EditWYSIWYGAttachPrintable
r10 - 31 Mar 2010 - 00:38:57 - AndrewMillerYou are here: TWiki >  IMQ Web  > HowToInstall

How to Install IMQ

Installing IMQ has two parts:

  • installing the kernel part (ie. IMQ driver and IMQ netfilter module): patching, compiling and installing the kernel
  • installing the userspace part (ie. iptables with IMQ support): patching, compiling and installing iptables

Installing IMQ support in the kernel

What you will need:

  • a recent kernel source (we recommend to use the last stable version); fetch from a mirror of http://www.kernel.org/
  • the latest IMQ patch for the given kernel version; fetch from http://www.linuximq.net/
  • stuff needed for compiling the kernel; you can install with your distribution's package manager (you will probably need gcc, make, and binutils, perhaps more)
  • you have to be able to configure, compile and install a kernel by yourself before attempting to install IMQ

Step-by-step instructions (2.4, various)

Patching the kernel

Untar the kernel source: 

tar xjf linux-2.4.26.tar.bz2

Change directory into the kernel source tree's root: 

cd linux-2.4.26

Patch the kernel: 

patch -p1 </path/to/the/file/linux-2.4.26-imq.diff

If the patch applied cleanly, then go on to configuring and compiling the kernel. (If you see lines similar to 

Hunk #1 FAILED at 3040.
, then something went wrong. Check that the patch is suitable for the given kernel version, and that your kernel source is not altered or broken - we recommend you download the source from a mirror of http://www.kernel.org/ directly.) Or | ordering essay is also acceptable.

Configuring the kernel

Configure the kernel as you used to (eg. menuconfig, xconfig, oldconfig, config, ...).

Tip: Use your old kernel's .config file - often you can find it under /boot (with a name like /boot/config-2.4.26), then you can copy it into the root of the kernel source tree, under name .config before you run 

make menuconfig
(or xconfig, etc.).

You must set at least these variables to have IMQ work:

  • CONFIG_IMQ (Network device support/IMQ (intermediate queueing device) support)
  • CONFIG_IP_NF_TARGET_IMQ (Networking options/IP: Netfilter Configuration/IMQ target support), and its dependencies:
    • CONFIG_NETFILTER (Networking options/Network packet filtering (replaces ipchains))
    • CONFIG_IP_NF_IPTABLES (Networking options/IP: Netfilter Configuration/IP tables support (required for filtering/masq/NAT))
    • CONFIG_IP_NF_MANGLE (Networking options/IP: Netfilter Configuration/Packet mangling)
    • other basic stuff (TCP/IP networking, ...)
  • optionally CONFIG_IP6_NF_TARGET_IMQ (Networking options/IPv6: Netfilter Configuration/IMQ target support), and its dependencies:
    • CONFIG_IPV6 (Networking options/The IPv6 protocol)
    • CONFIG_IP6_NF_IPTABLES (Networking options/IPv6: Netfilter Configuration/IP6 tables support (required for filtering/masq/NAT))
    • CONFIG_IP6_NF_MANGLE (Networking options/IPv6: Netfilter Configuration/Packet mangling)
    • other basic stuff (TCP/IP networking, ...)
  • CONFIG_NET_SCHED (Networking options/QoS and/or fair queueing/QoS and/or fair queueing)
  • the QoS qdisc(s) (and maybe filter(s)) you intend to use (Networking options / QoS and/or fair queueing / *)
  • probably (if not using exclusively QoS filters) CONFIG_IP_NF_TARGET_MARK (Networking options/IP: Netfilter Configuration/MARK target support) and/or CONFIG_IP6_NF_TARGET_MARK (Networking options/IPv6: Netfilter Configuration/MARK target support) and some netfilter match targets

You can put any or all of these parts in modules if you like (and is possible because of dependencies).

Compiling and installing the kernel

You can compile and install the kernel as you usually do.

Step-by-step instructions (2.6, Debian Etch specific)

Patching the kernel

Apt-get kernel source: 

apt-get install linux-source-2.6.17
cd /usr/src
tar -xjf linux-source-2.6.17.tar.bz2

Change directory into the kernel source tree's root: 

cd linux-source-2.6.17

Patch the kernel: 

patch -p1 </path/to/the/file/linux-2.6.17-imq1.diff

that is 'patch -p[one]', not 'patch -p[lower case L]' (yes, I'm a noob and it got me)

!!!Note!!! - debian etch (as of this writing) does not include the connlimit patch in the kernel (but does in iptables - weird). If you want it, add it now.

Configuring the kernel

Configure the kernel as you used to (eg. menuconfig, xconfig, oldconfig, config, ...).

