2022年5月11日 星期三

AMD64 Ubuntu rootfs howto

 1. Preparing the packages in host

sudo apt-get install  debootstrap qemu-user-static

2. Download the packages for ubuntu rootfs
debootstrap_dir=ubuntu-arm64-jammy
sudo debootstrap --arch arm64 --foreign jammy "$debootstrap_dir" http://ports.ubuntu.com/ubuntu-ports

3. Install the packages/ second-stage
sudo mkdir -p "${debootstrap_dir}/usr/bin"
sudo cp "$(which qemu-aarch64-static)" "${debootstrap_dir}/usr/bin"
sudo chroot "$debootstrap_dir" /debootstrap/debootstrap --second-stage

4. Remove the passwd of root
sudo chroot "$debootstrap_dir"
Edit /etc/passwd and /etc/shadow, remove the "*" in between ":" and ":" in root:....

5. Enable UART console
sudo chroot ${debootstrap_dir}
ln  -sf /lib/systemd/system/serial-getty\@.service /lib/systemd/system/getty.target.wants/

6. /etc/network/interfaces
sudo apt install ifupdown
vi /etc/network/interface
-----
source /etc/network/interfaces.d/*

# The loopback network interface
auto lo
iface lo inet loopback

auto eth0
iface eth0 inet dhcp

# The intranet network interface
auto eth1
iface eth1 inet static
     address 10.19.132.49
     netmask 255.255.254.0

7. Add locale
sudo vi /etc/locale.gen
umakrk en_US.UTF-8 UTF-8 and zh_TW.UTF-8 UTF-8
sudo locale-gen


source.list
==================================================
deb http://tw.ports.ubuntu.com/ bionic main restricted universe multiverse
deb http://tw.ports.ubuntu.com/ bionic-updates main restricted universe multiverse

deb http://tw.ports.ubuntu.com/ubuntu-ports bionic main restricted
deb http://tw.ports.ubuntu.com/ubuntu-ports bionic-updates main restricted
deb-src http://tw.ports.ubuntu.com/ubuntu-ports bionic main restricted universe multiverse
deb-src http://tw.ports.ubuntu.com/ubuntu-ports bionic-updates main restricted universe multiverse
deb http://tw.ports.ubuntu.com/ubuntu-ports bionic universe
deb http://tw.ports.ubuntu.com/ubuntu-ports bionic-updates universe
deb http://tw.ports.ubuntu.com/ubuntu-ports bionic multiverse
deb http://tw.ports.ubuntu.com/ubuntu-ports bionic-updates multiverse

deb http://tw.ports.ubuntu.com/ bionic-security main restricted universe multiverse

SNAT
================================
echo "Setting IP Masquerading...."
echo 1 > /proc/sys/net/ipv4/ip_forward
WAN_IP=`ifconfig eth0 | grep "inet addr:" | cut -d ":" -f 2 | cut -d " " -f 1`

echo "Setting iptables..... "
/sbin/iptables -F
/sbin/iptables -t nat -F
/sbin/iptables -P FORWARD DROP

# Block access to 208.46.65.0/24
/sbin/iptables -A OUTPUT -d 208.48.65.0/24 -j DROP

/sbin/iptables -A FORWARD -s 192.168.0.0/24 -j ACCEPT
/sbin/iptables -A FORWARD -d 192.168.0.0/24 -j ACCEPT
/sbin/iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -j SNAT --to-source ${WAN_IP}

#172.23.68.32
/sbin/iptables -A FORWARD -s 172.23.68.32 -j ACCEPT
/sbin/iptables -A FORWARD -d 172.23.68.32 -j ACCEPT
/sbin/iptables -t nat -A POSTROUTING -s 172.23.68.32 -j SNAT --to-source ${WAN_IP}

Route table
============================
ip route add 10.0.0.0/8 via 10.19.132.1
ip route del default
ip route add default via 10.19.132.49(Z2X)

rc.local
=============
ln -fs /lib/systemd/system/rc-local.service /etc/systemd/system/rc-local.service

touch /etc/rc.local

chmod 755 /etc/rc.local

EDIT /etc/rc.local
-----
#!/bin/bash

echo "test rc " > /var/test.log

exit 0


By

沒有留言:

張貼留言

訂閱: 張貼留言 (Atom)