pemu for linux 07-02新版本README中文版
How to use
!!!!!!!!!!!!!!!!!!!!!!!
This is Linux Version, It can't be compiled directly on Windows
or any other platforms. There is separate windows version!
This version requires 32 bit CPU (or 64Bit CPU in 32 bit mode)
!!!!!!!!!!!!!!!!!!!!!!!
I. Compile from source, use this only if you know what you are doing,
otherwise, try compiled version.
Required - gcc3.4 - qemu is not compatible with gcc 4.x, so you will need
3.x.
1. Edit Make file, and customize line:
TUNE_FLAGS=-march=pentium4 -mtune=pentium4
with whatever CPU you have (type man gcc to see possible types)
This is only for optimization! It won't help to compile on non x86 CPUs
2. type make
Ignore warnings.
If you are lucky, it may compile, if not, try using compiled version
II. So you either compiled from source or decided to use binary version, how
to use for first time:
1. prepare flash file, execute following command:
dd if=/dev/zero of=FLASH bs=1k count=16k
2. Download PIXOS image from somewhere, it is tested with 6.35, 7.22 and 8.02
3. There is no need to uncompress image (as it was in older version).
edit pemu.ini, it should look like:
-----
serial=0x12345678 <--- PUT Your Serial Number here
image=pix <--- PUT YOUR PIXOS image name here
key=0x00000000,0x00000000,0x00000000,0x00000000 <--- PUT AC if You USE 6.x
bios1=mybios_d8000
bios2=bios.bin
bios_checksum=1
-----
Don't enter any spaces, or empty lines or something else, as it will not
work!
if you already have image installed in flash, edit the second line to:
image=NONE
Copy Serial No and key from your existing pix, and save file
Activation Keym, set in pemu.ini is used only for PIXOS 6.x version!,
For PIXOS 7.x and 8.x, key should be entered with activation-key command
Serial No should be in HEX!!!!!
You should Use Serial No and activation key from existing pix. PIX model
in not important. E.g. You can use SN and AC from pix 501, 506, 515, etc.
Serial Numbers and keys from ASA are not compatible.
edit ifup.ini to configure how interfaces are initialized it should look
like this:
------
tap0 10.0.0.1 255.255.255.0
tap1 10.1.0.1 255.255.255.0
tap2 10.2.0.1 255.255.255.0
tap3 10.3.0.1 255.255.255.0
tap4 bridge eth0
------
virtual ethernet interfaces are specified using options like this
"-net nic,vlan=1,macaddr=00:aa:00:00:02:01 -net tap,vlan=1,script=ifup"
Up to 5 interfaces can be specified, but different mac addresses should be
used if connecting several virtual pixes
FINALY, run emulator with:
./pemu -net nic,vlan=1,macaddr=00:aa:00:00:02:01 -net tap,vlan=1,script=ifup -net nic,vlan=2,macaddr=00:aa:00:00:02:02 -net tap,vlan=2,script=ifup -serial stdio -m 128 FLASH
As from version 2007-07-02 there is new method of connecting to network -
called lcap (something like pcap but will probably work only on linux)
Using lcap, packets can be directly send and received via host ethernet
interface. Eample of ussage:
-net nic,vlan=1,macaddr=00:a0:00:00:00:01 -net lcap,vlan=1,ifname=eth0
This will directly connect eth0 and pix's ethernet0 without any external
programs or bridging tricks. WARNING - using this method will not allow
traffic to/from host computer to emulated PIX
This code is still very experimental and in some cases it might not work.
The latest argument is FLASH image file, -m 128 means 128 MB RAM, which is
required for 7.x
for 6.x -m 32 is enough
Program is terminated with ctrl-c, there are other ways to use serial
console, read qemu manual for more info.
example -serial [url=telnet::1234,server,nowait]telnet::1234,server,nowait[/url] In this case serial console
is accessible with command: telnet localhost 1234
使用说明
---------------
这是linux下的版本,它不能直接在windows或者其他平台下编译,不过之前已经有人提供了windows版本,它基于4月20号的源代码编译于
windows下.这个版本需要32位的CPU(或者是64位的CPU但能兼容32位模式)
一.编译源代码,如果你知道如何去编译,否则使用已经编译好的版本(建议使用编译好的版本)
编译源代码,需要gcc3.4,因为QEMU不兼容gcc4.x,所以你需要gcc3.x.
