Line 17: Line 17:
First, get the 2.4.20 linux kernel (assuming Debian here folks! May need the unstable apt-site in your /etc/apt/sources.list) First, get the 2.4.20 linux kernel (assuming Debian here folks! May need the unstable apt-site in your /etc/apt/sources.list) [[BR]]

Here we go loop de loo here we go loop de lai... [get | view] (23.3 KB) attachment:config-2.4.20-imq [get | view] (10.8 KB) attachment:nocat.conf [get | view] (7.6 KB) attachment:initialize.fw [get | view] (6.1 KB) attachment:throttle.fw [get | view] (10 KB) attachment:libipt_IMQ-1.2.6a.tar.gz [get | view] (21.5 KB) attachment:imq-2.4.18-combo-patch.txt

This text assumes that you have: BR * A working NoCat Gateway BR * A working NoCat AuthServer BR * A Debian box running the NoCat Gateway BR * Enough patience to slog through this BR

IMQ was the solution: http://luxik.cdi.cz/~patrick/imq/index.html

First, get the 2.4.20 linux kernel (assuming Debian here folks! May need the unstable apt-site in your /etc/apt/sources.list) BR # apt-get update BR # apt-get install gcc libcurses5 libcurses5-dev kernel-package kernel-headers-2.4.20 kernel-source-2.4.20 BR # cd /usr/src BR # bunzip2 kernel-source-2.4.20.tar.bz2 BR # tar xvvf kernel-source-2.4.20.tar BR

To install the IMQ Patch (from the FAQ):

Get the combo patch attachment:imq-2.4.18-combo-patch.txt and the precompiled shared libs attachment:libipt_IMQ-1.2.6a.tar.gz matching your iptables version (iptables -V - was 1.2.6a for me).

Put the patch file in /usr/src

# cd /usr/src/linux BR # patch -p1 <../imq-2.4.18.diff-combo-6BR -- (make sure it's the right name you saved from above) BR -- find where iptables keeps its shared libraries (/lib/iptables and /usr/lib/iptables is common) BR # tar xvzf libipt_IMQ-1.2.6a.tar.gz -C /lib/iptables BR

Then you need to make and install your kernel. Here's my .config attachment:config-2.4.20-imq file that I used to compile my kernel. It's a pretty stock 2.4.20 kernel, patched with the IMQ patch.

# cd /usr/src/linux BR # make menuconfig BR

You will have three new options: Networking options ---> IP: Netfilter Configuration --->IMQ target support Networking options ---> IPv6: Netfilter Configuration --->IMQ target support Network device support --->IMQ (intermediate queueing device) support

Choose at least one of the targets and the device itself. Netfilter debugging should be turned off, otherwise cou get lots of annoying messages.

# make dep modules bzImage modules_install

or, for debian, I use Thing's Kernel Recompile Page: http://www.thing.dyndns.org/debian/kerneldeb.htm # make dep BR # make-kpkg cleanBR # make-kpkg --revision=thing.2.0 kernel_imageBR # type dpkg -i name_of_the_kernel.debBR -- May give you a warning to move your libraries if you're on the same kernel level. If so, you can do this: BR # mv /lib/modules/2.4.20 /lib/modules/2.4.20-oldBR -- and retry installing

Next, replace the throttle.fw attachment:throttle.fw initialize.fw attachment:initialize.fw and access.fw attachment:access.fw scripts, typically located in /usr/local/nocat/bin

