Compiling xt_TPROXY for ddwrtIt surprised me a bit that ddwrt (Kong build) is not shipped with xt_TPROXY.
Fortunately it’s possible to compile kernel modules for ddwrt and load them later.
The major steps are already explained in Compiling the xt_set.ko module, however I run into several issues that were not metioned in that post.
- I have to run
make ARCH=arm prepare before makeing the source; Several private drivers are missing from ddwrt’s source tree, preventing make prepare from completing:
1 drivers/net/wireless/Kconfig:288: can't open file "drivers/net/wireless/rt3352/rt2860v2_ap/Kconfig"
I’m not quite familiar with Kconfig, so I simply remove the reference to those offending drivers from drivers/net/wireless/Kconfig.
.config_northstar_smp is actually for Broadcom’s Northstar series chips, but yes, my router is using that series too.
I’m setting CONFIG_NETFILTER_XT_TARGET_TPROXY to m.
The module can be loaded in ddwrt’s startup command with insmod.
You can get the module I compiled for Linux 4.4 here. Due to the instability of the kernel ABI, it’s likely that it won’t run on any other version of Linux. However, IT’S HIGHLY DISCOURAGED TO USE IT ON YOUR OWN ROUTER AS IT’S RUNNING IN SUPERVISOR MODE AND CAN DO ANYTHING HARMFUL to your router and your network. I post it here for my own backup. This module also contains my workaround for xt_TPROXY under 4.4 kernel, you may also apply the patch before compilation if you’d like (but please, REVIEW THE PATCH BEFORE APPLYING IT.).
It surprised me a bit that ddwrt (Kong build) is not shipped with xt_TPROXY.
Fortunately it’s possible to compile kernel modules for ddwrt and load them later.
The major steps are already explained in Compiling the xt_set.ko module, however I run into several issues that were not metioned in that post.
- I have to run
make ARCH=arm preparebeforemakeing the source; Several private drivers are missing from ddwrt’s source tree, preventing
make preparefrom completing:1drivers/net/wireless/Kconfig:288: can't open file "drivers/net/wireless/rt3352/rt2860v2_ap/Kconfig"I’m not quite familiar with
Kconfig, so I simply remove the reference to those offending drivers fromdrivers/net/wireless/Kconfig..config_northstar_smpis actually for Broadcom’s Northstar series chips, but yes, my router is using that series too.I’m setting
CONFIG_NETFILTER_XT_TARGET_TPROXYtom.
The module can be loaded in ddwrt’s startup command with insmod.
You can get the module I compiled for Linux 4.4 here. Due to the instability of the kernel ABI, it’s likely that it won’t run on any other version of Linux. However, IT’S HIGHLY DISCOURAGED TO USE IT ON YOUR OWN ROUTER AS IT’S RUNNING IN SUPERVISOR MODE AND CAN DO ANYTHING HARMFUL to your router and your network. I post it here for my own backup. This module also contains my workaround for xt_TPROXY under 4.4 kernel, you may also apply the patch before compilation if you’d like (but please, REVIEW THE PATCH BEFORE APPLYING IT.).