[原创] Qemu模拟ASA802(讨论帖非应用)

如何, linux, 网上

最近在网上看到一篇关于如何解压 Cisco firewall OS 大家有兴趣可以点进去看看.7200emu上也有讨论
asa802-k8 是基于linux内核
http://www.cisco.com/en/US/products/ps6120/prod_release_note09186a008086944e.html

一.如何从asa802-k8.bin解压出核心,我直接删除掉了,免得大家晕头,兴趣的去看上面的链接Cisco firewall OS

二.运行asa802,

创建虚拟硬盘文件可以dd,也可以qemu-img
linux:

qemu -hda FLASH -m 256 -kernel vmlinuz -initrd asa802-k8.gz -kernel-kqemu
-nographic -append "auto console=ttyS0,9600 bigphysarea=16384
ide1=noprobe"

复制代码

windows:

qemu -L . -hda FLASH -m 256 -kernel vmlinuz
-initrd asa802-k8.gz -append "auto ide1=noprobe console=ttyS0,9600
bigphysarea=16384" -serial telnet::1234,server,nowait

复制代码

如果你CPU 100%,用BES

windows截图:

初始化信息:

Linux version 2.6.17.8 (kevfox@kevfox-lnx) (gcc version 4.0.2) #5 PREEMPT Mon Ma
y 7 18:35:37 EDT 2007
BIOS-provided physical RAM map:
BIOS-e820: 0000000000000000 - 000000000009fc00 (usable)
BIOS-e820: 000000000009fc00 - 00000000000a0000 (reserved)
BIOS-e820: 00000000000e8000 - 0000000000100000 (reserved)
BIOS-e820: 0000000000100000 - 000000000fff0000 (usable)
BIOS-e820: 000000000fff0000 - 0000000010000000 (ACPI data)
BIOS-e820: 00000000fffc0000 - 0000000100000000 (reserved)
0MB HIGHMEM available.
255MB LOWMEM available.
DMI not present or invalid.
Allocating PCI resources starting at 20000000 (gap: 10000000:effc0000)
Built 1 zonelists
Kernel command line: auto console=ttyS0,9600 bigphysarea=16384 ide1=noprobe
ide_setup: ide1=noprobe
Enabling fast FPU save and restore... done.
Enabling unmasked SIMD FPU exception support... done.
Initializing CPU#0
PID hash table entries: 1024 (order: 10, 4096 bytes)
Detected 1667.045 MHz processor.
Using tsc for high-res timesource
Console: colour dummy device 80x25
Dentry cache hash table entries: 32768 (order: 5, 131072 bytes)
Inode-cache hash table entries: 16384 (order: 4, 65536 bytes)
Memory: 178644k/262080k available (1553k kernel code, 82932k reserved, 348k data
, 116k init, 0k highmem)
Checking if this processor honours the WP bit even in supervisor mode... Ok.
Calibrating delay using timer specific routine.. 3458.09 BogoMIPS (lpj=6916185)
Mount-cache hash table entries: 512
monitor/mwait feature present.
using mwait in idle threads.
CPU: L1 I cache: 32K, L1 D cache: 32K
CPU: L2 cache: 2048K
Intel machine check architecture supported.
Intel machine check reporting enabled on CPU#0.
CPU: Intel(R) Core(TM)2 CPU T5500 @ 1.66GHz stepping 06
Checking 'hlt' instruction... OK.
SMP alternatives: switching to UP code
Freeing SMP alternatives: 0k freed
Unpacking initramfs... done
Freeing initrd memory: 12917k freed
NET: Registered protocol family 16
PCI: PCI BIOS revision 2.10 entry at 0xfa110, last bus=0
Setting up standard PCI resources
PCI: Probing PCI hardware
PCI quirk: region b000-b03f claimed by PIIX4 ACPI
PCI quirk: region b100-b10f claimed by PIIX4 SMB
PCI: Using IRQ router PIIX/ICH [8086/7000] at 0000:00:01.0
PCI: Ignore bogus resource 6 [0:0] of 0000:00:02.0
NET: Registered protocol family 2
IP route cache hash table entries: 2048 (order: 1, 8192 bytes)
TCP established hash table entries: 8192 (order: 3, 32768 bytes)
TCP bind hash table entries: 4096 (order: 2, 16384 bytes)
TCP: Hash tables configured (established 8192 bind 4096)
TCP reno registered
Machine check exception polling timer started.
Total HugeTLB memory allocated, 0
bigphysarea: Allocated 16384 pages at 0xdf49f000.
Initializing Cryptographic API
io scheduler noop registered
io scheduler anticipatory registered (default)
io scheduler deadline registered
io scheduler cfq registered
Limiting direct PCI/PCI transfers.
PCI: PIIX3: Enabling Passive Release on 0000:00:01.0
Activating ISA DMA hang workarounds.
Serial: 8250/16550 driver $Revision: #2 $ 4 ports, IRQ sharing disabled
serial8250: ttyS0 at I/O 0x3f8 (irq = 4) is a 16550A
loop: loaded (max 8 devices)
pcnet32.c:v1.32 18.Mar.2006 tsbogend@alpha.franken.de
tun: Universal TUN/TAP device driver, 1.6
tun: (C) 1999-2004 Max Krasnyansky <maxk@qualcomm.com>
Uniform Multi-Platform E-IDE driver Revision: 7.00alpha2
ide: Assuming 33MHz system bus speed for PIO modes; override with idebus=xx
hda: QEMU HARDDISK, ATA DISK drive
ide0 at 0x1f0-0x1f7,0x3f6 on irq 14
hda: max request size: 512KiB
hda: 262144 sectors (134 MB) w/256KiB Cache, CHS=260/255/63
hda: set_multmode: status=0 { DriveReady Error }
hda: set_multmode: error=0x04 { DriveStatusError }
ide: failed opcode was: 0xef
hda: cache flushes supported
hda: hda1
TCP bic registered
NET: Registered protocol family 1
NET: Registered protocol family 17
Using IPI Shortcut mode
Freeing unused kernel memory: 116k freed
FAT: "posix" option is obsolete, not supported now
TIPC: Activated (compiled May 2 2007 15:38:08)
NET: Registered protocol family 30
TIPC: Started in single node mode
TIPC: Started in network mode
TIPC: Own node address <1.1.1>, network identity 1234
