I still have the same error ... I do not understand one thing: when I download into a folder and there is a file Android.mk, how do I compile it?If I try make I get an error.
Thanks On 15 Nov, 09:33, hedwin <hedwin.kon...@gmail.com> wrote: > With iptables you can make different rules per interface thuse > allowing you to use ADB but keep the other interfaces in tight > control. > > 2010/11/9 Earlence <earlencefe...@gmail.com>: > > > yes. I just followed the instructions on the web page. nothing else. > > > To add to my previous post: > > iptables was not hanging, adding the command to drop all packets were > > dropping the ADB packets as well! > > Must use it carefully :) > > > Cheers, > > Earlence > > > On Nov 9, 2:16 pm, Antonio Conforti <cox1...@gmail.com> wrote: > >> Thanks for you quickly answer...but did you download your source using > >> repo command like this: > > >> repo init -u git://android.git.kernel.org/platform/manifest.git > >> ? > > >> On Nov 9, 1:40 pm, Earlence <earlencefe...@gmail.com> wrote: > > >> > I think this is because, ADB itself operates over a network connection > >> > with the emulator. > >> > Adding that command drops everything, including ADB packets! > > >> > Cheers, > >> > Earlence > > >> > On Nov 9, 1:23 pm, Earlence <earlencefe...@gmail.com> wrote: > > >> > > You must download the android platform source and build > > >> > > source.android.com > > >> > > after successful download and env setup, you can do something like: > > >> > > $ source build/envsetup.sh > >> > > $ lunch full_sapphire-userdebug > >> > > $ make -j6 > > >> > > After some time, in the out/.../sapphire/ you will get all the > >> > > necessary images. > >> > > Then you can boot your emulator to use the new kernel and built system > >> > > images. > > >> > > One problem though, > >> > > I have not downloaded any external iptables source package. It seems I > >> > > am using the one already present in AOSP/external/iptables. > > >> > > When I Issue a command like this: > > >> > > iptables -P OUTPUT DROP > > >> > > Everything just hangs. I cannot quite the ADB shell, I cannot > >> > > reconnect to the emulator...everything JUST HANGS! > >> > > Any idea why this is happening? > > >> > > All other iptables commands work properly. > >> > > This hanging happens only when I try to reject all packets that were > >> > > sent out. > >> > > eg: iptables -A OUTPUT -j DROP > >> > > also hangs. > >> > > Any idea why? > > >> > > Cheers, > >> > > Earlence > > >> > > On Nov 9, 10:29 am, Antonio Conforti <cox1...@gmail.com> wrote: > > >> > > > I have build my android goldfish downloading git clone > >> > > > git://android.git.kernel.org/project/kernel/common.git then I have > >> > > > downloaded iptables and compiled it!!! > >> > > > I am interested in building an AOSP. Did you download from "http:// > >> > > > android.git.kernel.org/" all project or only some parts? > >> > > > I remember to you that I use Android Emulator. > > >> > > > On Nov 8, 8:58 pm, Earlence <earlencefe...@gmail.com> wrote: > > >> > > > > AOSP = android open source project. > >> > > > > I built a complete release version. all packages included (for HTC > >> > > > > sapphire) > > >> > > > > I think you should refer to > >> > > > > this:http://www.linuxquestions.org/questions/linux-kernel-70/kernel-iptabl... > > >> > > > > Also, use the make menuconfig option when building the kernel. See > >> > > > > if > >> > > > > you have missed anything there. > > >> > > > > The iptables user space command was not compiled separately. > > >> > > > > Also, I would take a look at stubs.c and see where getprotobyname > >> > > > > is > >> > > > > used. > >> > > > > My guess is that its a simple conversion from a protocol name to an > >> > > > > internal number used to identify the protocol. Again, just > >> > > > > speculation, but worth checking out. > > >> > > > > Cheers, > >> > > > > Earlence > > >> > > > > On Nov 8, 3:42 pm, Antonio Conforti <cox1...