Home > Cloud Computing > Cloud Applications

Kernel upgrade + upgrade script

Source: Internet
Author: User
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >
Kernel upgrade + upgrade script-general Linux technology-Linux technology and application information. The following is a detailed description. #! /Bin/bash
# Wds
#2007.12.6
Clear
Echo "Please wait ................................"
Kernel = $ (uname-r)
Version = $ (echo $ kernel | cut-d.-f2)
If ["$ version"-eq 6]
Then
Dir_down = $ (pwd );
Dir = $ (pwd)/src
Linux_bz2 = $ (ls linux-* | awk-F ". tar" '{print $1 }');
Iptables_bz2 = $ (ls iptables-* | awk-F ". tar" '{print $1 }');
Patch_bz2 = $ (ls patch-o-matic-ng-* | awk-F ". tar" '{print $1 }');
Netfilter_bz2 = $ (ls netfilter-* | awk-F ". tar" '{print $1 }');
# Renewal #-----------------------------------------------------------------------------------------------
Export KERNEL_DIR = $ dir/$ linux_bz2;
Export IPTABLES_DIR = $ dir/$ iptables_bz2;
Export PATCH_O_MATIC_NG = $ dir/$ patch_bz2;
# Renewal #------------------------------------------------------------------------------------------------
[! -E/$ dir] & mkdir-p $ dir
[! -E/$ dir/$ linux_bz2] & tar-jxf restart linux_bz22.16.tar.bz2-C $ dir
[! -E/$ dir/$ iptables_bz2] & tar-jxf restart iptables_bz22.16.tar.bz2-C $ dir
[! -E/$ dir/$ netfilter_bz2] & tar-zxf restart using netfilter_bz22.16.tar.gz-C $ dir
[! -E/$ dir/$ patch_bz2] & tar-jxf restart patch_bz22.16.tar.bz2-C $ dir
#-Update-kernel resume -----------------------------------------------------------------------------------
Cd $ dir/$ linux_bz2
Patch-p1 <../$ netfilter_bz2/kernel-2.6.13-2.6.16-layer7-2.2.patch>/dev/null
Wait
#-Update-iptables ---------------------------------------------------------------------------------
Cd $ dir/$ iptables_bz2
Patch-p1 <../$ netfilter_bz2/iptables-layer7-2.2.patch>/dev/null
Wait
#-Update-patch updates ----------------------------------------------------------------------------------------------
Cd $ dir/$ patch_bz2
Echo "y" |./runme ipp2p

Wait
Echo "y" |./runme time
Wait
Echo "y" |./runme connlimit
Wait
Echo "y" |./runme random
Wait
#-Make-kernel cmdc
Cd $ dir/$ linux_bz2
Echo "'pwd' is you address :"
Else
Echo "you kernel is not supper"
Fi




Linux-2.6.14.2 kernel upgrade
There are many methods to upgrade the kernel, such as the original code upgrade, rpm upgrade, and yum upgrade. I think the original code upgrade is professional and you can customize your own kernel.
1. Edit the environment
Virtual Machine VMware Workstation 6.0.0 build-
Red hat 4
Kernel version 2. 6.-9-42
Iptables v1.2.11

2. Download the original code package
Official website (you can get the latest patches and kernels, as well as installation instructions ):
Http://www.kernel.org/pub/linux/kernel/v2.6/
Http://ftp.netfilter.org/pub/iptables/
Http://ftp.netfilter.org/pub/patch-o-matic-ng/snapshot/
Http://sourceforge.net/projects/l7-filter/
Decompress the package


3. Basic installation sequence
0) Configure Environment Variables
1) generate the. config file
2) patch the kernel
3) patch the Firewall
4) Add new features to the firewall
5) make menuconfig, select the new option (that is, the option "input" in the second step), save and exit
6) make
7) make modules_install
8) make install
9) edit/boot/grub. conf and change the default startup value to 0 (that is, select a new kernel boot)
10) reboot
11) upgrade iptables


0) vi profile
Export KERNEL_DIR =/home/wds/kernel/linux-2.6.14.2
Export IPTABLES_DIR =/home/wds/kernel/iptables-1.3.5
Export PATCH_O_MATIC_NG =/home/wds/kernel/patch-o-matic-ng-20060510
The place where you place the original code is in the black text
[Wds @ localhost kernel] # import source profile to Environment Variables
[Wds @ localhost kernel] # set | more

