为arm发布交叉编译iptables
我正在尝试为ARM交叉编译iptables。我试过版本1.6.1和1.8.5,但都有类似的问题。iptables有三个依赖项:libmnl、libnftnl和libnfnetlink。我已确保所有这些都是交叉编译的,并在这些位置可用-为arm发布交叉编译iptables,arm,embedded,cross-compiling,embedded-linux,iptables,Arm,Embedded,Cross Compiling,Embedded Linux,Iptables,我正在尝试为ARM交叉编译iptables。我试过版本1.6.1和1.8.5,但都有类似的问题。iptables有三个依赖项:libmnl、libnftnl和libnfnetlink。我已确保所有这些都是交叉编译的,并在这些位置可用- /home/badri/arm_libs/nftnl2 /home/badri/arm_libs/mnl /home/badri/arm_libs/nfnetlink 我昨天遇到了一个类似的问题,它与配置有关。但现在我觉得配置是正确的,但不知道问题出在哪里。这里
/home/badri/arm_libs/nftnl2
/home/badri/arm_libs/mnl
/home/badri/arm_libs/nfnetlink
./configure --build=x86_64-pc-linux-gnu --host=aarch64-linux-gnu --enable-static=no --prefix=/home/badri/arm_libs/iptables2 libmnl_LIBS=-L/home/badri/arm_libs/mnl/lib libmnl_CFLAGS=-I/home/badri/arm_libs/mnl/include/ libnftnl_LIBS=-L/home/badri/arm_libs/nftnl2/lib/ libnftnl_CFLAGS=-I/home/badri/arm_libs/nftnl2/include libnfnetlink_LIBS=-L/home/badri/arm_libs/nfnetlink/lib libnfnetlink_CFLAGS=-I/home/badri/arm_libs/nfnetlink/include
/home/badri/Downloads/iptables-1.8.5/utils/nfnl_osf.c:381: undefined reference to `nfnl_fill_hdr'
/home/badri/Downloads/iptables-1.8.5/utils/nfnl_osf.c:387: undefined reference to `nfnl_addattr_l'
/home/badri/Downloads/iptables-1.8.5/utils/nfnl_osf.c:389: undefined reference to `nfnl_query'
/home/badri/Downloads/iptables-1.8.5/utils/nfnl_osf.c:384: undefined reference to `nfnl_fill_hdr'
/home/badri/Downloads/iptables-1.8.5/utils/nfnl_osf.c:387: undefined reference to `nfnl_addattr_l'
/home/badri/Downloads/iptables-1.8.5/utils/nfnl_osf.c:389: undefined reference to `nfnl_query'
badri@badri-All-Series:~/Downloads/iptables-1.6.1$ ./configure --help
`configure' configures iptables 1.6.1 to adapt to many kinds of systems.
Usage: ./configure [OPTION]... [VAR=VALUE]...
To assign environment variables (e.g., CC, CFLAGS...), specify them as
VAR=VALUE. See below for descriptions of some of the useful variables.
Defaults for the options are specified in brackets.
Configuration:
-h, --help display this help and exit
--help=short display options specific to this package
--help=recursive display the short help of all the included packages
-V, --version display version information and exit
-q, --quiet, --silent do not print `checking ...' messages
--cache-file=FILE cache test results in FILE [disabled]
-C, --config-cache alias for `--cache-file=config.cache'
-n, --no-create do not create output files
--srcdir=DIR find the sources in DIR [configure dir or `..']
Installation directories:
--prefix=PREFIX install architecture-independent files in PREFIX
[/usr/local]
--exec-prefix=EPREFIX install architecture-dependent files in EPREFIX
[PREFIX]
By default, `make install' will install all the files in
`/usr/local/bin', `/usr/local/lib' etc. You can specify
an installation prefix other than `/usr/local' using `--prefix',
for instance `--prefix=$HOME'.
For better control, use the options below.
