ebuild for 西厢计划（west-chamber)

qiaomuf

Post by nainaide;2075839
太好了，刚刚同步了gentoo-china, 可以访问youtube了，明显比tor快。

但还是在stop west-chamber时报错了：

额，看来我们的校园网确实是杯具了

nainaide

Post by zhllg;2075846
配置文件在/etc/west-chamber里
还有/etc/cond.d/west-chamber

谢谢，忽略了前面的帖子。

关于facebook还真是有些问题：

我在网上查到facebook的地址范围：（参考下面的链接）
http://compnetworking.about.com/ ... book-ip-address.htm

There is a range of IP addresses used by Facebook.

*  66.220.144.0 - 66.220.159.255
* 69.63.176.0 - 69.63.191.255
* 204.15.20.0 - 204.15.23.255

69.63.181.*
69.63.184.*
69.63.186.*
69.63.187.*

试了几次都没成功，有哪位做成了讲一下。

tnfmg

“注意ipset的版本应该大于4.2，否则hash表扩大的时候某种参数设置可能会导致kernel oops。 ”（via：http://code.google.com/p/scholarzhang/wiki/USAGE）

这是针对上面有人出现问题：
｛
# iptables -A INPUT -p tcp --sport 80 --tcp-flags FIN,SYN,RST,ACK SYN,ACK -m state --state ESTABLISHED -m set --match-set NOCLIP src -j ZHANG

iptables v1.4.7: Set NOCLIP doesn't exist.

Try `ipables -h' or 'iptables --help' for more information.
｝


话说可以在ebuild里加上ipset版本判断的不？这样方便一些。。

qingxiaojin

emerge失敗，请问是什么原因？

>>> Failed to emerge net-firewall/west-chamber-0.0.1-r2, Log file:

>>>  '/var/tmp/portage/net-firewall/west-chamber-0.0.1-r2/temp/build.log'

build.log如下:

[32;01m* CPV:  net-firewall/west-chamber-0.0.1-r2
* REPO: gentoo-china
* USE:  amd64 elibc_glibc ipset kernel_linux multilib userland_GNU xtables_addons_cui xtables_addons_gfw xtables_addons_zhang
* Determining the location of the kernel source code
* Found kernel source directory:
*     /usr/src/linux
* Found kernel object directory:
*     /lib/modules/2.6.31-gentoo-r6/build
* Found sources for kernel version:
*     2.6.31-gentoo-r6
* Checking for suitable kernel configuration options...
  [ ok ]
>>> Unpacking source...
>>> Unpacking west-chamber-0.0.1.tar.gz to /var/tmp/portage/net-firewall/west-chamber-0.0.1-r2/work
>>> Source unpacked in /var/tmp/portage/net-firewall/west-chamber-0.0.1-r2/work
>>> Preparing source in /var/tmp/portage/net-firewall/west-chamber-0.0.1-r2/work/west-chamber-0.0.1 ...
>>> Source prepared.
>>> Configuring source in /var/tmp/portage/net-firewall/west-chamber-0.0.1-r2/work/west-chamber-0.0.1 ...
libtoolize: putting auxiliary files in `.'.
libtoolize: copying file `./ltmain.sh'
libtoolize: putting macros in AC_CONFIG_MACRO_DIR, `m4'.
libtoolize: copying file `m4/libtool.m4'
libtoolize: copying file `m4/ltoptions.m4'
libtoolize: copying file `m4/ltsugar.m4'
libtoolize: copying file `m4/ltversion.m4'
libtoolize: copying file `m4/lt~obsolete.m4'
configure.ac:8: installing `./compile'
configure.ac:10: installing `./config.guess'
configure.ac:10: installing `./config.sub'
configure.ac:5: installing `./install-sh'
configure.ac:6: installing `./missing'
extensions/ipset/Makefile.am: installing `./depcomp'
* econf: updating west-chamber-0.0.1/config.guess with /usr/share/gnuconfig/config.guess
* econf: updating west-chamber-0.0.1/config.sub with /usr/share/gnuconfig/config.sub
./configure --prefix=/usr --build=x86_64-pc-linux-gnu --host=x86_64-pc-linux-gnu --mandir=/usr/share/man --infodir=/usr/share/info --datadir=/usr/share --sysconfdir=/etc --localstatedir=/var/lib --libdir=/lib64 --prefix=/ --libexecdir=/lib/ --with-kbuild=/usr/src/linux
checking for a BSD-compatible install... /usr/bin/install -c
checking whether build environment is sane... yes
checking for a thread-safe mkdir -p... /bin/mkdir -p
checking for gawk... gawk
checking whether make sets $(MAKE)... yes
checking for x86_64-pc-linux-gnu-gcc... x86_64-pc-linux-gnu-gcc
checking for C compiler default output file name... a.out
checking whether the C compiler works... yes
checking whether we are cross compiling... no
checking for suffix of executables...
checking for suffix of object files... o
checking whether we are using the GNU C compiler... yes
checking whether x86_64-pc-linux-gnu-gcc accepts -g... yes
checking for x86_64-pc-linux-gnu-gcc option to accept ISO C89... none needed
checking for style of include used by make... GNU
checking dependency style of x86_64-pc-linux-gnu-gcc... gcc3
checking whether x86_64-pc-linux-gnu-gcc and cc understand -c and -o together... yes
checking build system type... x86_64-pc-linux-gnu
checking host system type... x86_64-pc-linux-gnu
checking for a sed that does not truncate output... /bin/sed
checking for grep that handles long lines and -e... /bin/grep
checking for egrep... /bin/grep -E
checking for fgrep... /bin/grep -F
checking for ld used by x86_64-pc-linux-gnu-gcc... /usr/x86_64-pc-linux-gnu/bin/ld
checking if the linker (/usr/x86_64-pc-linux-gnu/bin/ld) is GNU ld... yes
checking for BSD- or MS-compatible name lister (nm)... /usr/bin/nm -B
checking the name lister (/usr/bin/nm -B) interface... BSD nm
checking whether ln -s works... yes
checking the maximum length of command line arguments... 1572864
checking whether the shell understands some XSI constructs... yes
checking whether the shell understands "+="... yes
checking for /usr/x86_64-pc-linux-gnu/bin/ld option to reload object files... -r
checking for x86_64-pc-linux-gnu-objdump... x86_64-pc-linux-gnu-objdump
checking how to recognize dependent libraries... pass_all
checking for x86_64-pc-linux-gnu-ar... x86_64-pc-linux-gnu-ar
checking for x86_64-pc-linux-gnu-strip... x86_64-pc-linux-gnu-strip
checking for x86_64-pc-linux-gnu-ranlib... x86_64-pc-linux-gnu-ranlib
checking command to parse /usr/bin/nm -B output from x86_64-pc-linux-gnu-gcc object... ok
checking how to run the C preprocessor... x86_64-pc-linux-gnu-gcc -E
checking for ANSI C header files... yes
checking for sys/types.h... yes
checking for sys/stat.h... yes
checking for stdlib.h... yes
checking for string.h... yes
checking for memory.h... yes
checking for strings.h... yes
checking for inttypes.h... yes
checking for stdint.h... yes
checking for unistd.h... yes
checking for dlfcn.h... yes
checking for objdir... .libs
checking if x86_64-pc-linux-gnu-gcc supports -fno-rtti -fno-exceptions... no
checking for x86_64-pc-linux-gnu-gcc option to produce PIC... -fPIC -DPIC
checking if x86_64-pc-linux-gnu-gcc PIC flag -fPIC -DPIC works... yes
checking if x86_64-pc-linux-gnu-gcc static flag -static works... yes
checking if x86_64-pc-linux-gnu-gcc supports -c -o file.o... yes
checking if x86_64-pc-linux-gnu-gcc supports -c -o file.o... (cached) yes
checking whether the x86_64-pc-linux-gnu-gcc linker (/usr/x86_64-pc-linux-gnu/bin/ld -m elf_x86_64) supports shared libraries... yes
checking whether -lc should be explicitly linked in... no
checking dynamic linker characteristics... GNU/Linux ld.so
checking how to hardcode library paths into programs... immediate
checking whether stripping libraries is possible... yes
checking if libtool supports shared libraries... yes
checking whether to build shared libraries... yes
checking whether to build static libraries... no
checking for x86_64-pc-linux-gnu-pkg-config... no
checking for pkg-config... /usr/bin/pkg-config
checking pkg-config is at least version 0.9.0... yes
checking for libxtables... yes
checking linux/netfilter/x_tables.h usability... yes
checking linux/netfilter/x_tables.h presence... yes
checking for linux/netfilter/x_tables.h... yes
ACCESS DENIED  unlinkat:     /usr/src/linux-2.6.31-gentoo-r6/.10790.tmp
rm: cannot remove `.10790.tmp': Permission denied
ACCESS DENIED  unlinkat:     /usr/src/linux-2.6.31-gentoo-r6/.10795.tmp
rm: cannot remove `.10795.tmp': Permission denied
ACCESS DENIED  unlinkat:     /usr/src/linux-2.6.31-gentoo-r6/.10801.tmp
rm: cannot remove `.10801.tmp': Permission denied
ACCESS DENIED  unlinkat:     /usr/src/linux-2.6.31-gentoo-r6/.10807.tmp
rm: cannot remove `.10807.tmp': Permission denied
ACCESS DENIED  unlinkat:     /usr/src/linux-2.6.31-gentoo-r6/.10812.tmp
rm: cannot remove `.10812.tmp': Permission denied
ACCESS DENIED  unlinkat:     /usr/src/linux-2.6.31-gentoo-r6/.10817.tmp
rm: cannot remove `.10817.tmp': Permission denied
ACCESS DENIED  unlinkat:     /usr/src/linux-2.6.31-gentoo-r6/.10823.tmp
rm: cannot remove `.10823.tmp': Permission denied
ACCESS DENIED  unlinkat:     /usr/src/linux-2.6.31-gentoo-r6/.10828.tmp
rm: cannot remove `.10828.tmp': Permission denied
ACCESS DENIED  unlinkat:     /usr/src/linux-2.6.31-gentoo-r6/.10833.tmp
rm: cannot remove `.10833.tmp': Permission denied
ACCESS DENIED  unlinkat:     /usr/src/linux-2.6.31-gentoo-r6/.10838.tmp
rm: cannot remove `.10838.tmp': Permission denied
ACCESS DENIED  unlinkat:     /usr/src/linux-2.6.31-gentoo-r6/.10849.tmp
rm: cannot remove `.10849.tmp': Permission denied
Found kernel version 2.6.31.0 in /usr/src/linux
configure: creating ./config.status
config.status: creating Makefile
config.status: creating Makefile.iptrules
config.status: creating Makefile.mans
config.status: creating extensions/Makefile
config.status: creating extensions/ipset/Makefile
config.status: creating config.h
config.status: executing depfiles commands
config.status: executing libtool commands
>>> Source configured.
--------------------------- ACCESS VIOLATION SUMMARY ---------------------------
LOG FILE "/var/log/sandbox/sandbox-8972.log"

