Compile and install scholarzhang in ubuntu9.10

Zhou haihan/Wen

 

Download source code:
Xxx @ yyy :~ /SVN checkout http://scholarzhang.googlecode.com/svn/trunk/ scholarzhang-read-only

Environment
Xxx @ yyy :~ /Scholarzhang-read-only/West-chamber $ iptables -- version
Iptables v1.4.4
Xxx @ yyy :~ /Scholarzhang-read-only/West-chamber $ uname-
Linux zhh64 2.6.31-20-generic # 58-ubuntu SMP Fri Mar 12 04:38:19 UTC 2010 x86_64 GNU/Linux

Compile:
Download and install Autoconf, automake, and libtool
Xxx @ yyy :~ /Scholarzhang-read-only/West-chamber $./autogen. Sh
./Autogen. sh: Line 3: autoreconf: The command cannot be found.
Xxx @ yyy :~ /Scholarzhang-read-only/West-chamber $ Autoconf
The program "Autoconf" is included in the following software packages:
* Autoconf
* Autoconf2.13
Please try: sudo apt-Get install <selected software package>
Autoconf: Command not found
Xxx @ yyy :~ /Scholarzhang-read-only/West-chamber $ sudo apt-Get install Autoconf
Xxx @ yyy :~ /Scholarzhang-read-only/West-chamber $./autogen. Sh
Can't EXEC "libtoolize": there is no such file or directory at/usr/bin/autoreconf line 190.
Use of uninitialized value $ libtoolize in pattern match (M ///) at/usr/bin/autoreconf line 190.
Configure. AC: 9: Error: Possibly undefined macro: ac_disable_static
If this token and others are legitimate, please use m4_pattern_allow.
See the Autoconf documentation.
Configure. AC: 10: Error: Possibly undefined macro: ac_prog_libtool
Autoreconf:/usr/bin/Autoconf failed with exit status: 1

Xxx @ yyy :~ /Scholarzhang-read-only/West-chamber $ sudo apt-Get install libtool
The following additional software packages will be installed:
Libltdl-Dev
Recommended software packages:
Libtool-Doc gfortran fortran95-compiler gcj
The following [new] software packages will be installed:
Libltdl-dev libtool
Xxx @ yyy :~ /Scholarzhang-read-only/West-chamber $./autogen. Sh
Libtoolize: Putting auxiliary files in '.'.
Libtoolize: copying File './config. Guess'
Libtoolize: copying File './config. sub'
Libtoolize: copying File './install-Sh'
Libtoolize: copying File './ltmain. Sh'
Libtoolize: Putting Macros in ac_config_macro_dir, 'm4 '.
Libtoolize: copying file 'm4/libtool. m4'
Libtoolize: copying file 'm4/ltoptions. m4'
Libtoolize: copying file 'm4/ltsugar. M4'
Libtoolize: copying file 'm4/ltversion. m4'
Libtoolize: copying file 'm4/LT ~ Obsolete. M4'
Configure. AC: 8: Installing './compile'
Configure. AC: 6: Installing './missing'
Extensions/ipset/makefile. AM: Installing './depcomp'

Configure does not include any parameters. No error is displayed. Make and make install have no errors. However, when iptables is added, the rule "Zhang" is not found.
Xxx @ yyy :~ /Scholarzhang-read-only/West-chamber $./configure
...
Checking for libxtables... configure: Error: Package requirements (xtables> = 1.4.3) were not met:
No package 'xtable' found

Consider adjusting the pkg_config_path environment variable if you
Installed Software in a non-standard prefix.

Alternatively, you may set the environment variables libxtables_cflags
And libxtables_libs to avoid the need to call PKG-config.
See the PKG-config man page for more details.

Xxx @ yyy :~ /Scholarzhang-read-only/West-chamber $ sudo apt-cache search xtables
Iptables-Dev-iptables development files
Xtables-Addons-common-userspace components of xtables-Addons
Xtables-Addons-source for the xtables-Addons driver
Xxx @ yyy :~ /Scholarzhang-read-only/West-chamber $ sudo apt-Get install iptables-Dev
Xxx @ yyy :~ /Scholarzhang-read-only/West-chamber $./configure
Xxx @ yyy :~ /Scholarzhang-read-only/West-chamber $ make
Xxx @ yyy :~ /Scholarzhang-read-only/West-chamber $ sudo make install
No error reported
Xxx @ yyy :~ /Scholarzhang-read-only/West-chamber $ sudo ipset-R
-N YouTube nethash -- hashsize 50 -- probes 1
-A YouTube 64.15.112.0/20
-A YouTube 82.129.37.0/24
-A YouTube 208.65.152.0/22
-A YouTube 208.117.224.0/19
-A YouTube 213.146.171.0/24
Commit
Xxx @ yyy :~ /Scholarzhang-read-only/West-chamber $ sudo ipset-R
-N noclip setlist -- size 4
-A noclip Google
-A noclip YouTube
Commit
Xxx @ yyy :~ /Scholarzhang-read-only/West-chamber $ sudo iptables/
>-A input/
>-P tcp -- Sport 80 -- TCP-flags fin, Syn, RST, Ack SYN, Ack/
>-M state -- State established/
>-M set -- match-set noclip src/
>-J Zhang/
>-M comment -- Comment "client-side connection obfuscation"
Iptables v1.4.4: Couldn't load target 'zhang':/lib/xtables/libipt_zhang.so: cannot open shared object file: no such file or directory