Fine tuning of the installation directories:
--bindir=DIR user executables [EPREFIX/bin]
--sbindir=DIR system admin executables [EPREFIX/sbin]
--libexecdir=DIR program executables [EPREFIX/libexec]
--sysconfdir=DIR read-only single-machine data [PREFIX/etc]
--sharedstatedir=DIR modifiable architecture-independent data [PREFIX/com]
--localstatedir=DIR modifiable single-machine data [PREFIX/var]
--libdir=DIR object code libraries [EPREFIX/lib]
--includedir=DIR C header files [PREFIX/include]
--oldincludedir=DIR C header files for non-gcc [/usr/include]
--datarootdir=DIR read-only arch.-independent data root [PREFIX/share]
--datadir=DIR read-only architecture-independent data [DATAROOTDIR]
--infodir=DIR info documentation [DATAROOTDIR/info]
--localedir=DIR locale-dependent data [DATAROOTDIR/locale]
--mandir=DIR man documentation [DATAROOTDIR/man]
--docdir=DIR documentation root [DATAROOTDIR/doc/iptables]
--htmldir=DIR html documentation [DOCDIR]
--dvidir=DIR dvi documentation [DOCDIR]
--pdfdir=DIR pdf documentation [DOCDIR]
--psdir=DIR ps documentation [DOCDIR]
Program names:
--program-prefix=PREFIX prepend PREFIX to installed program names
--program-suffix=SUFFIX append SUFFIX to installed program names
--program-transform-name=PROGRAM run sed PROGRAM on installed program names
System types:
--build=BUILD configure for building on BUILD [guessed]
--host=HOST cross-compile to build programs to run on HOST [BUILD]
Optional Features:
--disable-option-checking ignore unrecognized --enable/--with options
--disable-FEATURE do not include FEATURE (same as --enable-FEATURE=no)
--enable-FEATURE[=ARG] include FEATURE [ARG=yes]
--enable-silent-rules less verbose build output (undo: "make V=1")
--disable-silent-rules verbose build output (undo: "make V=0")
--enable-dependency-tracking
do not reject slow dependency extractors
--disable-dependency-tracking
speeds up one-time build
--enable-static[=PKGS] build static libraries [default=no]
--enable-shared[=PKGS] build shared libraries [default=yes]
--enable-fast-install[=PKGS]
optimize for fast installation [default=yes]
--disable-libtool-lock avoid locking (might break parallel builds)
--disable-ipv4 Do not build iptables
--disable-ipv6 Do not build ip6tables
--disable-largefile Do not build largefile support
--enable-devel Install Xtables development headers
--enable-libipq Build and install libipq
--enable-bpf-compiler Build bpf compiler
--enable-nfsynproxy Build SYNPROXY configuration tool
--disable-nftables Do not build nftables compat
--disable-connlabel Do not build libnetfilter_conntrack
Optional Packages:
--with-PACKAGE[=ARG] use PACKAGE [ARG=yes]
--without-PACKAGE do not use PACKAGE (same as --with-PACKAGE=no)
--with-pic[=PKGS] try to use only PIC/non-PIC objects [default=use
both]
--with-gnu-ld assume the C compiler uses GNU ld [default=no]
--with-sysroot=DIR Search for dependent libraries within DIR
(or the compiler's sysroot if not specified).
--with-kernel=PATH Path to kernel source/build directory
--with-kbuild=PATH Path to kernel build directory
[[/lib/modules/CURRENT/build]]
--with-ksource=PATH Path to kernel source directory
[[/lib/modules/CURRENT/source]]
--with-xtlibdir=PATH Path where to install Xtables extensions
[[LIBEXECDIR/xtables]]
--with-pkgconfigdir=PATH
Path to the pkgconfig directory [[LIBDIR/pkgconfig]]
Some influential environment variables:
CC C compiler command
CFLAGS C compiler flags
LDFLAGS linker flags, e.g. -L<lib dir> if you have libraries in a
nonstandard directory <lib dir>
LIBS libraries to pass to the linker, e.g. -l<library>
CPPFLAGS (Objective) C/C++ preprocessor flags, e.g. -I<include dir> if
you have headers in a nonstandard directory <include dir>
CPP C preprocessor
PKG_CONFIG path to pkg-config utility
PKG_CONFIG_PATH
directories to add to pkg-config's search path
PKG_CONFIG_LIBDIR
path overriding pkg-config's built-in search path
libnfnetlink_CFLAGS
C compiler flags for libnfnetlink, overriding pkg-config
libnfnetlink_LIBS
linker flags for libnfnetlink, overriding pkg-config
libmnl_CFLAGS
C compiler flags for libmnl, overriding pkg-config
libmnl_LIBS linker flags for libmnl, overriding pkg-config
libnftnl_CFLAGS
C compiler flags for libnftnl, overriding pkg-config
libnftnl_LIBS
linker flags for libnftnl, overriding pkg-config
YACC The `Yet Another Compiler Compiler' implementation to use.