VERSION 1.0
FORMAT: F - Function called
FORMAT: S - Access Status
FORMAT: P - Path as passed to function
FORMAT: A - Absolute Path (not canonical)
FORMAT: R - Canonical Path
FORMAT: C - Command Line

F: open_wr
S: deny
P: .10790.tmp
A: /usr/src/linux-2.6.31-gentoo-r6/.10790.tmp
R: /usr/src/linux-2.6.31-gentoo-r6/.10790.tmp
C: /usr/lib/gcc/x86_64-pc-linux-gnu/4.3.4/../../../../x86_64-pc-linux-gnu/bin/as -Qy --64 -o .10790.tmp /var/tmp/portage/net-firewall/west-chamber-0.0.1-r2/temp/cc6FeQBX.s

F: unlinkat
S: deny
P: .10790.tmp
A: /usr/src/linux-2.6.31-gentoo-r6/.10790.tmp
R: /usr/src/linux-2.6.31-gentoo-r6/.10790.tmp
C: rm -f .10790.tmp

F: open_wr
S: deny
P: .10795.tmp
A: /usr/src/linux-2.6.31-gentoo-r6/.10795.tmp
R: /usr/src/linux-2.6.31-gentoo-r6/.10795.tmp
C: /usr/lib/gcc/x86_64-pc-linux-gnu/4.3.4/../../../../x86_64-pc-linux-gnu/bin/as -Qy --64 -o .10795.tmp -

