloads/iptables-1.8.5/utils/nfnl_osf.c:389: undefined reference to `nfnl_query'
/home/badri/Downloads/iptables-1.8.5/utils/nfnl_osf.c:384: undefined reference to `nfnl_fill_hdr'
/home/badri/Downloads/iptables-1.8.5/utils/nfnl_osf.c:387: undefined reference to `nfnl_addattr_l'
/home/badri/Downloads/iptables-1.8.5/utils/nfnl_osf.c:389: undefined reference to `nfnl_query'
./ configure --help看起来像这样。
badri@badri-All-Series:~/Downloads/iptables-1.6.1$ ./configure --help
`configure' configures iptables 1.6.1 to adapt to many kinds of systems.
Usage: ./configure [OPTION]... [VAR=VALUE]...
To assign environment variables (e.g.,CC,CFLAGS...),specify them as
VAR=VALUE. See below for descriptions of some of the useful variables.
Defaults for the options are specified in brackets.
Configuration:
-h,--help display this help and exit
--help=short display options specific to this package
--help=recursive display the short help of all the included packages
-V,--version display version information and exit
-q,--quiet,--silent do not print `checking ...' messages
--cache-file=FILE cache test results in FILE [disabled]
-C,--config-cache alias for `--cache-file=config.cache'
-n,--no-create do not create output files
--srcdir=DIR find the sources in DIR [configure dir or `..']
Installation directories:
--prefix=PREFIX install architecture-independent files in PREFIX
[/usr/local]
--exec-prefix=EPREFIX install architecture-dependent files in EPREFIX
[PREFIX]
By default,`make install' will install all the files in
`/usr/local/bin',`/usr/local/lib' etc. You can specify
an installation prefix other than `/usr/local' using `--prefix',for instance `--prefix=$HOME'.
For better control,use the options below.
Fine tuning of the installation directories:
--bindir=DIR user executables [EPREFIX/bin]
--sbindir=DIR system admin executables [EPREFIX/sbin]
--libexecdir=DIR program executables [EPREFIX/libexec]
--sysconfdir=DIR read-only single-machine data [PREFIX/etc]
--sharedstatedir=DIR modifiable architecture-independent data [PREFIX/com]
--localstatedir=DIR modifiable single-machine data [PREFIX/var]
--libdir=DIR object code libraries [EPREFIX/lib]
--includedir=DIR C header files [PREFIX/include]
--oldincludedir=DIR C header files for non-gcc [/usr/include]
--datarootdir=DIR read-only arch.-independent data root [PREFIX/share]
--datadir=DIR read-only architecture-independent data [DATAROOTDIR]
--infodir=DIR info documentation [DATAROOTDIR/info]
--localedir=DIR locale-dependent data [DATAROOTDIR/locale]
--mandir=DIR man documentation [DATAROOTDIR/man]
--docdir=DIR documentation root [DATAROOTDIR/doc/iptables]
--htmldir=DIR html documentation [DOCDIR]
--dvidir=DIR dvi documentation [DOCDIR]
--pdfdir=DIR pdf documentation [DOCDIR]
--psdir=DIR ps documentation [DOCDIR]
Program names:
--program-prefix=PREFIX prepend PREFIX to installed program names
--program-suffix=SUFFIX append SUFFIX to installed program names
--program-transform-name=PROGRAM run sed PROGRAM on installed program names
System types:
--build=BUILD configure for building on BUILD [guessed]
--host=HOST cross-compile to build programs to run on HOST [BUILD]
Optional Features:
--disable-option-checking ignore unrecognized --enable/--with options
--disable-FEATURE do not include FEATURE (same as --enable-FEATURE=no)
--enable-FEATURE[=ARG] include FEATURE [ARG=yes]
--enable-silent-rules less verbose build output (undo: "make V=1")
--disable-silent-rules verbose build output (undo: "make V=0")
--enable-dependency-tracking
do not reject slow dependency extractors
--disable-dependency-tracking
speeds up one-time build
--enable-static[=PKGS] build static libraries [default=no]
--enable-shared[=PKGS] build shared libraries [default=yes]
--enable-fast-install[=PKGS]
optimize for fast installation [default=yes]
--disable-libtool-lock avoid locking (might break parallel builds)
--disable-ipv4 Do not build iptables
--disable-ipv6 Do not build ip6tables
--disable-largefile Do not build largefile support
--enable-devel Install Xtables development headers
--enable-libipq Build and install libipq
--enable-bpf-compiler Build bpf compiler
--enable-nfsynproxy Build SYNPROXY configuration tool
--disable-nftables Do not build nftables compat
--disable-connlabel Do not build libnetfilter_conntrack
Optional Packages:
--with-PACKAGE[=ARG] use PACKAGE [ARG=yes]
--without-PACKAGE do not use PACKAGE (same as --with-PACKAGE=no)
--with-pic[=PKGS] try to use only PIC/non-PIC objects [default=use
both]
--with-gnu-ld assume the C compiler uses GNU ld [default=no]
--with-sysroot=DIR Search for dependent libraries within DIR
(or the compiler's sysroot if not specified).
