2.6 kernel does not compile the kernel to add modules to iptables

Article title: Kernel 2.6 does not compile the kernel to add modules to iptables. Linux is a technology channel of the IT lab in China. Includes basic categories such as desktop applications, Linux system management, kernel research, embedded systems, and open source.
　　 1. install the kernel source code.
　　
[Root @ jiecho] # yum install kernel-source
　　
　　 2. download iptables-1.3.3.tar.bz2and patch-o-matic-ng-20050810.tar.bz2 and unpack them. for convenience, we put them under/usr/src,
　　
And the kernel and iptables are symbolic links.
　　
[Root @ jiecho] # cd/usr/src
[Root @ jiecho] # wget ftp://ftp.be.netfilter.org/pub/netf...s-1.3.3.tar.bz2
[Root @ jiecho] # wget ftp://ftp.be.netfilter.org/pub/netf...0050810.tar.bz2
[Root @ jiecho] # tar-jxvf iptables-1.3.3.tar.bz2
[Root @ jiecho] # tar-jxvf patch-o-matic-ng-20050810.tar.bz2
[Root @ jiecho] # ln-s linux-2.6.5-1.358 linux
[Root @ jiecho] # ln-s iptables-1.3.3 iptables
　　
　　 3. patch netfilter, select the module you want, and select ipp2p and time for testing.
　　
[Root @ jiecho] # cd/usr/src/linux
[Root @ jiecho] # make mrproper
[Root @ jiecho] # make menuconfig
　　
Do nothing. save and exit, and change the Makefile.
　　
[Root @ jiecho] # vi Makefile
　　
Change EXTRAVERSION =-1.358custom to EXTRAVERSION =-1.358
　　
Keep the version consistent with the version of uname-a (for details, refer to the article of the platinum brother)
　　
[Root @ jiecho] # cd/usr/src/patch-o-matic-ng-20050810.
[Root @ jiecho] #./runme ipp2p
[Root @ jiecho] #./runme time
　　
Because the symbolic link is prepared in advance, you can directly press enter when you ask about the location of the kernel and iptables,
　　
If you want to add the ipp2p and time modules, confirm y. so far, the netfilter patch is complete. if you need other modules, add them as needed.
　　
　　 4. Compile the kernel modules
　　
[Root @ jiecho] # cd/usr/src/linux
[Root @ jiecho] # make menuconfig
Choose Device Drivers> Networking support> Networking options> Network packet filtering (replaces ipchains)
　　
-> IP: Select the following two M items in Netfilter Configuration.
　　
TIME match support
IPP2P match support
　　
Save and exit
　　
　　 5. Compile and install the module
　　
The following is the most important step, because our principle is to save time, not re-compile the kernel, but only compile the modules,
　　
The 2.4 kernel is different from the 2.6 kernel. I am depressed for a whole day. The 2.4 kernel module is in the form of *. o, and the 2.6 kernel is in the form of *. ko,
　　
This has a way to change, refer to: http://blog.chinaunix.net/article.p...742&blogId=2662
　　
Code:
　　
[Root @ jiecho] # make modules
HOSTCC scripts/basic/fixdep
HOSTCC scripts/basic/split-include
HOSTCC scripts/basic/docproc
HOSTCC scripts/conmakehash
HOSTCC scripts/kallsyms
CC scripts/empty. o
HOSTCC scripts/mk_elfconfig
MKELF scripts/elfconfig. h
HOSTCC scripts/file2alias. o
HOSTCC scripts/modpost. o
HOSTCC scripts/sumversion. o
HOSTLD scripts/modpost
HOSTCC scripts/pnmtologo
HOSTCC scripts/bin2c
　　
At this point, ctrl + c can be aborted, because we do not need to compile all modules, which is a waste of time, rather than just the netfilter module,
　　
However, if you directly execute make modules SUBDIRS = net/ipv4/netfilter, an error will occur, which is the difference between 2.4 and 2.6,
　　
After a series of required files under the scripts directory, we can make modules SUBDIRS = net/ipv4/netfilter,
　　
Use modpost and so on to generate *. o files into *. ko Files.
　　
[Root @ jiecho] # make modules SUBDIRS = net/ipv4/netfilter
　　
Copy the compiled module after compiling the netfilter module.
　　
[Root @ jiecho] # cp/usr/src/linux/net/ipv4/netfilter/ipt_ipp2p.ko/lib/modules/2.6.5-1.358/kernel/net/ipv4/netfilter/
[Root @ jiecho] # cp/usr/src/linux/net/ipv4/netfilter/ipt_time.ko/lib/modules/2.6.5-1.358/kernel/net/ipv4/netfilter/
[Root @ jiecho] # chmod + x/lib/modules/2.6.5-1.358/kernel/net/ipv4/netfilter/ipt_ipp2p.ko
[Root @ jiecho] # chmod + x/lib/modules/2.6.5-1.358/kernel/net/ipv4/netfilter/ipt_time.ko
[Root @ jiecho] # depmod-
　　
　　 6. compile iptables
　　
[Root @ jiecho] # cd/usr/src/iptables
　　
Refer to the INSTALL file for compilation and installation.
　　
[Root @ jiecho] # make KERNEL_DIR =/usr/src/linux
　　
Compilation fails due to errors.
　　
/Usr/src/linux/include/linux/config. h: 6: 2: [root @ jiecho] # error including kernel header in userspace; use the glibc headers instead!
　　
I haven't found any reason for google for a long time, so I can solve it myself.
　　
[Root @ jiecho] # vi/usr/src/linux/include/linux/config. h comment out the following three lines
　　
// # Ifndef _ KERNEL __
// # Error including kernel header in userspace; use the glibc headers instead!
// # Endif
　　
Then re-compile and install
　　
Make KERNEL_DIR =/usr/src/linux
Make install KERNEL_DIR =/usr/src/linux
　　
Test the installation after installation.
　　
Code:
　　
[Root @ jiecho] # iptables-V
[Root @ jiecho] # modprobe ipt_time
[Root @ jiecho] # modprobe ipt_ipp2p
[Root @ jiecho] # lsmod
Ipt_time 2432 0
Ipt_ippeer-to-peer 7552 0
Ipt_REJECT 4736 1
Ipt_status 1536 1
Ip_conntrack 24968 1 ipt_state
Iptable_filter 2048 1
Ip_tables 13440 5 ipt_time, ipt_ipp2p, ipt_REJECT, ipt_state, iptable_filter
Battery 6924 0
Ipv6 184288 10
3c59x 30376 0
Binfmt_misc 7176 1
Nls_utf8 1536 4
Ntfs 81516 4
Dm_mod 33184 0
Uhci_hcd 23708 0
Button 4504 0
Asus_acpi 8472 0
Ac 3340 0
Ext3 102376 4
Jbd 40216 1 ext3
　　
Test iptables
　　
[Root @ jiecho] # iptables-a forward-m ipp2p -- edk -- kazaa -- bit-j DROP
[Root @ jiecho] # iptables-a input-m time -- timestart 8:00 -- timestop 18:00 -- days Mon, Tue, Wed, Thu, Fri
[Root @ jiecho] # iptalbes-L