Re: How are external kernel modules loaded?

To: debian-user@lists.debian.org
Subject: Re: How are external kernel modules loaded?
From: Andris Kalnozols <andris@hpl.hp.com>
Date: Sat, 26 May 2012 21:50:14 -0700
Message-id: <[🔎] 4FC1B286.8040809@hpl.hp.com>
In-reply-to: <[🔎] 4FC18803.9050304@hpl.hp.com>
References: <[🔎] 4FC18803.9050304@hpl.hp.com>

On 5/26/2012 6:48 PM, Andris Kalnozols wrote:

I'm running Debian squeeze on an amd64 system and want to use the
current version (4.5) of ipset instead of version 2.5 in the
stable release.

After doing the following steps:

install ipset source from http://ipset.netfilter.org/install.html
apt-get install linux-source-2.6.32
cd /usr/src
bzip2 -dc linux-source-2.6.32.tar.bz2 | tar xf -
cd /usr/src/linux-source-2.6.32
make defconfig
make modules
cd /usr/local/src/ipset/ipset-4.5
make KERNEL_DIR=/usr/src/linux-source-2.6.32
make KERNEL_DIR=/usr/src/linux-source-2.6.32 install

I am tantalizingly close but still no cigar:

ipset -v
ipset v4.5, protocol version 4.
FATAL: Module ip_set not found.
ipset v4.5: Couldn't verify kernel module version!

The ipset modules have been installed here:

cd /lib/modules/2.6.32/extra
ip_set.ko ip_set_ipportiphash.ko
ip_set_macipmap.ko ipt_SET.ko
ip_set_iphash.ko ip_set_ipportnethash.ko
ip_set_nethash.ko ipt_set.ko
ip_set_ipmap.ko ip_set_iptree.ko ip_set_portmap.ko
ip_set_ipporthash.ko ip_set_iptreemap.ko ip_set_setlist.ko

Please tell me what's the best way to configure the system
to always find and load these modules. My web searches for
a how-to in this regard have come up empty.

Thanks,
Andris


OK, following up on my own post, I ran across these two hints:

http://linux.die.net/lkmpg/x380.htmlhttp://crunchbanglinux.org/forums/topic/12534/compiling-and-linking-a-simple-module/


I already had the linux-headers-2.6.32-5-amd64 package installed
and so concentrated my efforts on convincing the ipset Makefile
that `KERNEL_DIR=/usr/src/linux-headers-2.6.32-5-amd64' was my
kernel source directory.  That seemed to work until the Makefile
wanted to see this file:

  $(KERNEL_DIR)/net/ipv4/netfilter/Kconfig

It just so happens that the linux-source-2.6.32 package has it:

  /usr/src/linux-source-2.6.32/net/ipv4/netfilter/Kconfig

Adding the following symlink did the trick:

  cd /usr/src/linux-headers-2.6.32-5-amd64
  ln -s ../linux-source-2.6.32/net net

So, the updated procedure for getting the current version of
ipset installed is:

  install ipset source from http://ipset.netfilter.org/install.html
  apt-get install linux-headers-2.6.32-5-amd64
  apt-get install linux-source-2.6.32
  cd /usr/src
  bzip2 -dc linux-source-2.6.32.tar.bz2 | tar xf -
  cd /usr/src/linux-headers-2.6.32-5-amd64
  ln -s ../linux-source-2.6.32/net net
  cd /usr/local/src/ipset/ipset-4.5
  make KERNEL_DIR=/usr/src/linux-headers-2.6.32-5-amd64
  make KERNEL_DIR=/usr/src/linux-headers-2.6.32-5-amd64 install
  depmod   # just to make sure

and voila:

  ipset -v
  ipset v4.5, protocol version 4.
  Kernel module protocol version 4.

Now on to constructing the ipset blacklist and configuring Shorewall
to use it.

------
Andris

Reply to:

References:
- How are external kernel modules loaded?
  - From: Andris Kalnozols <andris@hpl.hp.com>

Prev by Date: [Junk] Re: backing up
Next by Date: Re: If you want to install stable released version
Previous by thread: How are external kernel modules loaded?
Next by thread: [Junk] Re: backing up
Index(es):
- Date
- Thread