iptables mirror target for linux kernel 5.4

After my last kernel upgrade I tried to build the iptables mirror target that I have published the last time here. The iptables mirror target takes the packet sent to your machine and returns the same packet to the machine the packet came from. Thus, let’s say someone tries to scan your machine or tries an attack he would scan his own machine or even attack his own machine.

When I tried it with kernel version 5.4, it did not build anymore with the current linux kernel. This time there has been a API change in kernel 5.0. Thus I had to replace the call to skb_make_writable() with a call to skb_ensure_writable. Furthermore a call to dst_neigh_output() had to be replaced by a call to neigh_output(). Also a small Makefile change has been necessary. Starting with kernel 5.4 the outdated SUBDIRS=$(PWD) argument gets ignored and M=$(PWD) has to be supplied instead. You can download the newer release for kernel version 5.4 and probably future kernels here:

MIRROR.5.4.tar.gz (6624 downloads )

The kernel module has been tested with kernel version 5.4.15-zen1. To build the module, boot the kernel you want to use the module with. Afterwards unpack the archive and run the compile.sh script to build the module. Then run the install.sh script for installing the compiled module into the /lib/modules directory for your kernel. Unfortunately the mirror target does not work with iptables version 1.6 and newer due to removal of the ipt_MIRROR extension (libipt_MIRROR.so). To use the MIRROR target one has to use iptables 1.4.21 or below.

Now you may use the mirror target in place of the REJECT or DROP target in the INPUT, FORWARD and PREROUTING chains, like this in your firewall script:

$IPTABLES -A INPUT -j MIRROR

Beware: The use of the mirror target may lead to strange results, in example if you want to connect to an iptables protected machine which uses the mirror target, you may end up connecting to the local machine without recognizing it. It also may use much bandwith. The worst case occurs if you have two machines using the module. These machines may end up playing ping pong. So you have been warned, use with caution and at your own risk. For more information see: MIRROR target.

Downloads for older kernel versions are below. Notice the version numbering 2.6.25 works for kernels up to 2.6.27. 2.6.28 also works for 2.6.29 and 2.6.30 kernels. The 2.6.13 version of the module should work up to kernel version 2.6.16.

MIRROR.2.6.13.tar.gz (9339 downloads )
MIRROR.2.6.24.tar.gz (10145 downloads )
MIRROR.2.6.25.tar.gz (9659 downloads )
MIRROR.2.6.28.tar.gz (9690 downloads )
MIRROR.2.6.31 (9285 downloads )
MIRROR.2.6.35.tar.gz (9045 downloads )
MIRROR.2.6.36.tar.gz (9203 downloads )
MIRROR.2.6.37.tar.gz (9009 downloads )
MIRROR.3.0.7.tar.gz (8722 downloads )
MIRROR.3.1.0.tar.gz (8438 downloads )
MIRROR.3.3.0.tar.gz (8491 downloads )
MIRROR.3.6.0.tar.gz (11987 downloads )
MIRROR.4.10.tar.gz (10808 downloads )

regards
Jürgen

1 Star2 Stars3 Stars4 Stars5 Stars (1 votes, average: 5.00 out of 5)
Loading...

Building a kernel module for the awus1900 Wifi stick and the Gemini PDA

A few days ago I have been asked if it is possible to build a driver for the awus1900 Wifi stick for the Gemini PDA. To be honest, I did not know, so I gave it a try.

The awus1900 uses Realtek’s rtl8814au chipset. The Linux driver for this chipset is available at many locations around the net. Most ones, I have tried, have not been compilable against the Gemini’s kernel. The driver at https://github.com/aircrack-ng/rtl8812au has been compilable with some minor modifications against the kernel source used for the kernel in Modular Linux kernel for the Gemini PDA with lid close fix.

First of all some parameters in the Makefile had to be changed to match the Gemini:

  • CONFIG_PLATFORM_I386_PC = n (disable x86 build)
  • CONFIG_PLATFORM_ARM64_RPI = y (enable arm64 build)

Some more parameters have been enabled for features in the hope that these do not cause problems:

  • CONFIG_POWER_SAVING = y
  • CONFIG_USB_AUTOSUSPEND = y
  • CONFIG_80211W = y

With all these changes the build fails complaining about STATION_INFO_SIGNAL and many more being undeclared. The module’s source expects these defines to be present in the kernel source for kernels below version 4.0. Most probably the Gemini kernel tree is different than other 3.x trees. So the line 23

#if (CFG80211_API_LEVEL >= KERNEL_VERSION(4, 0, 0))

in os_dep/linux/ioctl_cfg80211.c has been replaced with

#ifndef STATION_INFO_SIGNAL

to get the module source build against the Gemini’s kernel. Afterwards it has been possible to cross compile the kernel module by running make:

make ARCH=arm64 KSRC=/path_to_lib_modules_dir/3.18.41+/build

After building the module it can be copied to /lib/modules/3.18.41+/extra/ (or any other proper directory) on the Gemini and used afterwards. For those who do not want to build the module themselves, the binary modules for the kernel shared in the article Modular Linux kernel for the Gemini PDA with lid close fix can be downloaded from here: rtl88XX.zip (3287 downloads )