--with-kernel=PATH Path to kernel source/build directory
--with-kbuild=PATH Path to kernel build directory
[[/lib/modules/CURRENT/build]]
--with-ksource=PATH Path to kernel source directory
[[/lib/modules/CURRENT/source]]
--with-xtlibdir=PATH Path where to install Xtables extensions
[[LIBEXECDIR/xtables]]
--with-pkgconfigdir=PATH
Path to the pkgconfig directory [[LIBDIR/pkgconfig]]
Some influential environment variables:
CC C compiler command
CFLAGS C compiler flags
LDFLAGS linker flags,e.g. -L<lib dir> if you have libraries in a
nonstandard directory <lib dir>
LIBS libraries to pass to the linker,e.g. -l<library>
CPPFLAGS (Objective) C/C++ preprocessor flags,e.g. -I<include dir> if
you have headers in a nonstandard directory <include dir>
CPP C preprocessor
PKG_CONFIG path to pkg-config utility
PKG_CONFIG_PATH
directories to add to pkg-config's search path
PKG_CONFIG_LIBDIR
path overriding pkg-config's built-in search path
libnfnetlink_CFLAGS
C compiler flags for libnfnetlink,overriding pkg-config
libnfnetlink_LIBS
linker flags for libnfnetlink,overriding pkg-config
libmnl_CFLAGS
C compiler flags for libmnl,overriding pkg-config
libmnl_LIBS linker flags for libmnl,overriding pkg-config
libnftnl_CFLAGS
C compiler flags for libnftnl,overriding pkg-config
libnftnl_LIBS
linker flags for libnftnl,overriding pkg-config
YACC The `Yet Another Compiler Compiler' implementation to use.
Defaults to the first program found out of: `bison -y',`byacc',`yacc'.
YFLAGS The list of arguments that will be passed by default to $YACC.
This script will default YFLAGS to the empty string to avoid a
default value of `-d' given by some make applications.
libnetfilter_conntrack_CFLAGS
C compiler flags for libnetfilter_conntrack,overriding
pkg-config
libnetfilter_conntrack_LIBS
linker flags for libnetfilter_conntrack,overriding pkg-config
Use these variables to override the choices made by `configure' or to help
it to find libraries and programs with nonstandard names/locations.
Report bugs to the package provider.
badri@badri-All-Series:~/Downloads/iptables-1.6.1$
看起来它也在期待LDFLAGS,但事实并非如此。如果我与选项一起配置
LDFLAGS = -L / home / badri / arm_libs / nfnetlink / lib LIBS = -lnfnetlink
我可以看到它似乎已经超过了nfnl的链接器错误。现在,它陷入了nftnl。尽管理想情况下,我希望现有的configure选项能够满足要求。
解决方法
这很难说出到底是什么引起了您的问题,但是我想说您可能缺少-lnftnl链接器选项-我的两分钱。
话虽如此,我尝试使用以下脚本交叉编译libmnl-1.0.4.tar.bz2,libnftnl-1.1.7.tar.bz2和iptables-1.8.5.tar.bz2,并且所有三个编译均成功完成:
build.sh:
#/bin/bash
CROSS_COMPILE=/opt/arm/9/gcc-arm-9.2-2019.12-x86_64-aarch64-none-linux-gnu/bin/aarch64-none-linux-gnu-
mkdir sysroot
PREFIX=$(pwd)/sysroot
wget https://www.netfilter.org/projects/libmnl/files/libmnl-1.0.4.tar.bz2
wget https://www.netfilter.org/projects/libnftnl/files/libnftnl-1.1.7.tar.bz2
wget https://www.netfilter.org/projects/iptables/files/iptables-1.8.5.tar.bz2
tar jxf libmnl-1.0.4.tar.bz2
tar jxf libnftnl-1.1.7.tar.bz2
tar jxf iptables-1.8.5.tar.bz2
pushd libmnl-1.0.4
CC=${CROSS_COMPILE}gcc ./configure --build=x86_64-pc-linux-gnu --host=aarch64-linux-gnu --enable-static=no --prefix=${PREFIX}
make install
popd
pushd libnftnl-1.1.7
CC=${CROSS_COMPILE}gcc LIBMNL_CFLAGS="-I${PREFIX}/include" LIBMNL_LIBS="-L${PREFIX}/lib" ./configure --build=x86_64-pc-linux-gnu --host=aarch64-linux-gnu --enable-static=no --prefix=${PREFIX}
