Installing Softether vpn server in chroot environment, under zte f-660 Iconbit 1003d

In my previous article, I described the installation process for sip-proxy and basic Linux utilities, in a choot environment. The note has caused enough interest in the habr-community. That's why I present the second part of the material, in which I will describe the process of compiling a softether VPN server under mips and mipsel architecture, for the long-suffering router zte f-660 and iconbit 1003d. Only this time, I’ll post the whole code in the form of an archive ( mipsel and mips ), and in the text I will arrange some sections of the code for clarity. This VPN server is relatively new, but it managed to surprise many with its capabilities. In particular, a lot has been written about him here and here .

To compile from source, we need the cross-toolchain made in the previous material. If we try to compile the vpn-server "in the forehead":

./configure make Install 

Then we get an error
Why does this happen? It's very simple: the fact is that since the project is new, it is not designed for cross-compilation, the installation script assumes that the compilation is performed on the same machine as for the installation. In order to compile the project, we need to make changes to the makefile.
After a little exploring the generated makefile. I realized that the problem lies in a certain hamcorebuilder utility that is compiled on the fly, and is used for archiving resources, which in turn are already used in the VPN server binary itself. Naturally, since we are using a crosscompiler, it will not be able to run on an assembly machine. In order to circumvent this limitation, we only need to compile it for the x86 architecture using the system compiler / use / bin / gcc.
I will give a key difference between the generated file and the fixed one:
# hamcorebuilder Utility
tmp/hamcorebuilder: src/hamcorebuilder/hamcorebuilder.c $(HEADERS_MAYAQUA) $(HEADERS_CEDAR) $(OBJECTS_MAYAQUA_HOST) $(OBJECTS_CEDAR_HOST)
@mkdir -p tmp/
/usr/bin/gcc $(OPTIONS_COMPILE_HOST) $(OBJECTS_MAYAQUA_HOST) $(OBJECTS_CEDAR_HOST) src/hamcorebuilder/hamcorebuilder.c $(OPTIONS_LINK) -o tmp/hamcorebuilder

As we see nothing complicated, everything is quite simple (we added new targets with the end of _host and the rules for them)

In another place, we fixed the part responsible for the installation.
$(INSTALL_BINDIR)vpnserver: bin/vpnserver/hamcore.se2 bin/vpnserver/vpnserver
@mkdir -p $(INSTALL_VPNSERVER_DIR)
cp bin/vpnserver/hamcore.se2 $(INSTALL_VPNSERVER_DIR)hamcore.se2
cp bin/vpnserver/vpnserver $(INSTALL_VPNSERVER_DIR)vpnserver
echo "#!/bin/bash" > $(INSTALL_BINDIR)vpnserver.sh
echo "/bin/vpnserver/vpnserver" '"$$@"' >> $(INSTALL_BINDIR)vpnserver.sh
echo 'exit $$?' >> $(INSTALL_BINDIR)vpnserver.sh
chmod 755 $(INSTALL_BINDIR)vpnserver.sh
.....

From this point on, we have a directory in which we prepared a root file system with a VPN server suitable for running in a chroot environment.

We do everything as the previous note and check the performance

• vpncmd.sh
• choose option 3
• check
• vpnserver.sh start

The server is running.
Not everything is going smoothly here, in order for it all to work properly, you need to clear the memory, for this you need to “kill” extra processes, such as an embedded web server. The problem is that they are restored after the "murder". So, unfortunately, I was unable to make sure that the server is fully operational. Since the router is constantly hanging from a lack of memory. In order to demonstrate that the methodology still works, I compiled the entire compilation for a slightly different iconbit 1003d device. And on it, everything worked out quite clearly. (By the way, read how the firmware was modified so that it does not suffer from flash drives, I recommend it here )
')


The speed is “cut off”, up to 6 megabits per second, which is not so terrible compared to the potential possibilities that the VPN server gives us

To summarize: we have learned how to fix a finished makefile, making it suitable for cross-compilation. We also managed to compile the software VPN-server immediately under two different architectures, without applying any bulky patches, in fact, we changed only the prefix from mips to mipsel. Softether Vpn Server showed its flexibility in terms of target platform selection. In general, the project impressed me with its flexibility. The only thing that is not clear why, the creators of the vpn-server made a GUI under windows. I'd love to see a full-fledged web interface in future releases.
Archive already compiled programs