Defaults to the first program found out of: `bison -y', `byacc',
`yacc'.
YFLAGS The list of arguments that will be passed by default to $YACC.
This script will default YFLAGS to the empty string to avoid a
default value of `-d' given by some make applications.
libnetfilter_conntrack_CFLAGS
C compiler flags for libnetfilter_conntrack, overriding
pkg-config
libnetfilter_conntrack_LIBS
linker flags for libnetfilter_conntrack, overriding pkg-config
Use these variables to override the choices made by `configure' or to help
it to find libraries and programs with nonstandard names/locations.
Report bugs to the package provider.
badri@badri-All-Series:~/Downloads/iptables-1.6.1$
badri@badri-所有系列:~/Downloads/iptables-1.6.1$./configure--help
`“配置”配置iptables 1.6.1以适应多种系统。
用法:./configure[选项]。。。[VAR=VALUE]。。。
要分配环境变量(如CC、CFLAGS…),请将其指定为
VAR=值。有关一些有用变量的说明,请参见下文。
括号中指定了选项的默认值。
配置:
-h、 --帮助显示此帮助并退出
--help=特定于此软件包的简短显示选项
--help=递归显示所有包含包的简短帮助
-五、 --版本显示版本信息并退出
-q、 --安静,--安静不打印“检查…”消息
--缓存文件=文件中的文件缓存测试结果[已禁用]
-C、 “--cache file=config.cache”的配置缓存别名
-n、 --不创建不创建输出文件
--srcdir=DIR在DIR[configure DIR或`..']中查找源
安装目录:
--prefix=prefix在prefix中安装与体系结构无关的文件
[/usr/local]
--exec prefix=EPREFIX在EPREFIX中安装与体系结构相关的文件
[前缀]
默认情况下,“make install”将安装中的所有文件
`/usr/local/bin'、`/usr/local/lib'等。您可以指定
除使用“---prefix”的“/usr/local”之外的安装前缀,
例如“--prefix=$HOME”。
为了更好地控制,请使用以下选项。
安装目录的微调:
--bindir=DIR用户可执行文件[EPREFIX/bin]
--sbindir=DIR系统管理可执行文件[EPREFIX/sbin]
--libexecdir=DIR程序可执行文件[EPREFIX/libexec]
--sysconfdir=DIR只读单机数据[前缀/etc]
--sharedstatedir=DIR可修改体系结构独立数据[PREFIX/com]
--localstatedir=DIR可修改的单机数据[前缀/var]
--libdir=DIR对象代码库[EPREFIX/lib]
--includedir=DIR C头文件[前缀/包含]
--oldincludedir=DIR非gcc的C头文件[/usr/include]
--datarootdir=DIR只读arch.-独立数据根[前缀/共享]
--datadir=DIR只读架构独立数据[DATAROOTDIR]
--infodir=DIR信息文档[DATAROOTDIR/info]
--localedir=DIR依赖于区域设置的数据[DATAROOTDIR/locale]
--mandir=DIR-man文档[DATAROOTDIR/man]
--docdir=DIR文档根目录[DATAROOTDIR/doc/iptables]
--htmldir=DIR html文档[DOCDIR]
--dvidir=DIR dvi文档[DOCDIR]
--pdfdir=DIR pdf文档[DOCDIR]
--psdir=DIR ps文档[DOCDIR]
程序名称:
--program prefix=为已安装的程序名添加前缀前缀
--程序后缀=后缀将后缀附加到已安装的程序名
--程序转换名称=程序在已安装的程序名称上运行sed程序
系统类型:
--build=为构建配置构建[猜测]
--主机=主机交叉编译以生成要在主机上运行的程序[生成]
可选功能:
--禁用选项检查忽略无法识别的--enable/--with options
--禁用功能不包括功能(与--enable FEATURE=no相同)
--启用功能[=ARG]包括功能[ARG=yes]
--启用无提示规则,减少详细的生成输出(撤消:“使V=1”)
--禁用静默规则详细生成输出(撤消:“使V=0”)
