heihei1252 / scholarzhang

Automatically exported from code.google.com/p/scholarzhang
0 stars 0 forks source link

ipset does not work on android #107

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago
I'm using several HTC's android phones and trying to port this.
All the binaries are not stripped.
Kernel modules are compiled and installed without any problems. 
After comment out "-Wl,--no-undefined"(in android source/ndk), ipset's
libraries can be compiled, but can't be loaded saying can't find some
functions.
Well, it seems that ipset's library will look for some function entries on
ipset, strange design.
Since libc(bonic) in android doesn't implement this feature, is it easy to
make ipset user space binaries a single executable?

# lsmod
ip_set_iptreemap 11256 0 - Live 0xbf13d000
ip_set_iptree 7128 0 - Live 0xbf136000
ip_set_ipportnethash 12528 0 - Live 0xbf12d000
ip_set_ipportiphash 10408 0 - Live 0xbf125000
ip_set_ipporthash 9680 0 - Live 0xbf11d000
ip_set_ipmap 4456 0 - Live 0xbf116000
ip_set_iphash 8464 0 - Live 0xbf10e000
xt_ZHANG 2812 0 - Live 0xbf108000
xt_gfw 2648 0 - Live 0xbf102000
xt_CUI 3496 0 - Live 0xbf0fc000
ipt_SET 2472 0 - Live 0xbf0f6000
ipt_set 2252 0 - Live 0xbf0f0000
ip_set_setlist 5116 0 - Live 0xbf0e9000
ip_set_portmap 4588 0 - Live 0xbf0e2000
ip_set_nethash 10396 0 - Live 0xbf0da000
ip_set_macipmap 4372 0 - Live 0xbf0d3000
ip_set 16800 24
ip_set_iptreemap,ip_set_iptree,ip_set_ipportnethash,ip_set_ipportiphash,ip_set_i
pporthash,ip_set_ipmap,ip_set_iphash,ipt_SET,ipt_set,ip_set_setlist,ip_set_portm
ap,ip_set_nethash,ip_set_macipmap,
Live 0xbf0c9000
compat_xtables 4260 2 xt_ZHANG,xt_CUI, Live 0xbf08e000

# cd /data/local/sz
# ipset -R < GOOGLE
ipset v4.2: Couldn't load settype `nethash':Cannot load library:
reloc_library[1172]:   588 cannot locate 'ipset_free'...

Restore failed at line 1:
Try `ipset -H' or 'ipset --help' for more information.

luka@luka-laptop:~$ adb pull /system/bin/ipset ipset
362 KB/s (36455 bytes in 0.098s)
luka@luka-laptop:~$ arm-eabi-readelf -a ipset | grep ipset_free
   151: 00009110    12 FUNC    GLOBAL DEFAULT    8 ipset_free

Original issue reported on code.google.com by tewil...@gmail.com on 8 May 2010 at 7:33

GoogleCodeExporter commented 9 years ago
Patched ipset and make it a single executable(Simply call xxxx_init in main). 
Now it
works.

Original comment by tewil...@gmail.com on 8 May 2010 at 8:26

GoogleCodeExporter commented 9 years ago
After an afternoon now it seems to work on my G4. And it will soon available for
other models.
I can see logs now.
<6>[ 1883.567199] gfw: IN=tiwlan0 OUT= 
MAC=00:23:76:4c:cc:75:00:25:86:99:20:36:08:00
SRC=66.249.89.104 DST=192.168.1.83 LEN=40 TOS=0x00 PREC=0x00 TTL=55 ID=64 
PROTO=TCP
SPT=80 DPT=39892 WINDOW=18022 RES=0x00 RST URGP=0 
<6>[ 1883.682342] gfw: IN=tiwlan0 OUT= 
MAC=00:23:76:4c:cc:75:00:25:86:99:20:36:08:00
SRC=66.249.89.104 DST=192.168.1.83 LEN=40 TOS=0x00 PREC=0x00 TTL=55 ID=64 
PROTO=TCP
SPT=80 DPT=39892 WINDOW=4108 RES=0x00 RST URGP=0 
<6>[ 1883.968170] gfw: IN=tiwlan0 OUT= 
MAC=00:23:76:4c:cc:75:00:25:86:99:20:36:08:00
SRC=66.249.89.104 DST=192.168.1.83 LEN=40 TOS=0x00 PREC=0x00 TTL=55 ID=64 
PROTO=TCP
SPT=80 DPT=52456 WINDOW=6133 RES=0x00 RST URGP=0 
<6>[ 1883.994812] gfw: IN=tiwlan0 OUT= 
MAC=00:23:76:4c:cc:75:00:25:86:99:20:36:08:00
SRC=66.249.89.104 DST=192.168.1.83 LEN=40 TOS=0x00 PREC=0x00 TTL=55 ID=64 
PROTO=TCP
SPT=80 DPT=52456 WINDOW=26356 RES=0x00 RST URGP=0 
<6>[ 1884.006652] gfw: IN=tiwlan0 OUT= 
MAC=00:23:76:4c:cc:75:00:25:86:99:20:36:08:00
SRC=66.249.89.104 DST=192.168.1.83 LEN=40 TOS=0x00 PREC=0x00 TTL=55 ID=64 
PROTO=TCP
SPT=80 DPT=52456 WINDOW=26860 RES=0x00 RST URGP=0 
<6>[ 1884.101989] gfw: IN=tiwlan0 OUT= 
MAC=00:23:76:4c:cc:75:00:25:86:99:20:36:08:00
SRC=66.249.89.104 DST=192.168.1.83 LEN=40 TOS=0x00 PREC=0x00 TTL=55 ID=64 
PROTO=TCP
SPT=80 DPT=52456 WINDOW=8977 RES=0x00 RST URGP=0 
But unfortunately, my home gateway is the common one which is reported not 
working in
certain LANs.

Original comment by tewil...@gmail.com on 9 May 2010 at 12:06

GoogleCodeExporter commented 9 years ago
refer to upstream.

Original comment by yingyingcui.scholarzhang@gmail.com on 18 Aug 2010 at 7:08

GoogleCodeExporter commented 9 years ago

Original comment by kiz...@gmail.com on 17 Sep 2011 at 2:02

GoogleCodeExporter commented 9 years ago

Original comment by kiz...@gmail.com on 17 Sep 2011 at 2:32