1.编辑make文件,定位到
TUNE_FLAGS=-march=pentium4 -mtune=pentium4
无论你的CPU是什么类型(使用man gcc 查看类型),这仅仅只是优化而已,不能对非x86的CPU有任何帮助.
2.make
忽略所有警告.如果你够幸运,那么就编译通过.如果不能,请使用已编译好的版本.
二.你可以选择编译源代码或者使用二进制版本(已编译)
使用方法:
1.准备好一个FLASH文件,执行命令:
dd if=/dev/zero of=FLASH bs=1k count=16k
2.下载PIXOS镜像文件(即PIX IOS),已经成功测试了pix 6.35,7.22和8.02
3.新版本将不需要解压pix的镜像文件.
编辑pemu.ini文件
------
serial=0x12345678 <----序列号
image=pix <----PIXOS镜像文件(注意跟原文件同名)
key=0x00000000,0x00000000,0x00000000,0x00000000 <----activation key
bios1=mybios_d8000
bios2=bios.bin 此三项保持默认,不需要改变
bios_checksum=1
------
注意不要输入空格,或者空行以及其他的内容,因为那样将不能运行.
如果你已经有一个镜像文件安装在FLASH文件中,编辑image=这一项为:
image=NONE
从你现有的PIX中查找序列号和activation key,然后编辑到pemu.ini文件中,特别需要注意的是这样设置KEY的方法
只适用于PIXOS 6.x版本!针对PIXOS 7.x 和 8.x,key应该通过activation-key 命令还输入.序列号应该为16进制.
你应该使用序列号和activation key从你现有的pix中获得.PIX的类型不重要.举个例子来说,你可以使用从pix 501,
506, 515等等中获得序列号和activation key.但是从ASA中获得的序列号和keys将不能兼容.
编辑ifup.ini来配置如何初始化接口
例如:
------
tap0 10.0.0.1 255.255.255.0
tap1 10.1.0.1 255.255.255.0
tap2 10.2.0.1 255.255.255.0
tap3 10.3.0.1 255.255.255.0 (配置tap网卡IP地址)
tap4 bridge eth0 (将tap4桥接到eth0)
------
虚拟以太网接口详细的参数:
-net nic,vlan=1,macaddr=00:aa:00:00:02:01 -net tap,vlan=1,script=ifup
最多支持5个以太网接口,注意如果连接多个虚拟的PIX需要配置不同的MAC地址
以下是一个完整的运行参数(例子):
./pemu -net nic,vlan=1,macaddr=00:aa:00:00:02:01 -net tap,vlan=1,script=ifup -net nic,vlan=2,macaddr=00:aa:00:00:02:02 -net tap,vlan=2,script=ifup -serial stdio -m 128 FLASH
2007-07-02版本有一个新的连接方法称为lcap(win32版本已经可用),有点类似于pcap不过可能它只能在linux下运行.
使用lcap模式,数据包能够直接通过以太网口收发.例子:
-net nic,vlan=1,macaddr=00:a0:00:00:00:01 -net lcap,vlan=1,ifname=eth0
这样将直接连接eth0和pix的ethernet0(不通过任何外部程序或者桥接).
警告:使用这种方法将不允许流量通过宿主主机到模拟的PIX(这句话作者的意思表达的不大清楚,是不是不允许外部的流量通过主机的etho到达pix的ethernet0?也就是说如果使用lcap模式,将ethernet0连接到eth0,那么如果外部的主机连接到了eth0,是不是不可以ping通或者telnet到pix的ethernet0,待实验才能搞清楚)这种方法目前还是测试阶段,在有些情况下可能不能工作(建议如果想实验的话还是使用linux下的tap接口,个人认为比较方便,比windows下方便)
最后谈谈FLASH镜像文件,-m 128 意思是128MB的RAM(内存),pix 7.x需要这么多,但是pix 6.x只需要-m 32就足够了.
程序推出使用ctrl-c,有其他的途径来使用控制台(serial console),可以参考QEMU手册来获得更多信息
举个例子:
-serial telnet::1234,server,nowait
终端运行
telnet localhost 1234
不同于 2007-04-20 版本的内容如下:
1.新版本基qemu 0.9.0
2.multicasts问题已经解决
3.关于 mybiosd8000作了一些小的改变(比如错误的显示报错信息)
4.现在的PIX IOS使用时不需要解压,由PEMU完成解压,这就可能会导致启动时有点慢,但是却更方便使用
5.一些不必要的QEMU 代码被删除
6.新的网络连接模式 - lcap
|
