Active Topics
-
Porting apps to Leste (29)
to Maemo 7 / Leste by Arno_11 - 3 days, 3 hrs ago -
Install Fonts in N900 (68)
to Maemo 5 / Fremantle by teroyk - 4 days, 6 hrs ago - more...
|
nieldk
|
2012-03-13
, 17:42
|
|
Guest |
Posts: n/a |
Thanked: 0 times |
Joined on
|
#1
|
Starting this thread, as the open mode/Aegis thread got flooded.
|
|
2012-03-13
, 17:43
|
|
Guest |
Posts: n/a |
Thanked: 0 times |
Joined on
|
#2
|
Originally Posted by javispedro
Yes, did that. Now, messing with the compiled iptables_nat (a.o) kernel modules. COpied the lot to lib/modules/2.6.32.48-dfl61-20115101/ then depmod -a 2.6.32.48-dfl61-20115101 and reboot
There doesn't seem to be a need to do the current-dir link dance.
If one doesn't want to mess with packages (e.g. to ramboot a kernel), it is just necessary to put the proper /lib/modules/$VERSION/ dir and run depmod -a $VERSION before booting it.
(We were doing that to for example test usb host stuff)
dmesg shows this (for iptables_nat)
Argh! Any ideas ?
Code:
[ 239.609741] iptable_nat: Unknown symbol ipt_do_table [ 239.609802] iptable_nat: disagrees about version of symbol nf_register_hooks [ 239.609832] iptable_nat: Unknown symbol nf_register_hooks [ 239.610687] iptable_nat: Unknown symbol nf_conntrack_untracked [ 239.611846] iptable_nat: Unknown symbol nf_nat_packet [ 239.613555] iptable_nat: Unknown symbol __nf_ct_ext_add [ 239.613616] iptable_nat: disagrees about version of symbol register_pernet_subsys [ 239.613647] iptable_nat: Unknown symbol register_pernet_subsys [ 239.614501] iptable_nat: Unknown symbol nf_nat_setup_info [ 239.614532] iptable_nat: disagrees about version of symbol xt_register_target [ 239.614562] iptable_nat: Unknown symbol xt_register_target [ 239.614593] iptable_nat: disagrees about version of symbol nf_unregister_hooks [ 239.614624] iptable_nat: Unknown symbol nf_unregister_hooks [ 239.615447] iptable_nat: Unknown symbol ipt_unregister_table [ 239.615478] iptable_nat: disagrees about version of symbol ip_route_me_harder [ 239.615509] iptable_nat: Unknown symbol ip_route_me_harder [ 239.615539] iptable_nat: disagrees about version of symbol ip_nat_decode_session [ 239.615539] iptable_nat: Unknown symbol ip_nat_decode_session [ 239.616333] iptable_nat: Unknown symbol nf_nat_icmp_reply_translation [ 239.616394] iptable_nat: disagrees about version of symbol unregister_pernet_subsys [ 239.616424] iptable_nat: Unknown symbol unregister_pernet_subsys [ 239.616455] iptable_nat: disagrees about version of symbol ip_xfrm_me_harder [ 239.616485] iptable_nat: Unknown symbol ip_xfrm_me_harder [ 239.616485] iptable_nat: disagrees about version of symbol dst_release [ 239.616516] iptable_nat: Unknown symbol dst_release [ 239.617309] iptable_nat: Unknown symbol need_ipv4_conntrack [ 239.618103] iptable_nat: Unknown symbol ipt_register_table [ 239.618133] iptable_nat: disagrees about version of symbol xt_unregister_target [ 239.618133] iptable_nat: Unknown symbol xt_unregister_target
|
2012-03-13
, 21:14
|
|
Posts: 63 |
Thanked: 27 times |
Joined on Apr 2011
|
#3
|
Originally Posted by nieldk
ummm i think this title will atrack little attention of the community, if i were you, i will continue the topic of compile NAT iptables in your pentesting thread, sure you will find there a lot of people interesting in pentesting so for them getting NAT compiled will be critical too, and may you will find someone there of high skills who can help you. (ultimately the pentesting thread are yours so you can flood it with what you want
Starting this thread, as the open mode/Aegis thread got flooded.
)PS: i follow your posts in the open mode thread and great work compiling the open mode kernel, but i will wait for you kernel with NAT to flashing in my device.
 |
|
2012-03-13
, 21:20
|
|
Posts: 2,355 |
Thanked: 5,249 times |
Joined on Jan 2009
@ Barcelona
|
#4
|
That error is because you are mixing and matching different kernel builds. I do not see you mentioning actually flashing or at least booting from the kernel that was built alongside those modules.
but also I suggest using a different localversion for the new kernel, that way you don't mess with stock's modules.
but also I suggest using a different localversion for the new kernel, that way you don't mess with stock's modules.
| The Following 3 Users Say Thank You to javispedro For This Useful Post: | ||
|
|
2012-03-13
, 21:37
|
|
Guest |
Posts: n/a |
Thanked: 0 times |
Joined on
|
#5
|
Originally Posted by javispedro
hmm modules are compiled against kernel 2.6.32.48-dfl61-20115101, patched for openmode, all the modules are ,new' meaning they are not in kernel 2.6.32.48-dfl61-20115101 image. I didnt notice any weird behavours or malfunctions etc.
