Updating Iptables to support Layer7 and Installing IPP2P

After you restart, make sure to boot on your newly compiled kernel.

GRUB with Layer 7

Remove existing iptables from your system

apt-get --purge remove iptables

then go to the directory of your newly downloaded iptables which is in /usr/src/iptables.

cd /usr/src/iptables

Patch your newly downloaded iptables with Layer7.

patch -p1 < ../netfilter-layer7-v2.20/iptables-1.4-for-kernel-2.6.20forward-layer7-2.20.patch
chmod +x extensions/.layer7-test

Compile iptables

make KERNEL_DIR=/usr/src/linux
make install KERNEL_DIR=/usr/src/linux

Install layer7 protocols

cd ../l7-protocols-2008-04-23
make install

Go to the directory of your downloaded IPP2P

cd ../ipp2p-0.8.2

Download these patch from gentoo website

wget http://sources.gentoo.org/viewcvs.py/*checkout*/gentoo-x86/net-firewall/ipp2p/files/ipp2p-0.8.2-kernel-2.6.22.patch
wget http://sources.gentoo.org/viewcvs.py/*checkout*/gentoo-x86/net-firewall/ipp2p/files/ipp2p-0.8.2-iptables-1.4.0.patch

and run the patch

patch -p1 < ipp2p-0.8.2-kernel-2.6.22.patch
patch -p1 < ipp2p-0.8.2-iptables-1.4.0.patch

Edit the file Makefile

vi Makefile

and change:

libipt_ipp2p.so: libipt_ipp2p.c ipt_ipp2p.h
ld -shared -o libipt_ipp2p.so libipt_ipp2p.o


$(CC) -shared -o libipt_ipp2p.so libipt_ipp2p.o

and install it


Copy libraries

cp libipt_ipp2p.so /usr/local/lib/iptables/
cp ipt_ipp2p.ko /lib/modules/2.6.25-l7/kernel/net/netfilter/

and run

depmod -a

Layer7 and IPP2P is now installed, run these command to verify.

/sbin/iptables -m layer7 --help
/sbin/iptables -m ipp2p --help