F: unlinkat
S: deny
P: .10795.tmp
A: /usr/src/linux-2.6.31-gentoo-r6/.10795.tmp
R: /usr/src/linux-2.6.31-gentoo-r6/.10795.tmp
C: rm -f .10795.tmp

F: open_wr
S: deny
P: .10801.tmp
A: /usr/src/linux-2.6.31-gentoo-r6/.10801.tmp
R: /usr/src/linux-2.6.31-gentoo-r6/.10801.tmp
C: /usr/lib/gcc/x86_64-pc-linux-gnu/4.3.4/../../../../x86_64-pc-linux-gnu/bin/as -Qy --64 -o .10801.tmp -

F: unlinkat
S: deny
P: .10801.tmp
A: /usr/src/linux-2.6.31-gentoo-r6/.10801.tmp
R: /usr/src/linux-2.6.31-gentoo-r6/.10801.tmp
C: rm -f .10801.tmp

F: open_wr
S: deny
P: .10807.tmp
A: /usr/src/linux-2.6.31-gentoo-r6/.10807.tmp
R: /usr/src/linux-2.6.31-gentoo-r6/.10807.tmp
C: /usr/lib/gcc/x86_64-pc-linux-gnu/4.3.4/../../../../x86_64-pc-linux-gnu/bin/as -Qy --64 -o .10807.tmp -

F: unlinkat
S: deny
P: .10807.tmp
A: /usr/src/linux-2.6.31-gentoo-r6/.10807.tmp
R: /usr/src/linux-2.6.31-gentoo-r6/.10807.tmp
C: rm -f .10807.tmp

F: open_wr
S: deny
P: .10812.tmp
A: /usr/src/linux-2.6.31-gentoo-r6/.10812.tmp
R: /usr/src/linux-2.6.31-gentoo-r6/.10812.tmp
C: /usr/lib/gcc/x86_64-pc-linux-gnu/4.3.4/../../../../x86_64-pc-linux-gnu/bin/as -Qy --64 -o .10812.tmp -

F: unlinkat
S: deny
P: .10812.tmp
A: /usr/src/linux-2.6.31-gentoo-r6/.10812.tmp
R: /usr/src/linux-2.6.31-gentoo-r6/.10812.tmp
C: rm -f .10812.tmp

F: open_wr
S: deny
P: .10817.tmp
A: /usr/src/linux-2.6.31-gentoo-r6/.10817.tmp
R: /usr/src/linux-2.6.31-gentoo-r6/.10817.tmp
C: /usr/lib/gcc/x86_64-pc-linux-gnu/4.3.4/../../../../x86_64-pc-linux-gnu/bin/as -Qy --64 -o .10817.tmp -

F: unlinkat
S: deny
P: .10817.tmp
A: /usr/src/linux-2.6.31-gentoo-r6/.10817.tmp
R: /usr/src/linux-2.6.31-gentoo-r6/.10817.tmp
C: rm -f .10817.tmp

F: open_wr
S: deny
P: .10823.tmp
A: /usr/src/linux-2.6.31-gentoo-r6/.10823.tmp
R: /usr/src/linux-2.6.31-gentoo-r6/.10823.tmp
C: /usr/lib/gcc/x86_64-pc-linux-gnu/4.3.4/../../../../x86_64-pc-linux-gnu/bin/as -Qy --64 -o .10823.tmp -

F: unlinkat
S: deny
P: .10823.tmp
A: /usr/src/linux-2.6.31-gentoo-r6/.10823.tmp
R: /usr/src/linux-2.6.31-gentoo-r6/.10823.tmp
C: rm -f .10823.tmp

F: open_wr
S: deny
P: .10828.tmp
A: /usr/src/linux-2.6.31-gentoo-r6/.10828.tmp
R: /usr/src/linux-2.6.31-gentoo-r6/.10828.tmp
C: /usr/lib/gcc/x86_64-pc-linux-gnu/4.3.4/../../../../x86_64-pc-linux-gnu/bin/as -Qy --64 -o .10828.tmp -