--启用依赖项跟踪
不要拒绝慢速依赖项提取器
--禁用依赖项跟踪
加速一次性构建
--启用静态[=PKGS]生成静态库[默认值=否]
--启用共享[=PKGS]生成共享库[默认值=是]
--启用快速安装[=PKGS]
优化以实现快速安装[默认值=是]
--禁用libtool lock避免锁定(可能会中断并行生成)
--禁用ipv4不生成iptables
--禁用-ipv6不生成ip6tables
--禁用大文件不生成大文件支持
--启用devel安装Xtables开发头
--启用libipq构建并安装libipq
--启用bpf编译器生成bpf编译器
--启用nfsynproxy生成SYNPROXY配置工具
--禁用nftables不生成nftables compat
--禁用connlabel不生成libnetfilter\u conntrack
可选软件包:
--对于包[=ARG]使用包[ARG=yes]
--不带包不使用包(与--with PACKAGE=no相同)
--使用pic[=PKGS]时,尝试仅使用pic/非pic对象[默认值=使用
两者]
--对于GNULD,假设C编译器使用GNULD[default=no]
--使用sysroot=DIR在DIR中搜索相关库
(如果未指定,则为编译器的sysroot)。
--with kernel=内核源/构建目录的路径
--使用kbuild=内核构建目录的路径
[/lib/modules/CURRENT/build]]
--with ksource=内核源目录的路径
[/lib/modules/CURRENT/source]]
--使用xtlibdir=安装Xtables exte的路径
#/bin/bash
CROSS_COMPILE=/opt/arm/9/gcc-arm-9.2-2019.12-x86_64-aarch64-none-linux-gnu/bin/aarch64-none-linux-gnu-
mkdir sysroot
PREFIX=$(pwd)/sysroot
wget https://www.netfilter.org/projects/libmnl/files/libmnl-1.0.4.tar.bz2
wget https://www.netfilter.org/projects/libnftnl/files/libnftnl-1.1.7.tar.bz2
wget https://www.netfilter.org/projects/iptables/files/iptables-1.8.5.tar.bz2
tar jxf libmnl-1.0.4.tar.bz2
tar jxf libnftnl-1.1.7.tar.bz2
tar jxf iptables-1.8.5.tar.bz2
pushd libmnl-1.0.4
CC=${CROSS_COMPILE}gcc ./configure --build=x86_64-pc-linux-gnu --host=aarch64-linux-gnu --enable-static=no --prefix=${PREFIX}
make install
popd
pushd libnftnl-1.1.7
CC=${CROSS_COMPILE}gcc LIBMNL_CFLAGS="-I${PREFIX}/include" LIBMNL_LIBS="-L${PREFIX}/lib" ./configure --build=x86_64-pc-linux-gnu --host=aarch64-linux-gnu --enable-static=no --prefix=${PREFIX}
make install
popd
pushd iptables-1.8.5
CC=${CROSS_COMPILE}gcc libnftnl_CFLAGS="-I${PREFIX}/include" libnftnl_LIBS="-L${PREFIX}/lib -lnftnl" ./configure --build=x86_64-pc-linux-gnu --host=aarch64-linux-gnu --enable-static=no --prefix=${PREFIX}
make install
popd
ls -gG sysroot/sbin/
total 1424
lrwxrwxrwx 1 17 Aug 17 14:24 arptables -> xtables-nft-multi
lrwxrwxrwx 1 17 Aug 17 14:24 arptables-nft -> xtables-nft-multi
lrwxrwxrwx 1 17 Aug 17 14:24 arptables-nft-restore -> xtables-nft-multi
lrwxrwxrwx 1 17 Aug 17 14:24 arptables-nft-save -> xtables-nft-multi
lrwxrwxrwx 1 17 Aug 17 14:24 arptables-restore -> xtables-nft-multi
lrwxrwxrwx 1 17 Aug 17 14:24 arptables-save -> xtables-nft-multi
lrwxrwxrwx 1 17 Aug 17 14:24 ebtables -> xtables-nft-multi