@gmail.com> wrote: > > >> > > > > > Good work Earlence. > >> > > > > > I got your same problem. I have tried to compile kernel with > >> > > > > > CONFIG_NETFILTER_XT_MATCH_OWNER, but didn't happen nothing. I > >> > > > > > get this > >> > > > > > error: > > >> > > > > > FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:378 > > >> > > > > > this is the command: > >> > > > > > # iptables -A INPUT -p tcp --dport 80 -j ACCEPT > >> > > > > > FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:378 > >> > > > > > # iptables -L > >> > > > > > Chain INPUT (policy ACCEPT) > >> > > > > > target prot opt source destination > >> > > > > > FIX ME! implement getprotobynumber() > >> > > > > > bionic/libc/bionic/stubs.c:384 > >> > > > > > ACCEPT tcp -- anywhere anywhere tcp > >> > > > > > dpt:www > > >> > > > > > Chain FORWARD (policy ACCEPT) > >> > > > > > target prot opt source destination > > >> > > > > > Chain OUTPUT (policy ACCEPT) > >> > > > > > target prot opt source destination > >> > > > > > # > > >> > > > > > Any suggestions? > >> > > > > > What is the full AOSP??? > >> > > > > > do you have compiled your iptables out of the kernel? > > >> > > > > > THANKS > > >> > > > > > On 8 Nov, 09:08, Earlence <earlencefe...@gmail.com> wrote: > > >> > > > > > > HTC phone: I have not tried it yet. > >> > > > > > > As I said, I have used goldfish, which is the emulator. > > >> > > > > > > On Nov 8, 9:07 am, Earlence <earlencefe...@gmail.com> wrote: > > >> > > > > > > > that option is needed if you want the owner match extension. > >> > > > > > > > to compile: google a bit! there are lots of good resources. > >> > > > > > > > you will > >> > > > > > > > find previous threads on this forum itself > > >> > > > > > > > On Nov 7, 3:35 pm, billmeteor chen <billmet...@gmail.com> > >> > > > > > > > wrote: > > >> > > > > > > > > Is that need to compile the kernel? > > >> > > > > > > > > How to do that by your steps? > > >> > > > > > > > > Can I work it on the HTC phone? > > >> > > > > > > > > On 11月6日, 下午7時12分, Earlence <earlencefe...@gmail.com> > >> > > > > > > > > wrote: > > >> > > > > > > > > > correct. > >> > > > > > > > > > that option should be configured, along with other > >> > > > > > > > > > extensions you may > >> > > > > > > > > > need. > > >> > > > > > > > > > Cheers, > >> > > > > > > > > > Earlence > > >> > > > > > > > > > On Nov 6, 6:04 am, "wilsonny...@gmail.com" > >> > > > > > > > > > <wilsonny...@gmail.com> > >> > > > > > > > > > wrote: > > >> > > > > > > > > > > Is that because the linux kernel was not compiled with > >> > > > > > > > > > > CONFIG_NETFILTER_XT_MATCH_OWNER option so that the > >> > > > > > > > > > > netfilter cannot do > >> > > > > > > > > > > anything with OWNER option ? > > >> > > > > > > > > > > Wilson > > >> > > > > > > > > > > 2010/11/6 billmeteor chen <billmet...@gmail.com> > > >> > > > > > > > > > > > Can you tell me how to solve this problem? > > >> > > > > > > > > > > > FIX ME! implement getprotobynumber() > >> > > > > > > > > > > > bionic/libc/bionic/stubs.c:384 > > >> > > > > > > > > > > > I have the same problem like this. > > >> > > > > > > > > > > > On 11月6日, 上午3時00分, Earlence > >> > > > > > > > > > > > <earlencefe...