Re-configure according to install instructions
Xxx @ yyy :~ /Scholarzhang-read-only/West-chamber $./configure cflags = "" -- prefix =/usr -- libexecdir =/lib
Xxx @ yyy :~ /Scholarzhang-read-only/West-chamber $ make
Xxx @ yyy :~ /Scholarzhang-read-only/West-chamber $ sudo make install
No error is reported.
Check whether all files generated by installation exist:
Xxx @ yyy :~ /Scholarzhang-read-only/West-chamber $ ls/lib/xtables/-Tl
Total usage 1272
-Rwxr-XR-x 1 Root 13605 2010-03-31 10:24 libipset_setlist.so
-Rwxr-XR-x 1 Root 13367 2010-03-31 10:24 libipset_portmap.so
-Rwxr-XR-x 1 Root 13606 2010-03-31 10:24 libipset_nethash.so
-Rwxr-XR-x 1 Root 13895 2010-03-31 10:24 libipset_macipmap.so
-Rwxr-XR-x 1 Root 13657 2010-03-31 10:24 libipset_iptreemap.so
-Rwxr-XR-x 1 Root 13578 2010-03-31 10:24 libipset_iptree.so
-Rwxr-XR-x 1 Root 18127 2010-03-31 10:24 libipset_ipportnethash.so
-Rwxr-XR-x 1 Root 17955 2010-03-31 10:24 libipset_ipportiphash.so
-Rwxr-XR-x 1 Root 13833 2010-03-31 10:24 libipset_ipporthash.so
-Rwxr-XR-x 1 Root 13610 2010-03-31 10:24 libipset_ipmap.so
-Rwxr-XR-x 1 Root 13404 2010-03-31 10:24 libipset_iphash.so
-Rwxr-XR-x 1 Root 8308 2010-03-31 10:24 libxt_gf1_so
-Rwxr-XR-x 1 Root 8324 2010-03-31 10:24 libxt_zhang.so
-Rwxr-XR-x 1 Root 8314 2010-03-31 10:24 libxt_cui.so

Configure it based on usage:
1. Chaotic Zhang Client Connection
Xxx @ yyy :~ /Scholarzhang-read-only/West-chamber $ sudo iptables-A input-p tcp -- Sport 80 -- TCP-flags fin, Syn, RST, Ack SYN, ack-M state -- State established-m set -- match-set noclip Src-J Zhang-M comment -- Comment "client-side connection obfuscation"
2. Chaotic Cui server connection
Xxx @ yyy :~ /Scholarzhang-read-only/West-chamber $ sudo iptables-A input-p tcp -- dport 80 -- TCP-flags fin, Syn, RST, ack syn-M state -- state new-m set -- match-set China Src-J Cui-M comment -- Comment "server-side connection obfuscation"
Iptables v1.4.4: Set China doesn't exist.
Xxx @ yyy :~ /Scholarzhang-read-only/West-chamber $ sudo ipset-r <./examples/China
Xxx @ yyy :~ /Scholarzhang-read-only/West-chamber $ sudo iptables-A input-p tcp -- dport 80 -- TCP-flags fin, Syn, RST, ack syn-M state -- state new-m set -- match-set China Src-J Cui-M comment -- Comment "server-side connection obfuscation"
3. Record GFW reset to syslog
Xxx @ yyy :~ /Scholarzhang-read-only/West-chamber $ sudo iptables-A input-p tcp -- Sport 80-M state -- State established-m gfw-J log -- log-level info -- log-prefix "GFW: "-M comment -- Comment" log gfw tcp resets"
4. Anti-gfw dns hijacking
You can directly modify/etc/resolve. conf.
Add nameserver 8.8.8.8
Or modify dhclient. conf:
Xxx @ yyy :~ /Scholarzhang-read-only/West-chamber $ sudo VI/etc/dhcp3/dhclient. conf
Find the prepend domain-name-servers, remove the comments, and put the dig DNS such as 8.8.8.8 behind
Make dhclient effective: ifconfig eth0 down; ifconfig eth0 up

Save iptables results:
Xxx @ yyy :~ /Scholarzhang-read-only/West-chamber $ sudo iptables-save>/etc/iptables. Up. Rules
Bash:/etc/iptables. Up. Rules: insufficient Permissions
Xxx @ yyy :~ /Scholarzhang-read-only/West-chamber $ Sudo-S
Root @ zhh64 :~ /Scholarzhang-read-only/West-chamber # iptables-save>/etc/iptables. Up. Rules
Root @ zhh64 :~ /Scholarzhang-read-only/West-chamber # exit
Exit
Xxx @ yyy :~ /Scholarzhang-read-only/West-chamber $ sudo VI/etc/Network/interfaces
Added:
Pre-up iptables-Restore </etc/iptables. Up. Rules
In this way, the firewall will take effect after the system is restarted.

Detection:
Xxx @ yyy :~ /Scholarzhang-read-only/West-chamber $ host-ta Twitter.com
Twitter.com has address 93.46.8.89