linux虚拟网桥的构建和WAN的连接系统环境配置内核配置网桥

90 阅读 0 评论 60 点赞

我是靠谱客的博主奋斗红酒，这篇文章主要介绍linux虚拟网桥的构建和WAN的连接系统环境配置内核配置网桥，现在分享给大家，希望可以做个参考。

系统环境

编译环境：ubuntu 14.04 x86_64
运行平台：IMX6Q平台
说明：系统中所有#开头的字符行表示该行为linux命令行。
#工具链
##编译dhcp
由于需要动态IP分配，因此在这里编译dhcp，获取dpch服务器，编译命令如下：

复制代码

1
2
3
4
5
#tar xvzf dhcp-4.2.0-P2.tar.gz 
#echo ac_cv_file__dev_random=yes > config.cache
#./configure --prefix=/${PWD}/install --host=arm-linux-gnueabihf --cache-file=config.cache
#make && make install

当出现如下信息"Configuring BIND Export libraries for DHCP"并且进入后面的输出信息时，按下CRT+C，停止编译，并运行如下命令：

复制代码

1
2
3
4
5
6
7
8
删除所有Makefile中的-Werror编译项
#find ./ -name Makefile|xargs sed -i 's/-Werror/ /g'
在bind/bind-9.7.1/lib/export/dns/Makefile.in的163行将"${CC}"替换成"${BUILD_CC}" 
#sed -i '163s/${CC}/${BUILD_CC}/g'  bind/bind-9.7.1/lib/export/dns/Makefile.in
在文件bind/Makefile 的48行将"./configure"替换成"BUILD_CC=gcc ./configure --host=arm-linux-gnueabihf --with-randomdev=/dev/random" 
#sed -i '48s/./configure/BUILD_CC=gcc ./configure --host=arm-linux-gnueabihf --with-randomdev=/dev/random/g' bind/Makefile
#make && make install

##编译iptables
iptables依赖于libmnl libnftnl

编译libnftnl库

复制代码

1
2
3
4
#tar xvjf libmnl-1.0.3.tar.bz2 -C./
#./configure --prefix=${PWD}/install --host=arm-linux-gnueabihf CC=arm-linux-gnueabihf-gcc
#make && make install

###编译libnftnl库

复制代码

1
2
3
4
#tar xvjf libnftnl-1.0.5.tar.bz2 -C./
#./configure --host=arm-linux-gnueabihf --prefix=${PWD}/install CC=arm-linux-gnueabihf-gcc PKG_CONFIG_PATH=../libmnl-1.0.3/install/lib/pkgconfig
#make &&make install

编译iptables

复制代码

1
2
3
#./configure --host=arm-linux-gnueabihf --prefix=${PWD}/install --enable-static --disable-shared --with-ksource=/home/pengrui/my-imx6/02_source/imx-3.14.52_1.0.o_ga/kernel/linux-3.14.52 libmnl_CFLAGS=-I/home/pengrui/my-imx6/02_source/imx-3.14.52_1.0.o_ga/tools/libmnl-1.0.3/install/include libmnl_LIBS="-L/home/pengrui/my-imx6/02_source/imx-3.14.52_1.0.o_ga/tools/libmnl-1.0.3/install/lib -lnftnl" libnftnl_CFLAGS=-I/home/pengrui/my-imx6/02_source/imx-3.14.52_1.0.o_ga/tools/libnftnl-1.0.5/install/include libnftnl_LIBS="-L/home/pengrui/my-imx6/02_source/imx-3.14.52_1.0.o_ga/tools/libnftnl-1.0.5/install/lib -lmnl"
#make && make install

编译bridge-utils

复制代码

1
2
3
4
#autoconf
#./configure --prefix=$PWD/install --host=arm-linux-gnueabihf CC=arm-linux-gnueabihf-gcc
#make&&make install

配置内核

增加NAT支持

Networking support —> Networking options —> Network packet filtering framework (Netfilter)
linux内核添加NAT支持

复制代码

1
2
3
4
5
6
7
8
9
10
11
12
13
14
Core Netfilter configuration 选择如下配置：
<*>Netfilter connection tracking support
<*>Netfilter Xtables support (required for ip_tables)
![linux内核添加NAT支持](https://img-blog.csdn.net/20160524190417233)
<*>IPv4 connection tracking support (required for NAT)
  <*> proc/sysctl compatibility with old connection tracking
  <*> IP tables support (required for filtering/masq/NAT)
  <*>   Packet filtering
  <*>     REJECT target support
  <*>   IPv4 NAT
  <*> 		MASQUERADE target support
  <*> 		NETMAP target support
<*> 		REDIRECT target support

linux内核添加NAT支持

增加对网桥支持

linux内核添加网桥支持

配置网桥

框架接口图

复制代码

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
brctl addbr br-lan//创建一个虚拟网桥
ifconfig eth0 down
ifconfig eth1 down
ifconfig wlan0 down
iw dev wlan0 set 4addr on//不允许此步骤，无法将wlan0加入网桥
ifconfig br-lan 192.168.1.1 netmask 255.255.255.0  up
dhcpd br-lan
ifconfig eth0 up
ifconfig eth1 up
ifconfig wlan0 up
hostpad –d /etc/hostapd.conf -B
/etc/dhcod.conf
subnet 192.168.1.0 netmask 255.255.255.0 {
  range dynamic-bootp 192.168.1.10 192.168.1.60;
# option broadcast-address 10.254.239.31;
  option domain-name-servers 210.21.4.130;
  option routers 192.168.1.1;
}
touch /var/db/dhcpd.leases
dhcpd wlan0 -pf /var/run/dhcpd.pid//动态分配IP地址
iptables -t nat -A POSTROUTING -o wwan0 -j MASQUERADE//设置NAT转发规则