i build the console tdx image in apalis module … how i can install the squid, snort etc … software packges in that…
squid, snort are available in OpenEmbedded and can be added to the image by adding the following in ~oe-core/build/conf/local.conf before building the image or adding them and then rebuilding the image.
IMAGE_INSTALL_append = " snort squid"
barnyard seems to be not available in OpenEmbedded. You would have to write your own bitbake recipe and add it in OpenEmbedded to build it.
if i run the command #iptables -L
modprobe: FATAL: Module ip_tables not found in directory /lib/modules/4.1.44-2.7.4+gb1555bf
iptables v1.6.0: can’t initialize iptables table `filter’: Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
I viewed your response
It looks like the i.MX6 kernel config is lacking NAT functionality. Adding the following config to your kernel configuration should fix it: CONFIG_IP_NF_IPTABLES.
One can check if this is enabled on the module with
zcat /proc/config.gz | grep -i “NF_IPTABLES”
but couldn’t get your point …
One has to build the kernel with CONFIG_IP_NF_IPTABLES since this is not enabled by default in our kernel configuration.
In the context of OE, please try with the following sequence of operations
MACHINE=apalis-imx6 bitbake -c menuconfig virtual/kernel
MACHINE=apalis-imx6 bitbake -f -c compile virtual/kernel
MACHINE=apalis-imx6 bitbake console-tdx-image
At the first step, you need to select the required kernel configuration.
i followed the steps that you mentioned above , but i am getting the same error …
After this command
MACHINE=apalis-imx6 bitbake -c menuconfig virtual/kernel
i enabled the networking option …
and run other two commands … build the image run the command “iptables -L”
getting the error only…
And did you flash the build image correctly? What is the output of
uname -a
cat /etc/issue
Please recheck the steps and redo them at your end. I just build an image using the same steps and have iptables working.
root@apalis-imx6:~# cat /etc/issue
.---O---.
| | .-. o o
| | |-----.-----.-----.| | .----..-----.-----.
| | | __ | ---'| '--.| .-'| | |
| | | | | |--- || --'| | | ' | | | |
'---'---'--'--'--. |-----''----''--' '-----'-'-'-'
-' |
'---'
The Angstrom Distribution \n \l
Angstrom v2016.12 - Kernel \r
Apalis-iMX6_Console-Image 2.7b4 20171113
root@apalis-imx6:~# zcat /proc/config.gz | grep -i iptables
CONFIG_IP_NF_IPTABLES=y
# CONFIG_IP6_NF_IPTABLES is not set
root@apalis-imx6:~# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
In " .config - Linux/arm 4.1.44 Kernel Configuration " need to know edited the
configuration in networking support and network option …
In " .config - Linux/arm 4.1.44 Kernel Configuration " need to know edited the configuration in networking support and network option …
So you did not select the option earlier?
Networking Support → Networking Options → Network packet filtering framework (Netfilter) → IP: Netfilter Configuration.
Select IP tables support and ARP tables support. Select the ones in IPv6: Netfilter Configuration as well if you want IPv6 support with iptables.
Thank you Sanchayan , for your guidance and response …
how to add squidGuard and barnyard , to the image …
As mentioned earlier, “squidguard and barnyard seems to be not available in OpenEmbedded. You would have to write your own bitbake recipe and add it in OpenEmbedded to build it.”