That error is because you are mixing and matching different kernel builds. I do not see you mentioning actually flashing or at least booting from the kernel that was built alongside those modules.
but also I suggest using a different localversion for the new kernel, that way you don't mess with stock's modules.
I will try and compile again, just to ensure that the $VERSION set actually matches 2.6.32.48-dfl61-20115101 zImage
|
|
2012-03-13
, 21:41
|
|
Guest |
Posts: n/a |
Thanked: 0 times |
Joined on
|
#6
|
Originally Posted by -Tyler-
could be true, but I think a thread like this, with answers from the experts, will in general help us ,kernel noobs' to get a better picture.
ummm i think this title will atrack little attention of the community, if i were you, i will continue the topic of compile NAT iptables in your pentesting thread, sure you will find there a lot of people interesting in pentesting so for them getting NAT compiled will be critical too, and may you will find someone there of high skills who can help you. (ultimately the pentesting thread are yours so you can flood it with what you want
PS: i follow your posts in the open mode thread and great work compiling the open mode kernel, but i will wait for you kernel with NAT to flashing in my device.
Probably so, that this will evolve into more sub threads, more specific, dunno. Then we can close this thread I guess.
|
|
2012-03-13
, 21:59
|
|
Guest |
Posts: n/a |
Thanked: 0 times |
Joined on
|
#7
|
Have had a look at the modules, from kernel, and the compiled ones.
They all have the signature inside vermagic=2.6.32.48-dfl61-20115101
So, I dont think it is a mix up of versions between kernel and compiled modules
They all have the signature inside vermagic=2.6.32.48-dfl61-20115101
So, I dont think it is a mix up of versions between kernel and compiled modules
|
|
2012-03-13
, 22:58
|
|
Posts: 2,355 |
Thanked: 5,249 times |
Joined on Jan 2009
@ Barcelona
|
#8
|
Originally Posted by nieldk
I did not say _version_. I said _build_. A kernel build produces both modules and an image (zImage). To keep things simple, you always have to use those modules with that image and not any other image, and any other image will not be able to load those modules.
So, I dont think it is a mix up of versions between kernel and compiled modules
Yes, there are exceptions. If the version string matches, AND all of the symbols the module uses match (versions, structure sizes, ...), and if MODVERSIONS is enabled OR the checksum of a bunch of files match, .... then you might use a module with a different image.
But this is not the case here.
Build a kernel, build the modules, install the modules, and flash the kernel.
| The Following 3 Users Say Thank You to javispedro For This Useful Post: | ||
|
|
2012-03-13
, 23:23
|
|
Guest |
Posts: n/a |
Thanked: 0 times |
Joined on
|
#9
|
Originally Posted by javispedro
thanks Javispedro.
I did not say _version_. I said _build_. A kernel build produces both modules and an image (zImage). To keep things simple, you always have to use those modules with that image and not any other image, and any other image will not be able to load those modules.
Yes, there are exceptions. If the version string matches, AND all of the symbols the module uses match (versions, structure sizes, ...), and if MODVERSIONS is enabled OR the checksum of a bunch of files match, .... then you might use a module with a different image.
But this is not the case here.
Build a kernel, build the modules, install the modules, and flash the kernel.
so, even though the zImage and the modules, are compiled using the exact same kernelsource, this wont work if the modules have been build in second buid?
build kernel zImage using default rm581 config
change one setting to "n" (iptables_advanced, which needs to be n but is y default)
build using thevotherwise same rm581 config
flash first zImage
install build modules
this have worked for me before, so I assume this is very n9xx specific.
| The Following User Says Thank You to For This Useful Post: | ||
|
|
2012-03-14
, 12:36
|
|
Guest |
Posts: n/a |
Thanked: 0 times |
Joined on
|
#10
|
getting a bit closer.
compiled kernel to add NAT
copied modules to phone (deleting current modules)
flashed kernel from build
phone boots
modules (iptables and other modules) inserts without errors
However, there is no network connections (3G/WiFi)
I guess some modifications to kernel scriipts are needed, since CONFIG-NETFILTER-ADVANCED was changed from y to n and probably some modules are not being loaded, or missing)
compiled kernel to add NAT
copied modules to phone (deleting current modules)
flashed kernel from build
phone boots
modules (iptables and other modules) inserts without errors
However, there is no network connections (3G/WiFi)
I guess some modifications to kernel scriipts are needed, since CONFIG-NETFILTER-ADVANCED was changed from y to n and probably some modules are not being loaded, or missing)
| The Following 6 Users Say Thank You to For This Useful Post: | ||