Tip: Use your old kernel's .config file - often you can find it under /boot (with a name like /boot/config-2.4.26), then you can copy it into the root of the kernel source tree, under name .config before you run 

make menuconfig
(or xconfig, etc.).

You must set at least these variables to have IMQ work:

  • CONFIG_IMQ (Network device support/IMQ (intermediate queueing device) support)
  • CONFIG_IP_NF_TARGET_IMQ (Networking options/IP: Netfilter Configuration/IMQ target support), and its dependencies:
    • CONFIG_NETFILTER (Networking options/Network packet filtering (replaces ipchains))
    • CONFIG_IP_NF_IPTABLES (Networking options/IP: Netfilter Configuration/IP tables support (required for filtering/masq/NAT))
    • CONFIG_IP_NF_MANGLE (Networking options/IP: Netfilter Configuration/Packet mangling)
    • other basic stuff (TCP/IP networking, ...)
  • optionally CONFIG_IP6_NF_TARGET_IMQ (Networking options/IPv6: Netfilter Configuration/IMQ target support), and its dependencies:
    • CONFIG_IPV6 (Networking options/The IPv6 protocol)
    • CONFIG_IP6_NF_IPTABLES (Networking options/IPv6: Netfilter Configuration/IP6 tables support (required for filtering/masq/NAT))
    • CONFIG_IP6_NF_MANGLE (Networking options/IPv6: Netfilter Configuration/Packet mangling)
    • other basic stuff (TCP/IP networking, ...)
  • CONFIG_NET_SCHED (Networking options/QoS and/or fair queueing/QoS and/or fair queueing)
  • the QoS qdisc(s) (and maybe filter(s)) you intend to use (Networking options / QoS and/or fair queueing / *)
  • probably (if not using exclusively QoS filters) CONFIG_IP_NF_TARGET_MARK (Networking options/IP: Netfilter Configuration/MARK target support) and/or CONFIG_IP6_NF_TARGET_MARK (Networking options/IPv6: Netfilter Configuration/MARK target support) and some netfilter match targets

You can put any or all of these parts in modules if you like (and is possible because of dependencies).

Compiling and installing the kernel

You can compile and install the kernel as you usually do.

I used: 

make-kpkg --append-to-version imq1 --initrd kernel_image

Installing IMQ support in iptables

What you will need:

  • a relatively recent iptables source; you can fetch it from http://www.netfilter.org/
  • the latest IMQ patch for the given version of iptables; you can fetch it from http://www.linuximq.net/
  • some familiarity with compiling and installing an application from source

Step-by-step instructions

Some doc is here: http://www.linuximq.net/faq.html 7 - How to apply IMQ patch to iptables >= 1.2.9?

Patching iptables

wip

On Debian Etch (linux 2.6.17, iptables 1.3.6), download iptables with: 

apt-get source iptables

Next get the build dependencies: 

apt-get build-dep iptables

Source and tools in hand, change directory: 

cd /usr/src/[iptables package name]/

e.g. 

cd /usr/src/iptables-1.3.6.0debian1/

Next, you must link the linux directory to your linux source directory: 

rm -rf linux
ln -s /usr/src/linux-source-2.6.17 linux

Now change directory to the actual iptables source directory: 

cd /usr/src/[iptables package name]/iptables

e.g. 

cd /usr/src/iptables-1.3.6.0debian1/iptables

That trailing /iptables is important - initially i did not realize the source was in the subdirectory. Here you may apply the patch: 

patch -p1 <../../iptables-1.3.0-imq1.diff

And chmod the scripts it creates: 

chmod +x extensions/.IMQ-test*

Now you have patched source.

Compiling iptables

Don't forget to make the scripts executable 

patch -p1 <../iptables-1.2.9-imq1.diff
chmod +x extensions/.IMQ-test*

wip

Under Etch, use dpkg-buildpackage: 

cd /usr/src/[iptables package name]/
dpkg-build -rfakeroot -uc -b

Installing iptables

wip

ALERT!Make sure you removed old iptables installation (esp. remove your distro's package, if installed); otherwise you may end up with a screwed install (iptables binary finds modules in the wrong place), and it won't work.

Under Etch, cdup and run 

cd ../
dpkg -i [iptablespackage].deb

I would recommend you now apt-pin or use dselect to prevent it from automatically getting overwritten at the next apt-get update && apt-get upgrade.

Setting up IMQ

Now you have installed the needed components. You should go on your setup with HowToUse IMQ.

Content in this Wiki is CopyRighted under the GNU General Public License Version 2.

Edit | WYSIWYG | Attach | Printable | Raw View | Backlinks: Web, All Webs | History: r10 < r9 < r8 < r7 < r6 | More topic actions
 
Powered by TWiki
This site is powered by the TWiki collaboration platformCopyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback