eks1024
commented
1 year ago 谢谢大佬,好人一生平安
Closed eks1024 closed 11 months ago
eks1024
commented
1 year ago 谢谢大佬,好人一生平安
YoungxuJi
commented
1 year ago 4.4.302的编译好的文件已经在这项目里了呀,有测试过吗可用吗?
Windman1320
commented
11 months ago 4.4.302的编译好的文件已经在这项目里了呀,有测试过吗可用吗?
还缺失部分iptables 的so,但是上次不知道为啥成功启动了,掉了一次电后就启动不了
Dec 16 02:51:22 DiskStation docker[21696]: time="2023-12-16T02:51:22.724016731+08:00" level=warning msg="grpc: addrConn.createTransport failed to connect to {unix:///var/run/docker/containerd/containerd.sock <nil> 0 <nil>}. Err :connection error: desc = \"transport: Error while dialing dial unix:///var/run/docker/containerd/containerd.sock: timeout\". Reconnecting..." module=grpc
Dec 16 02:51:22 DiskStation dockerd[21696]: failed to start daemon: Error initializing network controller: Error creating default "bridge" network: Failed to Setup IP tables: Unable to enable NAT rule: (iptables failed: ip6tables --wait -t nat -I POSTROUTING -s fd00::/80 ! -o docker0 -j MASQUERADE: ip6tables v1.8.3 (legacy): Couldn't load target 'MASQUERADE':No such file or directory
Dec 16 02:51:22 DiskStation dockerd[21696]: Try 'ip6tables -h' or 'ip6tables --help' for more information.
sjtuross
commented
11 months ago 刚刚更新了一波,7.2应该都没问题了
Windman1320
commented
11 months ago 刚刚更新了一波,7.2应该都没问题了
大佬是怎么编译的呢,社区还没有更新7.2的kernel,我找到一个contributor的7.2 kernel分支,编译缺头linux/version.h文件。。
sjtuross
commented
11 months ago 用备用方法编译的,在这儿https://github.com/sjtuross/syno-iptables-compile
spksrc那边不知道为什么到现在都不更新7.2内核代码,群晖早放出来了,你说的那个分支貌似没什么用,不管它了
最新的模块正常使用了吗?
Windman1320
commented
11 months ago 用备用方法编译的,在这儿https://github.com/sjtuross/syno-iptables-compile
spksrc那边不知道为什么到现在都不更新7.2内核代码,群晖早放出来了,你说的那个分支貌似没什么用,不管它了
最新的模块正常使用了吗?
能是能用,但是不知道为啥需要先手动insmod第二部分的ko一次(start那个脚本已经加上了insmod),然后在dsm里面修复docker,重启就得重新insmod+修复一遍
sjtuross
commented
11 months ago https://github.com/sjtuross/syno-iptables/wiki/原生Docker-IPv6-NAT模式-(DSM-7)
这里面有一个额外更新/var/packages/Docker/etc/dockerd.json的命令以及重启2次Docker的说明,看看有没有做过,当时 #13 遇到的问题
ko模块是否已加载,可以通过lsmod来确认
Windman1320
commented
11 months ago https://github.com/sjtuross/syno-iptables/wiki/原生Docker-IPv6-NAT模式-(DSM-7)
这里面有一个额外更新
/var/packages/Docker/etc/dockerd.json的命令以及重启2次Docker的说明,看看有没有做过,当时 #13 遇到的问题ko模块是否已加载,可以通过
lsmod来确认
启动脚本被重置了,我再加上命令重启试试
Windman1320
commented
11 months ago https://github.com/sjtuross/syno-iptables/wiki/原生Docker-IPv6-NAT模式-(DSM-7)
这里面有一个额外更新
/var/packages/Docker/etc/dockerd.json的命令以及重启2次Docker的说明,看看有没有做过,当时 #13 遇到的问题ko模块是否已加载,可以通过
lsmod来确认
看起来ko模块加载有问题,重启后lsmod只有1个ko加载:
重启前:
重启后:
查看内核日志发现module一直在被移除,原因未知:
root@DiskStation:~# dmesg | grep Module
[ 3.545544] ACPI: Added _OSI(Module Device)
[ 30.490065] Loaded X.509 cert 'Synology Kernel Module Signing Certification Authority: 600839b5d127e0e11d817a31f0575d323a7c0e28'
[ 45.782791] Module [geminilake_synobios] is removed.
[ 60.818845] systemd[1]: Starting Load Kernel Modules...
[ 71.009054] Module [nf_conntrack_ipv6] is removed.
[ 71.072016] Module [nf_defrag_ipv6] is removed.
[ 71.103723] Module [ip6table_filter] is removed.
[ 71.127002] Module [ip6_tables] is removed.
[ 71.151640] Module [xt_recent] is removed.
[ 71.184615] Module [xt_iprange] is removed.
[ 71.205530] Module [xt_limit] is removed.
[ 71.215788] Module [xt_state] is removed.
[ 71.243603] Module [xt_tcpudp] is removed.
[ 71.273451] Module [xt_multiport] is removed.
[ 71.286657] Module [xt_LOG] is removed.
[ 71.307069] Module [nf_conntrack_ipv4] is removed.
[ 71.372977] Module [nf_conntrack] is removed.
[ 71.429052] Module [nf_defrag_ipv4] is removed.
[ 71.450721] Module [iptable_filter] is removed.
[ 71.470020] Module [ip_tables] is removed.
[ 71.490021] Module [x_tables] is removed.
[ 72.680794] Module [nf_conntrack_ipv6] is removed.
[ 72.736948] Module [nf_defrag_ipv6] is removed.
[ 72.775263] Module [ip6table_filter] is removed.
[ 72.799386] Module [ip6_tables] is removed.
[ 84.901742] Module [nf_conntrack_ipv6] is removed.
[ 85.304814] Module [nf_defrag_ipv6] is removed.
[ 85.381541] Module [ip6table_filter] is removed.
[ 85.412173] Module [ip6_tables] is removed.
[ 100.027034] Module [nf_conntrack_ipv6] is removed.
[ 100.083891] Module [nf_defrag_ipv6] is removed.
[ 100.104798] Module [ip6table_filter] is removed.
[ 100.121840] Module [ip6_tables] is removed.
[ 100.145913] Module [ipt_MASQUERADE] is removed.
[ 100.159937] Module [nf_nat_masquerade_ipv4] is removed.
[ 100.176851] Module [xt_REDIRECT] is removed.
[ 100.185873] Module [nf_nat_redirect] is removed.
[ 100.200627] Module [xt_nat] is removed.
[ 100.213769] Module [iptable_nat] is removed.
[ 100.230900] Module [nf_nat_ipv4] is removed.
[ 100.255984] Module [nf_nat] is removed.
[ 104.965607] Module [nf_conntrack_ipv6] is removed.
[ 105.022743] Module [nf_defrag_ipv6] is removed.
[ 105.049350] Module [ip6table_filter] is removed.
[ 105.064744] Module [ip6_tables] is removed.
[ 109.797391] Module [nf_conntrack_ipv6] is removed.
[ 109.867680] Module [nf_defrag_ipv6] is removed.
[ 109.896990] Module [ip6table_filter] is removed.
[ 109.925708] Module [ip6_tables] is removed.
[ 118.083760] Module [nf_conntrack_ipv6] is removed.
[ 118.154532] Module [nf_defrag_ipv6] is removed.
[ 118.187409] Module [ip6table_filter] is removed.
[ 118.205416] Module [ip6_tables] is removed.
[ 120.503858] Module [nf_conntrack_ipv6] is removed.
[ 120.567404] Module [nf_defrag_ipv6] is removed.
[ 120.597081] Module [ip6table_filter] is removed.
[ 120.615392] Module [ip6_tables] is removed.
[ 122.708200] Module [nf_conntrack_ipv6] is removed.
[ 122.770368] Module [nf_defrag_ipv6] is removed.
[ 122.799195] Module [ip6table_filter] is removed.
[ 122.815315] Module [ip6_tables] is removed.
[ 130.437963] Module [nf_conntrack_ipv6] is removed.
[ 130.498212] Module [nf_defrag_ipv6] is removed.
[ 130.531715] Module [ip6table_filter] is removed.
[ 130.550206] Module [ip6_tables] is removed.
[ 130.558844] Module [ip6_tables] is removed.
[ 150.915822] Module [nf_conntrack_ipv6] is removed.
[ 150.973704] Module [nf_defrag_ipv6] is removed.
[ 151.004908] Module [ip6table_filter] is removed.
[ 151.023686] Module [ip6_tables] is removed模块本身没有问题,现在的问题是如何实现重启自动加载,要么试试计划任务加载模块,我暂时没有7.2可以测试
Windman1320
commented
11 months ago 模块本身没有问题,现在的问题是如何实现重启自动加载,要么试试计划任务加载模块,我暂时没有7.2可以测试
解决方案:在/usr/local/etc/rc.d下面新建一个开机自动运行的脚本加载module,ko之间有依赖,我大致捋了一下 目前在我的7.2.1上面重启后也能生效 参考:https://github.com/robertklep/dsm7-usb-serial-drivers
#!/bin/sh
case $1 in
start)
insmod /lib/modules/nfnetlink.ko &> /dev/null
insmod /lib/modules/ip_set.ko &> /dev/null
insmod /lib/modules/ip_set_hash_ip.ko &> /dev/null
insmod /lib/modules/xt_set.ko &> /dev/null
insmod /lib/modules/ip_set_hash_net.ko &> /dev/null
insmod /lib/modules/xt_mark.ko &> /dev/null
insmod /lib/modules/xt_connmark.ko &> /dev/null
insmod /lib/modules/xt_comment.ko &> /dev/null
insmod /lib/modules/nf_conntrack_ipv6.ko &> /dev/null
insmod /lib/modules/nf_defrag_ipv6.ko &> /dev/null
insmod /lib/modules/xt_TPROXY.ko &> /dev/null
insmod /lib/modules/xt_socket.ko &> /dev/null
insmod /lib/modules/iptable_mangle.ko &> /dev/null
insmod /lib/modules/textsearch.ko &> /dev/null
insmod /lib/modules/ts_bm.ko &> /dev/null
insmod /lib/modules/xt_string.ko &> /dev/null
insmod /lib/modules/ip6_tables.ko &> /dev/null
insmod /lib/modules/nf_nat.ko &> /dev/null
insmod /lib/modules/nf_nat_ipv6.ko &> /dev/null
insmod /lib/modules/nf_nat_masquerade_ipv6.ko &> /dev/null
insmod /lib/modules/ip6t_MASQUERADE.ko &> /dev/null
insmod /lib/modules/ip6table_nat.ko &> /dev/null
insmod /lib/modules/ip6table_raw.ko &> /dev/null
insmod /lib/modules/ip6table_mangle.ko &> /dev/null
;;
stop)
exit 0
;;
*)
exit 1
;;
esac挺好,有空我把Wiki里通用模块加载方法改成你这个
那Docker还需要再修复一遍吗?
Windman1320
commented
11 months ago 挺好,有空我把Wiki里通用模块加载方法改成你这个
那Docker还需要再修复一遍吗?
docker启动脚本你wiki中的应该对7.2.1无效了(可能是依赖和缺失加载部分ko问题),当前仍然是参考wiki中的修复状态,我没测试替换成加载脚本里面的所有ko能否使用,有时间我再测试下,今天折腾了太久不想搞了
Windman1320
commented
11 months ago @sjtuross wiki可以开放一下contributor权限么,我更新下7.2.1的加载。原wiki start-stop-status脚本方法已测试,使用脚本中的mod列表,重启后可以生效。两种方式均ok,修改docker 启动脚本方式看起来更友好一点
sjtuross
commented
11 months ago 感谢测试,Wiki权限已开
Windman1320
commented
11 months ago so ko大佬已更新,使用方法已更新 #29 ,在DSM 920+ 69057实测,update1 应该不会有太大变动
跪求7.2.1版本可用的ko模块和so模块,DS918+
DS918+的架构为apollolake DS918+ DSM 7.2.1-69057 Update 1系统内核为4.4.302+
找遍了全网都找不到解决的方案