blob: 08a22ba6c0ac44617081638ee7ba382b5da655e9 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
|
This is the ipset source tree. Follow these steps to install ipset:
0. You need the source tree of your kernel (version >= 2.6.31)
and it have to be configured, modules compiled. Please apply
the netlink.patch against your kernel tree (with kernel <= 2.6.31.1
please use the patch netlink.patch-2.6.31.1). Recompile and
install the patched kernel.
1. Initialize the compiling environment for ipset
% ./autogen.sh
2. Run `./configure` and then compile the ipset binary and the kernel
modules.
The ipset source code depends on the libmnl library.
Configure parameters can be used to to override the default path
to the kernel source tree (/lib/modules/`uname -r`/build),
the maximum number of sets (256), the default hash sizes (1024)
or disable the extra compiler warning flags if your compiler
does not support all of them. See `./configure --help`.
% ./configure
% make
% make modules
3. Install the binary and the modules
# make install
# make modules_install
After installing the modules, you can run the testsuite as well.
Please note, several assumptions must be met for the testsuite:
- no sets defined
- iptables/ip6tables rules are not set up
- the destination for kernel logs is /var/log/kern.log
- the networks 10.255.255.0/24 and 1002:1002:1002:1002::/64
are not in use
- sendip utility is installed
# make tests
4. Cleanup the source tree
% make clean
% make modules_clean
That's it!
Read the ipset(8) and iptables(8) manpages on how to use ipset
and its match and target from iptables.
|