Regards
Jürgen

1 Star2 Stars3 Stars4 Stars5 Stars (1 votes, average: 5.00 out of 5)
Loading...

iptables mirror target for linux kernel 4.10

After my last kernel upgrade I tried to build the iptables mirror target published the last time here. The iptables mirror target takes the packet sent to your machine and returns the same packet to the machine the packet came from. Thus, let’s say someone tries to scan your machine or tries an attack he would scan his own machine or even attack his own machine. When I tried it with kernel version 4.12 , it did not build anymore with the current linux kernel. This time a struct changed in kernel 4.10 and some functions have got renamed in the kernel 4.11. Thus I had to update the ip_direct_send and ipt_mirror_target functions. You can download the newer release for kernel version 4.10 and probably future kernels here:

MIRROR.4.10.tar.gz (10808 downloads ) gplv3-127x51

The kernel module has been tested with kernel version 4.12.12-gentoo. To build the module, boot the kernel you want to use the module with. Afterwards unpack the archive and run the compile.sh script to build the module. Then run the install.sh script for installing the compiled module into the /lib/modules directory for your kernel.

Now you may use the mirror target in place of the REJECT or DROP target in the INPUT, FORWARD and PREROUTING chains, like this in your firewall script:

$IPTABLES -A INPUT -j MIRROR

Beware: The use of the mirror target may lead to strange results, in example if you want to connect to an iptables protected machine which uses the mirror target, you may end up connecting to the local machine without recognizing it. It also may use much bandwith. The worst case occurs if you have two machines using the module. These machines may end up playing ping pong. So you have been warned, use with caution and at your own risk. For more information see: MIRROR target.

Downloads for older kernel versions are below. Notice the version numbering 2.6.25 works for kernels up to 2.6.27. 2.6.28 also works for 2.6.29 and 2.6.30 kernels. The 2.6.13 version of the module should work up to kernel version 2.6.16.












gplv3-127x51

regards
Jürgen

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading...

iptables mirror target for linux kernel 3.6

After my last kernel upgrade I tried to build the iptables mirror target published the last time here. The iptables mirror target takes the packet sent to your machine and returns the same packet to the machine the packet came from. Thus, let’s say someone tries to scan your machine or tries an attack he would scan his own machine or even attack his own machine. When I tried it with kernel version 3.6 , it did not build anymore with the current linux kernel. This time some functions have got removed from the kernel. Thus I had to update the ip_direct_send function. You can download the newer release for kernel version 3.6 and probably future kernels here:

MIRROR.3.6.0.tar.gz (11987 downloads ) gplv3-127x51

The kernel module has been tested with kernel version 3.7.0-vs2.3.5.1. To build the module, boot the kernel you want to use the module with. Afterwards unpack the archive and run the compile.sh script to build the module. Then run the install.sh script for installing the compiled module into the /lib/modules directory for your kernel.

Now you may use the mirror target in place of the REJECT or DROP target in the INPUT, FORWARD and PREROUTING chains, like this in your firewall script:

$IPTABLES -A INPUT -j MIRROR

Beware: The use of the mirror target may lead to strange results, in example if you want to connect to an iptables protected machine which uses the mirror target, you may end up connecting to the local machine without recognizing it. It also may use much bandwith. The worst case occurs if you have two machines using the module. These machines may end up playing ping pong. So you have been warned, use with caution and at your own risk. For more information see: MIRROR target.

Downloads for older kernel versions are below. Notice the version numbering 2.6.25 works for kernels up to 2.6.27. 2.6.28 also works for 2.6.29 and 2.6.30 kernels. The 2.6.13 version of the module should work up to kernel version 2.6.16.











gplv3-127x51

regards
Jürgen

 

 

1 Star2 Stars3 Stars4 Stars5 Stars (2 votes, average: 5.00 out of 5)
Loading...

iptables mirror target for linux kernel 3.3

After my last kernel upgrade I tried to build the iptables mirror target published here. The iptables mirror target takes the packet sent to your machine and returns the same packet to the machine the packet came from. Thus, let’s say someone tries to scan your machine or tries an attack he would scan his own machine or even attack his own machine. When I tried it with kernel version 3.3 , it did not build anymore with the current linux kernel. However, this time only a minor modification has been neccesary. Another header file had to be included and a function name has changed.  You can download the newer release for kernel version 3.3 and probably future kernels here:

[download#86] gplv3-127x51

The kernel module has been tested with kernel version linux-3.3-vserver-2.3.3.1. To build the module, boot the kernel you want to use the module with. Afterwards unpack the archive and run the compile.sh script to build the module. Then run the install.sh script for installing the compiled module into the /lib/modules directory for your kernel.

