iptables交叉编译(Hisiav300平台)
参考文章:https://blog.csdn.net/Bgm_Nilbb/article/details/135714738
https://bbs.archlinux.org/viewtopic.php?pid=1701065
1、libmnl 交叉编译
tar xvf libmnl-1.0.5.tar.bz2
sudo chmod 777 -R libmnl-1.0.5
cd libmnl-1.0.5
mkdir _install
//host和CC需要修改成自己的,其他版本可能需要先执行autogen.sh脚本
./configure --host=arm-himix410-linux CC=arm-himix410-linux-gcc LDFLAGS=-static --prefix=$PWD/_install
make
make install
2、libnftnl交叉编译
tar xvf libnftnl-1.2.6.tar.xz
sudo chmod 777 -R libnftnl-1.2.6
cd libnftnl-1.2.6
mkdir _install
//PKG_CONFIG_PATH为libmnl的产物路径libmnl-1.0.5/_install/lib/pkgconfig
./configure --host=arm-himix410-linux CC=arm-himix410-linux-gcc \
LDFLAGS=-static --prefix=$PWD/_install \
PKG_CONFIG_PATH=/home/johan/share/Hi3516CV500/wifi/iptables_build/libmnl-1.0.5/_install/lib/pkgconfig
make
make install
3、iptables交叉编译
tar xvf iptables-1.8.9.tar.xz
sudo chmod 777 -R iptables-1.8.9
cd iptables-1.8.9/
mkdir _install
./autogen.sh
//PKG_CONFIG_PATH中添加libmnl和libnftnl产物的pkgconfig路径--也可直接加在makefile中
./configure --host=arm-himix410-linux CC=arm-himix410-linux-gcc --enable-static \
--disable-shared --prefix=$PWD/__install --disable-ipv6 --disable-largefile \
PKG_CONFIG_PATH="/home/johan/share/Hi3516CV500/wifi/iptables_build/libmnl-1.0.5/_install/lib/pkgconfig:/home/johan/share/Hi3516CV500/wifi/iptables_build/libnftnl-1.2.6/_install/lib/pkgconfig"
make
make install
4、使用iptables
#配置启用NAT转发规则 -o配置上行口即sta使用的网卡
1. iptables -t nat -A POSTROUTING -o wlan0 -j MASQUERADE
2. iptables -A FORWARD -i wlan0 -o wlan1 -m state --state RELATED,ESTABLISHED -j ACCEPT
3. iptables -A FORWARD -i wlan1 -o wlan0 -j ACCEPT
4. iptables -nvL -tnat #查看NAT表的规则列表和统计信息