1) generate the. config file
This step is not necessary, just to facilitate future steps, because. the purpose of the config file is to record "which options are selected and which options are not selected". If you are interested, you can study makefile to see. what is the use of config in simple generation. the config method is to execute make menuconfig, then do nothing, save the exit can also cp/boot/config-2.6.xxx. /. config

2) patch the kernel
Go to the kernel folder (linux-2.6.14.2)
Patch? P1 <../netfilter-layer7-v2.2/kernel-2.6.13-2.6.16
Layer7-2.2.patch

3) patch the Firewall
Go to the firewall directory (iptables-1.3.5 ):
Patch-p1 <../netfilter-layer7-v2.2/iptables-layer7-2.2.patch
4) Add new features
Entering (patch-o-matic-ng-20060510)
There is a patchlets folder for the new feature folder. You can check what new features are available.
Go back to the top-level directory to install new features. I mainly use ipp2p (Anti-p2p software)
Time (filter by Time) connlimit (control concurrency) random (random packet loss)
./Runme time
./Runme ipp2p
./Runme connlimit
./Runme random


Enter the kernel directory and enter the make menuconfig command. The above image is displayed. Configure the image as follows:
1. If you have a scsicard (such as BusLogic BT946C in VMware), compile it into a module (M). Otherwise, an error will occur in make install. (For other SCSI options, the kernel is built-in. Buslogic can be used as a module, but the initrd module must be created at the end)
Device Drivers ---> SCSI device support ---> <*> SCSI disk support
Device Drivers ---> SCSI device support ---> SCSI low-level drivers ---> <*> BusLogic SCSI support
2. Linux Kernel Configuration ---> Networking options ---> Network packet filtering (replaces ipchains) ---> IP: Netfilter Configuration --->
You will find several additional patches with the words "(NEW.
3. For other options, see online help.


6) make
Save and exit. Run the make command. If your VM memory is large, can you add parameters after make? J
Add a number to indicate the number of threads added.


7) make modules_install
Compile the module ....................................
8) make install
Install ..........................................
9) edit/boot/grub. conf and change the default startup value to 0 (that is, select a new kernel boot)



10) reboot

11) upgrade firewall iptables
Cd/home/wds/iptables-1.3.5 directory. Load the environment variable source profile, or
Export KERNEL_DIR =/home/wds/linux-2.6.14.2
Export IPTABLES_DIR =/home/wds/iptables-1.3.5
Run the command: make BINDIR =/sbin LIBDIR =/lib MANDIR =/usr/share/man install
Test after execution: iptables? V to see if it is a iptables-1.3.5


11.1 string matching, which can be used for content filtering

Iptables-a forward-m string -- algo kmp -- string "www.qq.com"-j DROP
Iptables-I FORWARD-d 192.168.3.0/24-m string -- string "Broadband cinema" -- algo kmp-j DROP

11.2 Peer-to-Perr filtering, blocking BT P2P software

Iptables-a input-m ipp2p -- ipp2p-j DROP
Iptables-a forward-m ipp2p -- edk -- dc -- kazaa -- gnu -- bit -- apple -- winmx -- soul -- ares-j DROP

11.3 Time Matching

Iptables-a forward-m time -- timestart -- timestop-j DROP

11.4 remarks matching, up to 256 characters supported

Iptables-I FORWARD-s 192.168.0.100-p tcp -- dport 80-j DROP-m comment -- comment "the bad guy can not online"

11.5 simultaneous connection count limit match
Iptables-a input-p tcp -- syn -- dport 80-m connlimit -- connlimit-abve 10-j DROP
Iptables-I FORWARD-p tcp -- syn -- dport 80-m connlimit -- connlimit-abve 10-j DROP

11.6 ip Range matching

Iptables-a forward-m iprange -- src-range 192.168.0.10-192.168.0.100-j ACCEPT
Iptables-a forward-m iprange -- dst-range 192.168.1.5-192.168.1.124-j ACCEPT
Download DOC files:


[ This post was last edited by ipitx at 11: 11 ,.]

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
swift upgrade opencart upgrade plus upgrade upgrade performance confluence upgrade slack upgrade percona upgrade
Related Article
Ingenious, Webapi httpbasicauthorize the practice of building...
Enable cross-Cloud applications-DNS-based load balancing

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More