make install
popd
pushd iptables-1.8.5
CC=${CROSS_COMPILE}gcc libnftnl_CFLAGS="-I${PREFIX}/include" libnftnl_LIBS="-L${PREFIX}/lib -lnftnl" ./configure --build=x86_64-pc-linux-gnu --host=aarch64-linux-gnu --enable-static=no --prefix=${PREFIX}
make install
popd
脚本完成后,iptables在sysroot/sbin中可用:
ls -gG sysroot/sbin/
total 1424
lrwxrwxrwx 1 17 Aug 17 14:24 arptables -> xtables-nft-multi
lrwxrwxrwx 1 17 Aug 17 14:24 arptables-nft -> xtables-nft-multi
lrwxrwxrwx 1 17 Aug 17 14:24 arptables-nft-restore -> xtables-nft-multi
lrwxrwxrwx 1 17 Aug 17 14:24 arptables-nft-save -> xtables-nft-multi
lrwxrwxrwx 1 17 Aug 17 14:24 arptables-restore -> xtables-nft-multi
lrwxrwxrwx 1 17 Aug 17 14:24 arptables-save -> xtables-nft-multi
lrwxrwxrwx 1 17 Aug 17 14:24 ebtables -> xtables-nft-multi
lrwxrwxrwx 1 17 Aug 17 14:24 ebtables-nft -> xtables-nft-multi
lrwxrwxrwx 1 17 Aug 17 14:24 ebtables-nft-restore -> xtables-nft-multi
lrwxrwxrwx 1 17 Aug 17 14:24 ebtables-nft-save -> xtables-nft-multi
lrwxrwxrwx 1 17 Aug 17 14:24 ebtables-restore -> xtables-nft-multi
lrwxrwxrwx 1 17 Aug 17 14:24 ebtables-save -> xtables-nft-multi
lrwxrwxrwx 1 20 Aug 17 14:24 ip6tables -> xtables-legacy-multi
lrwxrwxrwx 1 14 Aug 17 14:24 ip6tables-apply -> iptables-apply
lrwxrwxrwx 1 20 Aug 17 14:24 ip6tables-legacy -> xtables-legacy-multi
lrwxrwxrwx 1 20 Aug 17 14:24 ip6tables-legacy-restore -> xtables-legacy-multi
lrwxrwxrwx 1 20 Aug 17 14:24 ip6tables-legacy-save -> xtables-legacy-multi
lrwxrwxrwx 1 17 Aug 17 14:24 ip6tables-nft -> xtables-nft-multi
lrwxrwxrwx 1 17 Aug 17 14:24 ip6tables-nft-restore -> xtables-nft-multi
lrwxrwxrwx 1 17 Aug 17 14:24 ip6tables-nft-save -> xtables-nft-multi
lrwxrwxrwx 1 20 Aug 17 14:24 ip6tables-restore -> xtables-legacy-multi
lrwxrwxrwx 1 17 Aug 17 14:24 ip6tables-restore-translate -> xtables-nft-multi
lrwxrwxrwx 1 20 Aug 17 14:24 ip6tables-save -> xtables-legacy-multi
lrwxrwxrwx 1 17 Aug 17 14:24 ip6tables-translate -> xtables-nft-multi
lrwxrwxrwx 1 20 Aug 17 14:24 iptables -> xtables-legacy-multi
lrwxrwxrwx 1 20 Aug 17 14:24 iptables-legacy -> xtables-legacy-multi
lrwxrwxrwx 1 20 Aug 17 14:24 iptables-legacy-restore -> xtables-legacy-multi
lrwxrwxrwx 1 20 Aug 17 14:24 iptables-legacy-save -> xtables-legacy-multi
lrwxrwxrwx 1 17 Aug 17 14:24 iptables-nft -> xtables-nft-multi
lrwxrwxrwx 1 17 Aug 17 14:24 iptables-nft-restore -> xtables-nft-multi
lrwxrwxrwx 1 17 Aug 17 14:24 iptables-nft-save -> xtables-nft-multi
lrwxrwxrwx 1 20 Aug 17 14:24 iptables-restore -> xtables-legacy-multi
lrwxrwxrwx 1 17 Aug 17 14:24 iptables-restore-translate -> xtables-nft-multi
lrwxrwxrwx 1 20 Aug 17 14:24 iptables-save -> xtables-legacy-multi
lrwxrwxrwx 1 17 Aug 17 14:24 iptables-translate -> xtables-nft-multi
-rwxr-xr-x 1 373064 Aug 17 14:23 xtables-legacy-multi
lrwxrwxrwx 1 17 Aug 17 14:24 xtables-monitor -> xtables-nft-multi
-rwxr-xr-x 1 1079440 Aug 17 14:23 xtables-nft-multi
file sysroot/sbin/xtables-nft-multi
sysroot/sbin/xtables-nft-multi: ELF 64-bit LSB executable,ARM aarch64,version 1 (SYSV),dynamically linked,interpreter /lib/ld-linux-aarch64.so.1,for GNU/Linux 3.7.0,not stripped
这可以帮助您使用上述过程调查问题或交叉编译iptables。
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。