lrwxrwxrwx 1 17 Aug 17 14:24 ebtables-nft -> xtables-nft-multi
lrwxrwxrwx 1 17 Aug 17 14:24 ebtables-nft-restore -> xtables-nft-multi
lrwxrwxrwx 1 17 Aug 17 14:24 ebtables-nft-save -> xtables-nft-multi
lrwxrwxrwx 1 17 Aug 17 14:24 ebtables-restore -> xtables-nft-multi
lrwxrwxrwx 1 17 Aug 17 14:24 ebtables-save -> xtables-nft-multi
lrwxrwxrwx 1 20 Aug 17 14:24 ip6tables -> xtables-legacy-multi
lrwxrwxrwx 1 14 Aug 17 14:24 ip6tables-apply -> iptables-apply
lrwxrwxrwx 1 20 Aug 17 14:24 ip6tables-legacy -> xtables-legacy-multi
lrwxrwxrwx 1 20 Aug 17 14:24 ip6tables-legacy-restore -> xtables-legacy-multi
lrwxrwxrwx 1 20 Aug 17 14:24 ip6tables-legacy-save -> xtables-legacy-multi
lrwxrwxrwx 1 17 Aug 17 14:24 ip6tables-nft -> xtables-nft-multi
lrwxrwxrwx 1 17 Aug 17 14:24 ip6tables-nft-restore -> xtables-nft-multi
lrwxrwxrwx 1 17 Aug 17 14:24 ip6tables-nft-save -> xtables-nft-multi
lrwxrwxrwx 1 20 Aug 17 14:24 ip6tables-restore -> xtables-legacy-multi
lrwxrwxrwx 1 17 Aug 17 14:24 ip6tables-restore-translate -> xtables-nft-multi
lrwxrwxrwx 1 20 Aug 17 14:24 ip6tables-save -> xtables-legacy-multi
lrwxrwxrwx 1 17 Aug 17 14:24 ip6tables-translate -> xtables-nft-multi
lrwxrwxrwx 1 20 Aug 17 14:24 iptables -> xtables-legacy-multi
lrwxrwxrwx 1 20 Aug 17 14:24 iptables-legacy -> xtables-legacy-multi
lrwxrwxrwx 1 20 Aug 17 14:24 iptables-legacy-restore -> xtables-legacy-multi
lrwxrwxrwx 1 20 Aug 17 14:24 iptables-legacy-save -> xtables-legacy-multi
lrwxrwxrwx 1 17 Aug 17 14:24 iptables-nft -> xtables-nft-multi
lrwxrwxrwx 1 17 Aug 17 14:24 iptables-nft-restore -> xtables-nft-multi
lrwxrwxrwx 1 17 Aug 17 14:24 iptables-nft-save -> xtables-nft-multi
lrwxrwxrwx 1 20 Aug 17 14:24 iptables-restore -> xtables-legacy-multi
lrwxrwxrwx 1 17 Aug 17 14:24 iptables-restore-translate -> xtables-nft-multi
lrwxrwxrwx 1 20 Aug 17 14:24 iptables-save -> xtables-legacy-multi
lrwxrwxrwx 1 17 Aug 17 14:24 iptables-translate -> xtables-nft-multi
-rwxr-xr-x 1 373064 Aug 17 14:23 xtables-legacy-multi
lrwxrwxrwx 1 17 Aug 17 14:24 xtables-monitor -> xtables-nft-multi
-rwxr-xr-x 1 1079440 Aug 17 14:23 xtables-nft-multi
file sysroot/sbin/xtables-nft-multi
sysroot/sbin/xtables-nft-multi: ELF 64-bit LSB executable, ARM aarch64, version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux-aarch64.so.1, for GNU/Linux 3.7.0, not stripped