Key Pages: [ Rope Home Page | Basics (tutorial) | Language Reference | Download ]

Building The Rope Software

Please note..

  • These notes refer to versions of rope released on or after 23/Dec/2005 (ie 20051223 or greater). For earlier versions, please refer to ManualBuilding.
  • If you are interested in using "rope" but are not comfortable with compiling your own linux kernel, I am happy to do the work for you for a small fee.

Introduction

In order to install the rope software into your linux system, your must perform three key steps..

  • Install "rope" support into the linux kernel.
  • Add "rope" support into the "iptables" tools.
  • Install the "rope" utility software (compiler and user-mode testing tools).

These steps can be performed in any one of four ways, namely ..

This page takes you through the process of installing rope using either of the "DIY" approaches above.

Before attempting to install Rope using either of these techniques, you will need..

  • The sources for your running kernel (must be 2.4.x or 2.6.x).
  • The sources for the version of iptables you are using.

I strongly recommend checking that you can compile the iptables module and kernel before you try to add Rope to them. Make sure the compilation works, and that the resulting code runs before proceeding.

Installing Using Patch-o-matic-ng

First check that you can compile the linux kernel and "iptables", and that the compiled code works, then..

1: Create an empty working directory

  • Use "mkdir" to create a new directory. The name is completely up to you.

2: Download patch-o-matic-ng

  • If you dont already have a recent copy, visit the NetFilter home page and download the most recent version.
  • Un-tar the source into the working directory you created earlier.

3: Download Rope

  • Download the rope source code, making sure you collect a version released on or after 20051223. For most cases, you should almost certainly collect the most recent version.
  • Un-tar the source into the working directory you created earlier (beside the un-tarred patch-o-matic-ng directory), using commands like..
    • cd my-working-directory
    • tar xvfz rope-20051223.tgz

4: Patch patch-o-matic-ng

  • Backup your patch-o-matic-ng directory first, in case anything goes wrong.
  • "cd" into the un-tarred Rope directory, using a command that looks something like..
    • cd my-working-directory/rope-20051223
  • Run "make" to add the required files into the patch-o-matic-ng directory, using the command..
    • make POMNG_DIR=../patch-o-matic-ng patch-pom-ng

5: Use patch-o-matic-ng to patch the kernel and iptables

  • Backup your kernel and iptables sources (in case anything goes wrong).
  • "cd" into the patch-o-matic-ng directory, using a command like..
    • cd my-working-directory/patch-o-matic-ng
  • Apply the Rope software patch using the "runme" command, like this (with the paths adjusted to match the locations of the sources on your system).
    • KERNEL_DIR=/usr/src/linux-2.6 IPTABLES_DIR=/usr/src/iptables-1.2.8 ./runme rope

For more information about using patch-o-matic-ng, refer to the "README" file in its directory tree, or the NetFilter web site.

6: Compile and install the new kernel

  • Refer to the kernels own documentation on how to compile and install it, but in summary you will need to do something like the following, but dont treat these as verbatim steps without first checking the right approach for your distribution. Getting something wrong here could break your system, and cause it to be un-bootable.
    • For linux 2.4.x ..
      • cd /usr/src/linux-2.4
      • make clean
      • make oldconfig
      • make dep bzImage modules
      • make install modules_install
    • For linux 2.6.x ..
      • cd /usr/src/linux-2.6
      • make oldconfig
      • make
      • make install modules_install

7: Compile and install the patched iptables tools

  • Refer to the iptables/NetFilter documentation (or the iptables "INSTALL" file) for information on how to compile and install it, but in summary you will need to do something like the following. But: first check for the right approach for your distribution.
    • cd /usr/src/iptables-1.3.0
    • make KERNEL_DIR=/usr/src/linux-2.4
    • make install KERNEL_DIR=/usr/src/linux-2.4

8: Compile and install Rope tools and scripts

  • Run "make" to build the Rope compiler utility, the sample scripts and the user-mode script testing environment. Do this using the commands..
    • cd my-working-directory/rope-20051223
    • make install
  • Now you can write your own scripts and compile them using the "ropec" utility, or use the supplied samples in iptable chains. Please refer to http://www.digitage.co.uk/rope for documentation and examples.

Installing Without Patch-o-matic-ng

If you dont wish to use patch-o-matic-ng, you can install rope directly into the kernel and iptables utility using the make file. Before proceeding, check that you can compile the linux kernel and "iptables", and that the compiled code works properly. Once checked, follow these steps..

1: Create an empty working directory

  • Use "mkdir" to create a new directory. The name is completely up to you.

2: Download Rope

  • Download the rope source code, making sure you collect a version released on or after 20051223. For most cases, you should almost certainly collect the most recent version.
  • Un-tar the source into the working directory you created earlier, using commands like..
    • cd my-working-directory
    • tar xvfz rope-20051223.tgz

3: Patch the kernel

  • Backup your kernel source code (/usr/src/linux-2.4, or your equivalent).
  • "cd" into the un-tarred Rope directory, using a command that looks something like..
    • cd my-working-directory/rope-20051223
  • Run "make" to apply the Rope patches, using a command like..
    • make KERNEL_DIR=/usr/src/linux-2.4 patch-kernel

4: Compile and install the new kernel

  • Refer to the kernels own documentation on how to compile and install it, but in summary you will need to do something like the following, but dont treat these as verbatim steps without first checking the right approach for your distribution. Getting something wrong here could break your system, and cause it to be un-bootable.
    • For linux 2.4.x ..
      • cd /usr/src/linux-2.4
      • make clean
      • make oldconfig
      • make dep bzImage modules
      • make install modules_install
    • For linux 2.6.x ..
      • cd /usr/src/linux-2.6
      • make oldconfig
      • make
      • make install modules_install

5: Patch iptables

  • Backup your iptables source code (/usr/src/iptables-1.3.0, or your local equivalent).
  • "cd" into the un-tarred Rope directory, using a command that looks something like..
    • cd my-working-directory/rope-20051223
  • Run "make" to apply the Rope patches, using a command like..
    • make IPTABLES_DIR=/usr/src/iptables-1.3.0 patch-iptables

6: Compile and install the patched iptables tools

  • Refer to the iptables/NetFilter documentation (or the iptables "INSTALL" file) for information on how to compile and install it, but in summary you will need to do something like the following. But: first check for the right approach for your distribution.
    • cd /usr/src/iptables-1.3.0
    • make KERNEL_DIR=/usr/src/linux-2.4
    • make install KERNEL_DIR=/usr/src/linux-2.4

7: Compile and install Rope tools and scripts

  • Run "make" to build the Rope compiler utility, the sample scripts and the user-mode script testing environment. Do this using the commands..
    • cd my-working-directory/rope-20051223
    • make install
  • Now you can write your own scripts and compile them using the "ropec" utility, or use the supplied samples in iptable chains. Please refer to http://www.digitage.co.uk/rope for documentation and examples.

Scroll to Top