linux虚拟网桥的构建和WAN的连接

系统环境

编译环境：ubuntu 14.04 x86_64
运行平台：IMX6Q平台
说明：系统中所有#开头的字符行表示该行为linux命令行。

工具链

编译dhcp

由于需要动态IP分配，因此在这里编译dhcp，获取dpch服务器，编译命令如下：

#tar xvzf dhcp-4.2.0-P2.tar.gz 
#echo ac_cv_file__dev_random=yes > config.cache
#./configure --prefix=/${PWD}/install --host=arm-linux-gnueabihf --cache-file=config.cache
#make && make install

当出现如下信息”Configuring BIND Export libraries for DHCP”并且进入后面的输出信息时，按下CRT+C，停止编译，并运行如下命令：

删除所有Makefile中的-Werror编译项
#find ./ -name Makefile|xargs sed -i 's/\-Werror/\ /g'
在bind/bind-9.7.1/lib/export/dns/Makefile.in的163行将"${CC}"替换成"${BUILD_CC}" 
#sed -i '163s/${CC}/${BUILD_CC}/g'  bind/bind-9.7.1/lib/export/dns/Makefile.in
在文件bind/Makefile 的48行将"./configure"替换成"BUILD_CC=gcc ./configure --host=arm-linux-gnueabihf --with-randomdev=/dev/random" 
#sed -i '48s/\.\/configure/BUILD_CC=gcc \.\/configure \--host=arm\-linux\-gnueabihf \--with\-randomdev=\/dev\/random/g' bind/Makefile
#make && make install

编译iptables

iptables依赖于libmnl libnftnl

编译libnftnl库

#tar xvjf libmnl-1.0.3.tar.bz2 -C./
#./configure --prefix=${PWD}/install --host=arm-linux-gnueabihf CC=arm-linux-gnueabihf-gcc
#make && make install

编译libnftnl库

#tar xvjf libnftnl-1.0.5.tar.bz2 -C./
#./configure --host=arm-linux-gnueabihf --prefix=${PWD}/install CC=arm-linux-gnueabihf-gcc PKG_CONFIG_PATH=../libmnl-1.0.3/install/lib/pkgconfig
#make &&make install

编译iptables

#./configure --host=arm-linux-gnueabihf --prefix=${PWD}/install --enable-static --disable-shared --with-ksource=/home/pengrui/my-imx6/02_source/imx-3.14.52_1.0.o_ga/kernel/linux-3.14.52 libmnl_CFLAGS=-I/home/pengrui/my-imx6/02_source/imx-3.14.52_1.0.o_ga/tools/libmnl-1.0.3/install/include libmnl_LIBS="-L/home/pengrui/my-imx6/02_source/imx-3.14.52_1.0.o_ga/tools/libmnl-1.0.3/install/lib -lnftnl" libnftnl_CFLAGS=-I/home/pengrui/my-imx6/02_source/imx-3.14.52_1.0.o_ga/tools/libnftnl-1.0.5/install/include libnftnl_LIBS="-L/home/pengrui/my-imx6/02_source/imx-3.14.52_1.0.o_ga/tools/libnftnl-1.0.5/install/lib -lmnl"
#make && make install

编译bridge-utils

#autoconf
#./configure --prefix=$PWD/install --host=arm-linux-gnueabihf CC=arm-linux-gnueabihf-gcc
#make&&make install

配置内核

增加NAT支持

Networking support —> Networking options —> Network packet filtering framework (Netfilter)

Core Netfilter configuration 选择如下配置：
<*>Netfilter connection tracking support
<*>Netfilter Xtables support (required for ip_tables)
![linux内核添加NAT支持](http://img.blog.csdn.net/20160524190417233)
<*>IPv4 connection tracking support (required for NAT)
  <*> proc/sysctl compatibility with old connection tracking
  <*> IP tables support (required for filtering/masq/NAT)
  <*>   Packet filtering
  <*>     REJECT target support
  <*>   IPv4 NAT
  <*>       MASQUERADE target support
  <*>       NETMAP target support
<*>         REDIRECT target support

增加对网桥支持

配置网桥

brctl addbr br-lan//创建一个虚拟网桥
ifconfig eth0 down
ifconfig eth1 down
ifconfig wlan0 down
iw dev wlan0 set 4addr on//不允许此步骤，无法将wlan0加入网桥
ifconfig br-lan 192.168.1.1 netmask 255.255.255.0  up
dhcpd br-lan
ifconfig eth0 up
ifconfig eth1 up
ifconfig wlan0 up
hostpad –d /etc/hostapd.conf -B
/etc/dhcod.conf
subnet 192.168.1.0 netmask 255.255.255.0 {
  range dynamic-bootp 192.168.1.10 192.168.1.60;
# option broadcast-address 10.254.239.31;
  option domain-name-servers 210.21.4.130;
  option routers 192.168.1.1;
}
touch /var/db/dhcpd.leases
dhcpd wlan0 -pf /var/run/dhcpd.pid//动态分配IP地址
iptables -t nat -A POSTROUTING -o wwan0 -j MASQUERADE//设置NAT转发规则