I understand that function getprotobynumber hasn't been implemented, how can I replace this function into iptables.c?
2010/11/25 Earlence <earlencefe...@gmail.com> > you do not need to download any other distribution of iptables, > Use the version provided with the source code. It get compiled > automatically. > Just make sure that all necessary modules are insmodded in the right > order. > > On Nov 25, 4:22 pm, Antonio Conforti <cox1...@gmail.com> wrote: > > I still have the same error ... I do not understand one thing: when I > > download into a folder and there is a file Android.mk, how do I > > compile it?If I try make I get an error. > > > > Thanks > > > > On 15 Nov, 09:33, hedwin <hedwin.kon...@gmail.com> wrote: > > > > > With iptables you can make different rules per interface thuse > > > allowing you to use ADB but keep the other interfaces in tight > > > control. > > > > > 2010/11/9 Earlence <earlencefe...@gmail.com>: > > > > > > yes. I just followed the instructions on the web page. nothing else. > > > > > > To add to my previous post: > > > > iptables was not hanging, adding the command to drop all packets were > > > > dropping the ADB packets as well! > > > > Must use it carefully :) > > > > > > Cheers, > > > > Earlence > > > > > > On Nov 9, 2:16 pm, Antonio Conforti <cox1...@gmail.com> wrote: > > > >> Thanks for you quickly answer...but did you download your source > using > > > >> repo command like this: > > > > > >> repo init -u git://android.git.kernel.org/platform/manifest.git > > > >> ? > > > > > >> On Nov 9, 1:40 pm, Earlence <earlencefe...@gmail.com> wrote: > > > > > >> > I think this is because, ADB itself operates over a network > connection > > > >> > with the emulator. > > > >> > Adding that command drops everything, including ADB packets! > > > > > >> > Cheers, > > > >> > Earlence > > > > > >> > On Nov 9, 1:23 pm, Earlence <earlencefe...@gmail.com> wrote: > > > > > >> > > You must download the android platform source and build > > > > > >> > > source.android.com > > > > > >> > > after successful download and env setup, you can do something > like: > > > > > >> > > $ source build/envsetup.sh > > > >> > > $ lunch full_sapphire-userdebug > > > >> > > $ make -j6 > > > > > >> > > After some time, in the out/.../sapphire/ you will get all the > > > >> > > necessary images. > > > >> > > Then you can boot your emulator to use the new kernel and built > system > > > >> > > images. > > > > > >> > > One problem though, > > > >> > > I have not downloaded any external iptables source package. It > seems I > > > >> > > am using the one already present in AOSP/external/iptables. > > > > > >> > > When I Issue a command like this: > > > > > >> > > iptables -P OUTPUT DROP > > > > > >> > > Everything just hangs. I cannot quite the ADB shell, I cannot > > > >> > > reconnect to the emulator...everything JUST HANGS! > > > >> > > Any idea why this is happening? > > > > > >> > > All other iptables commands work properly. > > > >> > > This hanging happens only when I try to reject all packets that > were > > > >> > > sent out. > > > >> > > eg: iptables -A OUTPUT -j DROP > > > >> > > also hangs. > > > >> > > Any idea why? > > > > > >> > > Cheers, > > > >> > > Earlence > > > > > >> > > On Nov 9, 10:29 am, Antonio Conforti <cox1...@gmail.com> wrote: > > > > > >> > > > I have build my android goldfish downloading git clone > > > >> > > > git://android.git.kernel.org/project/kernel/common.git then I > have > > > >> > > > downloaded iptables and compiled it!!! > > > >> > > > I am interested in building an AOSP. Did you download from > "http:// > > > >> > > > android.git.kernel.org/" all project or only some parts? > > > >> > > > I remember to you that I use Android Emulator. > > > > > >> > > > On Nov 8, 8:58 pm, Earlence <earlencefe...