@gmail.com> wrote: > >> > > > > > > > > > > > > I got it! > > >> > > > > > > > > > > > > a crucial netfilter config was missing > > >> > > > > > > > > > > > > CONFIG_NETFILTER_XT_MATCH_OWNER=m > > >> > > > > > > > > > > > > Once that was in, everything worked like a charm! > > >> > > > > > > > > > > > > Cheers, > >> > > > > > > > > > > > > Earlence > > >> > > > > > > > > > > > > On Nov 4, 8:03 pm, Earlence > >> > > > > > > > > > > > > <earlencefe...@gmail.com> wrote: > > >> > > > > > > > > > > > > > Hi, > > >> > > > > > > > > > > > > > I modified the goldfish defconfig to allow > >> > > > > > > > > > > > > > netfilter support. > >> > > > > > > > > > > > > > I also built the full AOSP. > >> > > > > > > > > > > > > > The emulator boots with the new kernel and > >> > > > > > > > > > > > > > system image. > > >> > > > > > > > > > > > > > when I run "iptables -L", I get a 2 entires > >> > > > > > > > > > > > > > (input, output, forward) > >> > > > > > > > > > > > > > with no rules configured. > > >> > > > > > > > > > > > > > So, the compilation was okay. > >> > > > > > > > > > > > > > when I run this: > > >> > > > > > > > > > > > > > iptables -A OUTPUT -m owner --uid-owner 10001 > > >> > > > > > > > > > > > > > I get the message "No chain/target/match by that > >> > > > > > > > > > > > > > name" > >> > > > > > > > > > > > > > Why is this so? > > >> > > > > > > > > > > > > > also, when I run something like: > >> > > > > > > > > > > > > > iptables -A INPUT -p tcp --dport 80 -j ACCEPT > > >> > > > > > > > > > > > > > the output is: > >> > > > > > > > > > > > > > FIX ME! implement getprotobynumber() > >> > > > > > > > > > > > > > bionic/libc/bionic/stubs.c:384 > > >> > > > > > > > > > > > > > but the rule gets added and iptables -L returns: > > >> > > > > > > > > > > > > > Chain INPUT (policy ACCEPT) > >> > > > > > > > > > > > > > target prot opt source > >> > > > > > > > > > > > > > destination > >> > > > > > > > > > > > > > FIX ME! implement getprotobynumber() > >> > > > > > > > > > > > > > bionic/libc/bionic/stubs.c:384 > >> > > > > > > > > > > > > > ACCEPT tcp -- anywhere > >> > > > > > > > > > > > > > anywhere tcp > >> > > > > > > > > > > > > > dpt:www > > >> > > > > > > > > > > > > > Chain FORWARD (policy ACCEPT) > >> > > > > > > > > > > > > > target prot opt source > >> > > > > > > > > > > > > > destination > > >> > > > > > > > > > > > > > Chain OUTPUT (policy ACCEPT) > >> > > > > > > > > > > > > > target prot opt source > >> > > > > > > > > > > > > > destination > > >> > > > > > > > > > > > > > Help me out with this! > > >> > > > > > > > > > > > > > Cheers, > >> > > > > > > > > > > > > > Earlence- 隱藏被引用文字 - > > >> > > > > > > > > > > > > - 顯示被引用文字 - > > >> > > > > > > > > > > > -- > >> > > > > > > > > > > > unsubscribe: > >> > > > > > > > > > > > android-kernel+unsubscr...@googlegroups.com<android-kernel%2bunsubscr...@go-oglegroups.com> > >> > > > > > > > > > > > website:http://groups.google.com/group/android-kernel-隱藏被引用文字 > >> > > > > > > > > > > > - > > >> > > > > > > > > > - 顯示被引用文字 -- Hide quoted text - > > >> > > > > - Show quoted text -- Hide quoted text - > > >> > - Show quoted text - > > > -- > > unsubscribe: android-kernel+unsubscr...@googlegroups.com > > website:http://groups.google.com/group/android-kernel > > -- unsubscribe: android-kernel+unsubscr...@googlegroups.com website: http://groups.google.com/group/android-kernel