TIPC: Enabled bearer <eth:tap0>, discovery domain <1.1.0>, priority 10
Processor memory 164855808, Reserved memory: 20971520 (DSOs: 0 + kernel: 2097152
0)
Guest RAM start: 0xd4c00080
Guest RAM end: 0xdd400000
LINA unit number: 1
Guest RAM brk: 0xd4c01000
MKDIR failed No such file or directory for /var/log/
Welcome to LINA - ( F1-on-Linux platform ) desktop version!
********************************************************************
* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING *
* *
* This product is for Cisco internal use ONLY!!! *
* *
* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING *
********************************************************************
i2c_read_byte_w_wait() error, slot = 0x4, device = 0xb0, address = 0 byte count
= 1. Reason: I2C_SMBUS_UNSUPPORT
Total SSMs found: 0
Ignoring PCI card in slot:0 (vendor:0x0 deviceid:0x0)
Ignoring PCI card in slot:1 (vendor:0x0 deviceid:0x0)
Ignoring PCI card in slot:2 (vendor:0x0 deviceid:0x0)
Ignoring PCI card in slot:3 (vendor:0x0 deviceid:0x0)
Ignoring PCI card in slot:4 (vendor:0x0 deviceid:0x0)
Ignoring PCI card in slot:5 (vendor:0x0 deviceid:0x0)
Ignoring PCI card in slot:6 (vendor:0x0 deviceid:0x0)
Total NICs found: 6
Error in ioctl SIOGIFINDEX
Failed to open linaeth for interface 0 - verify the support in kernel
Error in ioctl SIOGIFINDEX
Failed to open linaeth for interface 1 - verify the support in kernel
Error in ioctl SIOGIFINDEX
Failed to open linaeth for interface 2 - verify the support in kernel
Error in ioctl SIOGIFINDEX
Failed to open linaeth for interface 3 - verify the support in kernel
Error in ioctl SIOGIFINDEX
Failed to open linaeth for interface 4 - verify the support in kernel
Error in ioctl SIOGIFINDEX
Failed to open linaeth for interface 5 - verify the support in kernel
INFO: Unable to read firewall mode from flash
Writing default firewall mode (single) to flash
WARNING: Unable to write firewall mode to flash, this is normal if flash is
not formatted.
--------------------------------------------------------------------------
. .
| |
||| |||
.|| ||. .|| ||.
.:||| | |||:..:||| | |||:.
C i s c o S y s t e m s
--------------------------------------------------------------------------
Cisco Adaptive Security Appliance Software Version 8.0(2)
Cannot open interface card (media_ethernet/port/id/0)
pix_idb_create: Unable to get link capabilities 0
pix_idb_create: Unable to get nic_stats for port 0
Cannot open interface card (media_ethernet/port/id/1)
pix_idb_create: Unable to get link capabilities 1
pix_idb_create: Unable to get nic_stats for port 1
Cannot open interface card (media_ethernet/port/id/2)
pix_idb_create: Unable to get link capabilities 2
pix_idb_create: Unable to get nic_stats for port 2
Cannot open interface card (media_ethernet/port/id/3)
pix_idb_create: Unable to get link capabilities 3
pix_idb_create: Unable to get nic_stats for port 3
Cannot open interface card (media_ethernet/port/id/4)
pix_idb_create: Unable to get link capabilities 4
pix_idb_create: Unable to get nic_stats for port 4
Cannot open interface card (media_ethernet/port/id/5)
pix_idb_create: Unable to get link capabilities 5
pix_idb_create: Unable to get nic_stats for port 5
****************************** Warning *******************************
This product contains cryptographic features and is
subject to United States and local country laws
governing, import, export, transfer, and use.
Delivery of Cisco cryptographic products does not
imply third-party authority to import, export,
distribute, or use encryption. Importers, exporters,
distributors and users are responsible for compliance
with U.S. and local country laws. By using this
product you agree to comply with applicable laws and
regulations. If you are unable to comply with U.S.
and local laws, return the enclosed items immediately.
A summary of U.S. laws governing Cisco cryptographic
products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by
sending email to export@cisco.com.
******************************* Warning *******************************
Copyright (c) 1996-2007 by Cisco Systems, Inc.
Restricted Rights Legend
Use, duplication, or disclosure by the Government is
subject to restrictions as set forth in subparagraph
(c) of the Commercial Computer Software - Restricted
Rights clause at FAR sec. 52.227-19 and subparagraph
(c) (1) (ii) of the Rights in Technical Data and Computer
Software clause at DFARS sec. 252.227-7013.
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, California 95134-1706
open or write(ffsdev/2/write/32) failed
Could not initialize system files in flash.
i2c_read_byte_w_suspend() error, slot = 0x4, device = 0xb0, address = 0 byte cou
nt = 1. Reason: I2C_SMBUS_UNSUPPORT
i2c_read_byte_w_suspend() error, slot = 0x4, device = 0xb0, address = 0 byte cou
nt = 1. Reason: I2C_SMBUS_UNSUPPORT
Type help or '?' for a list of available commands.
ciscoasa>