F: unlinkat
S: deny
P: .10828.tmp
A: /usr/src/linux-2.6.31-gentoo-r6/.10828.tmp
R: /usr/src/linux-2.6.31-gentoo-r6/.10828.tmp
C: rm -f .10828.tmp

F: open_wr
S: deny
P: .10833.tmp
A: /usr/src/linux-2.6.31-gentoo-r6/.10833.tmp
R: /usr/src/linux-2.6.31-gentoo-r6/.10833.tmp
C: /usr/lib/gcc/x86_64-pc-linux-gnu/4.3.4/../../../../x86_64-pc-linux-gnu/bin/as -Qy --64 -o .10833.tmp -

F: unlinkat
S: deny
P: .10833.tmp
A: /usr/src/linux-2.6.31-gentoo-r6/.10833.tmp
R: /usr/src/linux-2.6.31-gentoo-r6/.10833.tmp
C: rm -f .10833.tmp

F: open_wr
S: deny
P: .10838.tmp
A: /usr/src/linux-2.6.31-gentoo-r6/.10838.tmp
R: /usr/src/linux-2.6.31-gentoo-r6/.10838.tmp
C: /usr/lib/gcc/x86_64-pc-linux-gnu/4.3.4/../../../../x86_64-pc-linux-gnu/bin/as -Qy --64 -o .10838.tmp -

F: unlinkat
S: deny
P: .10838.tmp
A: /usr/src/linux-2.6.31-gentoo-r6/.10838.tmp
R: /usr/src/linux-2.6.31-gentoo-r6/.10838.tmp
C: rm -f .10838.tmp

F: open_wr
S: deny
P: .10849.tmp
A: /usr/src/linux-2.6.31-gentoo-r6/.10849.tmp
R: /usr/src/linux-2.6.31-gentoo-r6/.10849.tmp
C: /usr/lib/gcc/x86_64-pc-linux-gnu/4.3.4/../../../../x86_64-pc-linux-gnu/bin/ld --eh-frame-hdr -m elf_x86_64 -dynamic-linker /lib64/ld-linux-x86-64.so.2 -o .10849.tmp -L/usr/lib/gcc/x86_64-pc-linux-gnu/4.3.4 -L/usr/lib/gcc/x86_64-pc-linux-gnu/4.3.4 -L/usr/lib/gcc/x86_64-pc-linux-gnu/4.3.4/../../../../lib64 -L/lib/../lib64 -L/usr/lib/../lib64 -L/usr/lib/gcc/x86_64-pc-linux-gnu/4.3.4/../../../../x86_64-pc-linux-gnu/lib -L/usr/lib/gcc/x86_64-pc-linux-gnu/4.3.4/../../.. --build-id /var/tmp/portage/net-firewall/west-chamber-0.0.1-r2/temp/ccQLnNsL.o

F: unlinkat
S: deny
P: .10849.tmp
A: /usr/src/linux-2.6.31-gentoo-r6/.10849.tmp
R: /usr/src/linux-2.6.31-gentoo-r6/.10849.tmp
C: rm -f .10849.tmp
--------------------------------------------------------------------------------


SDE

Post by qingxiaojin;2075958
emerge失敗，请问是什么原因？


看第一贴， FEATURES="-sandbox"

zhllg

ok, now west-chamber requires >=ipset-4.2

freeobject

速度很快。可以wine
我现在虚拟机下运行的。

yetop

建立
/etc/west-chamber/FACEBOOK

-N FACEBOOK nethash --hashsize 50 --probes 1
-A FACEBOOK 69.63.176.0/20
-A FACEBOOK 66.220.144.0/20
-A FACEBOOK 204.15.20.0/22
COMMIT

修改

cat /etc/west-chamber/NOCLIP
-N NOCLIP setlist --size 4
-A NOCLIP GOOGLE
-A NOCLIP YOUTUBE
-A NOCLIP FACEBOOK
COMMIT

修改

cat west-chamber
# conf.d file for west-chamber

ipsets="CHINA GOOGLE YOUTUBE FACEBOOK"

yetop

不是很稳定，多刷新几次。

有可能 facebook的地址范围不全导致。

LongerZ

确实，稳定性有待提高~~~