Now you may use the mirror target in place of the REJECT or DROP target in the INPUT, FORWARD and PREROUTING chains, like this in your firewall script:

$IPTABLES -A INPUT -j MIRROR

Beware: The use of the mirror target may lead to strange results, in example if you want to connect to an iptables protected machine which uses the mirror target, you may end up connecting to the local machine without recognizing it. It also may use much bandwith. The worst case occurs if you have two machines using the module. These machines may end up playing ping pong. So you have been warned, use with caution and at your own risk. For more information see: MIRROR target.

Downloads for older kernel versions are below. Notice the version numbering 2.6.25 works for kernels up to 2.6.27. 2.6.28 also works for 2.6.29 and 2.6.30 kernels. The 2.6.13 version of the module should work up to kernel version 2.6.16.

[download#45]
[download#12]
[download#13]
[download#14]
[download#32]
[download#39]
[download#46]
[download#67]
[download#73]
[download#77]
gplv3-127x51

regards
Jürgen

 

 

1 Star2 Stars3 Stars4 Stars5 Stars (2 votes, average: 5.00 out of 5)
Loading...

iptables mirror target for linux kernel 3.1

After my last kernel upgrade I tried to build the iptables mirror target published here. The iptables mirror target takes the packet sent to your machine and returns the same packet to the machine the packet came from. Thus, let’s say someone tries to scan your machine or tries an attack he would scan his own machine or even attack his own machine. Guess what happened when I tried it with kernel versions 3.1 and 3.2 , it did not build anymore with the current linux kernel. There were some changes in the  kernels network stack. So I had to modify the iptables mirror target again to make the module work with current kernel versions. You can download the newer release for kernel version 3.1 and probably future kernels here:

[download#77] gplv3-127x51

The kernel module has been tested with kernel version 3.2.1 and 3.1. To build the module, boot the kernel you want to use the module with. Afterwards unpack the archive and run the compile.sh script to build the module. Then run the install.sh script for installing the compiled module into the /lib/modules directory for your kernel.

Now you may use the mirror target in place of the REJECT or DROP target in the INPUT, FORWARD and PREROUTING chains, like this in your firewall script:

$IPTABLES -A INPUT -j MIRROR

Beware: The use of the mirror target may lead to strange results, in example if you want to connect to an iptables protected machine which uses the mirror target, you may end up connecting to the local machine without recognizing it. It also may use much bandwith. The worst case occurs if you have two machines using the module. These machines may end up playing ping pong. So you have been warned, use with caution and at your own risk. For more information see: MIRROR target.

Downloads for older kernel versions are below. Notice the version numbering 2.6.25 works for kernels up to 2.6.27. 2.6.28 also works for 2.6.29 and 2.6.30 kernels. The 2.6.13 version of the module should work up to kernel version 2.6.16.

[download#45]
[download#12]
[download#13]
[download#14]
[download#32]
[download#39]
[download#46]
[download#67]
[download#73]
gplv3-127x51

regards
Jürgen

 

1 Star2 Stars3 Stars4 Stars5 Stars (1 votes, average: 5.00 out of 5)
Loading...

iptables mirror target for linux kernel 3.0.7

After my last kernel upgrade I recognized that the iptables mirror target I published here does not work anymore with kernel version 3.0. There were some changes in kernel code. Thus I had to modify the iptables mirror target again to make it work with current kernel versions. You can download the newer release for kernel version 3.0 and probably future kernels here:

[download#73] gplv3-127x51

The kernel module has been tested with kernel version 3.0.7. According to the kernel changelog it should work with kernels since 2.6.39. If you have tried the mirror module with other kernel versions  than 3.0.7, please leave a reply for others to know whether other versions work, or not.

To build the module, boot the kernel you want to use the module with. Afterwards unpack the archive and run the compile.sh script to build the module. Then run the install.sh script for installing the compiled module into the /lib/modules directory for your kernel.

Now you may use the mirror target in place of the reject or drop target in the INPUT, FORWARD and PREROUTING chains, like this in your firewall script:

$IPTABLES -A INPUT -j MIRROR

Beware: The use of the mirror target may have strange results, in example if you want to connect to an iptables protected machine which uses the mirror target, you may end up connecting to the local machine without recognizing it. It also may use much bandwith. The worst case occurs if you have two machines using the module.  These machines may end up playing pingpong. So you have been warned, use with caution and at your own risk. For more information see: MIRROR target.

Downloads for older kernel versions are below. Notice the version numbering 2.6.25 works for kernels up to 2.6.27. 2.6.28 also works for 2.6.29 and 2.6.30 kernels. The 2.6.13 version of the module should work up to kernel version 2.6.16.

[download#45]
[download#12]
[download#13]
[download#14]
[download#32]
[download#39]
[download#46]
[download#67]
gplv3-127x51

regards
Jürgen

1 Star2 Stars3 Stars4 Stars5 Stars (1 votes, average: 5.00 out of 5)
Loading...

siteinfo

Translator