@gmail.com> wrote: > > > > > >> > > > > AOSP = android open source project. > > > >> > > > > I built a complete release version. all packages included > (for HTC > > > >> > > > > sapphire) > > > > > >> > > > > I think you should refer to this: > http://www.linuxquestions.org/questions/linux-kernel-70/kernel-iptabl... > > > > > >> > > > > Also, use the make menuconfig option when building the > kernel. See if > > > >> > > > > you have missed anything there. > > > > > >> > > > > The iptables user space command was not compiled separately. > > > > > >> > > > > Also, I would take a look at stubs.c and see where > getprotobyname is > > > >> > > > > used. > > > >> > > > > My guess is that its a simple conversion from a protocol > name to an > > > >> > > > > internal number used to identify the protocol. Again, just > > > >> > > > > speculation, but worth checking out. > > > > > >> > > > > Cheers, > > > >> > > > > Earlence > > > > > >> > > > > On Nov 8, 3:42 pm, Antonio Conforti <cox1...@gmail.com> > wrote: > > > > > >> > > > > > Good work Earlence. > > > >> > > > > > I got your same problem. I have tried to compile kernel > with > > > >> > > > > > CONFIG_NETFILTER_XT_MATCH_OWNER, but didn't happen > nothing. I get this > > > >> > > > > > error: > > > > > >> > > > > > FIX ME! implement getprotobyname() > bionic/libc/bionic/stubs.c:378 > > > > > >> > > > > > this is the command: > > > >> > > > > > # iptables -A INPUT -p tcp --dport 80 -j ACCEPT > > > >> > > > > > FIX ME! implement getprotobyname() > bionic/libc/bionic/stubs.c:378 > > > >> > > > > > # iptables -L > > > >> > > > > > Chain INPUT (policy ACCEPT) > > > >> > > > > > target prot opt source destination > > > >> > > > > > FIX ME! implement getprotobynumber() > bionic/libc/bionic/stubs.c:384 > > > >> > > > > > ACCEPT tcp -- anywhere anywhere > tcp > > > >> > > > > > dpt:www > > > > > >> > > > > > Chain FORWARD (policy ACCEPT) > > > >> > > > > > target prot opt source destination > > > > > >> > > > > > Chain OUTPUT (policy ACCEPT) > > > >> > > > > > target prot opt source destination > > > >> > > > > > # > > > > > >> > > > > > Any suggestions? > > > >> > > > > > What is the full AOSP??? > > > >> > > > > > do you have compiled your iptables out of the kernel? > > > > > >> > > > > > THANKS > > > > > >> > > > > > On 8 Nov, 09:08, Earlence <earlencefe...@gmail.com> > wrote: > > > > > >> > > > > > > HTC phone: I have not tried it yet. > > > >> > > > > > > As I said, I have used goldfish, which is the emulator. > > > > > >> > > > > > > On Nov 8, 9:07 am, Earlence <earlencefe...@gmail.com> > wrote: > > > > > >> > > > > > > > that option is needed if you want the owner match > extension. > > > >> > > > > > > > to compile: google a bit! there are lots of good > resources. you will > > > >> > > > > > > > find previous threads on this forum itself > > > > > >> > > > > > > > On Nov 7, 3:35 pm, billmeteor chen < > billmet...@gmail.com> wrote: > > > > > >> > > > > > > > > Is that need to compile the kernel? > > > > > >> > > > > > > > > How to do that by your steps? > > > > > >> > > > > > > > > Can I work it on the HTC phone? > > > > > >> > > > > > > > > On 11月6日, 下午7時12分, Earlence < > earlencefe...@gmail.com> wrote: > > > > > >> > > > > > > > > > correct. > > > >> > > > > > > > > > that option should be configured, along with other > extensions you may > > > >> > > > > > > > > > need. > > > > > >> > > > > > > > > > Cheers, > > > >> > > > > > > > > > Earlence > > > > > >> > > > > > > > > > On Nov 6, 6:04 am, "wilsonny...@gmail.com" < > wilsonny...@gmail.com> > > > >> > > > > > > > > > wrote: > > > > > >> > > > > > > > > > > Is that because the linux kernel was not > compiled with > > > >> > > > > > > > > > > CONFIG_NETFILTER_XT_MATCH_OWNER option so that > the netfilter cannot do > > > >> > > > > > > > > > > anything with OWNER option ? > > > > > >> > > > > > > > > > > Wilson > > > > > >> > > > > > > > > > > 2010/11/6 billmeteor chen <billmet...@gmail.com > > > > > > > >> > > > > > > > > > > > Can you tell me how to solve this problem? > > > > > >> > > > > > > > > > > > FIX ME! implement getprotobynumber() > bionic/libc/bionic/stubs.c:384 > > > > > >> > > > > > > > > > > > I have the same problem like this. > > > > > >> > > > > > > > > > > > On 11月6日, 上午3時00分, Earlence < > earlencefe...@gmail.com> wrote: > > > >> > > > > > > > > > > > > I got it! > > > > > >> > > > > > > > > > > > > a crucial netfilter config was missing > > > > > >> > > > > > > > > > > > > CONFIG_NETFILTER_XT_MATCH_OWNER=m > > > > > >> > > > > > > > > > > > > Once that was in, everything worked like a > charm! > > > > > >> > > > > > > > > > > > > Cheers, > > > >> > > > > > > > > > > > > Earlence > > > > > >> > > > > > > > > > > > > On Nov 4, 8:03 pm, Earlence < > earlencefe...@gmail.com> wrote: > > > > > >> > > > > > > > > > > > > > Hi, > > > > > >> > > > > > > > > > > > > > I modified the goldfish defconfig to allow > netfilter support. > > > >> > > > > > > > > > > > > > I also built the full AOSP. > > > >> > > > > > > > > > > > > > The emulator boots with the new kernel and > system image. > > > > > >> > > > > > > > > > > > > > when I run "iptables -L", I get a 2 > entires (input, output, forward) > > > >> > > > > > > > > > > > > > with no rules configured. > > > > > >> > > > > > > > > > > > > > So, the compilation was okay. > > > >> > > > > > > > > > > > > > when I run this: > > > > > >> > > > > > > > > > > > > > iptables -A OUTPUT -m owner --uid-owner > 10001 > > > > > >> > > > > > > > > > > > > > I get the message "No chain/target/match > by that name" > > > >> > > > > > > > > > > > > > Why is this so? > > > > > >> > > > > > > > > > > > > > also, when I run something like: > > > >> > > > > > > > > > > > > > iptables -A INPUT -p tcp --dport 80 -j > ACCEPT > > > > > >> > > > > > > > > > > > > > the output is: > > > >> > > > > > > > > > > > > > FIX ME! implement getprotobynumber() > bionic/libc/bionic/stubs.c:384 > > > > > >> > > > > > > > > > > > > > but the rule gets added and iptables -L > returns: > > > > > >> > > > > > > > > > > > > > Chain INPUT (policy ACCEPT) > > > >> > > > > > > > > > > > > > target prot opt source > destination > > > >> > > > > > > > > > > > > > FIX ME! implement getprotobynumber() > bionic/libc/bionic/stubs.c:384 > > > >> > > > > > > > > > > > > > ACCEPT tcp -- anywhere > anywhere tcp > > > >> > > > > > > > > > > > > > dpt:www > > > > > >> > > > > > > > > > > > > > Chain FORWARD (policy ACCEPT) > > > >> > > > > > > > > > > > > > target prot opt source > destination > > > > > >> > > > > > > > > > > > > > Chain OUTPUT (policy ACCEPT) > > > >> > > > > > > > > > > > > > target prot opt source > destination > > > > > >> > > > > > > > > > > > > > Help me out with this! > > > > > >> > > > > > > > > > > > > > Cheers, > > > >> > > > > > > > > > > > > > Earlence- 隱藏被引用文字 - > > > > > >> > > > > > > > > > > > > - 顯示被引用文字 - > > > > > >> > > > > > > > > > > > -- > > > >> > > > > > > > > > > > unsubscribe: > android-kernel+unsubscr...@googlegroups.com<android-kernel%2bunsubscr...@googlegroups.com> > <android-kernel%2bunsubscr...@go-oglegroups.com<android-kernel%252bunsubscr...@go-oglegroups.com> > > > > > > ... > > > > read more >> > > -- > unsubscribe: > android-kernel+unsubscr...@googlegroups.com<android-kernel%2bunsubscr...@googlegroups.com> > website: http://groups.google.com/group/android-kernel -- unsubscribe: android-kernel+unsubscr...@googlegroups.com website: http://groups.google.com/group/android-kernel
