diff -Naur --exclude=CVS ipcop-1.4.10-ORG/src/ROOTFILES.i386 ipcop-1.4.10/src/ROOTFILES.i386 --- ipcop-1.4.10-ORG/src/ROOTFILES.i386 2005-11-12 08:03:12.000000000 +0000 +++ ipcop-1.4.10/src/ROOTFILES.i386 2005-12-12 13:41:18.000000000 +0000 @@ -24738,3 +24738,13 @@ ## vlan.1.8 ## sbin/vconfig +## +## cutter-1.03 +## +usr/bin/cutter +## +## rope +## +usr/local/rope +etc/rope.d +etc/rc.d/rc.p2p-rope diff -Naur --exclude=CVS ipcop-1.4.10-ORG/lfs/cutter ipcop-1.4.10/lfs/cutter --- ipcop-1.4.10-ORG/lfs/cutter 1970-01-01 00:00:00.000000000 +0000 +++ ipcop-1.4.10/lfs/cutter 2005-12-12 13:41:18.000000000 +0000 @@ -0,0 +1,82 @@ +############################################################################### +# This file is part of the IPCop Firewall. # +# # +# IPCop is free software; you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation; either version 2 of the License, or # +# (at your option) any later version. # +# # +# IPCop is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with IPCop; if not, write to the Free Software # +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA # +# # +# Makefiles are based on LFSMake, which is # +# Copyright (C) 2002 Rod Roard # +# # +############################################################################### + +# LFS build file for cutter - for IPCop 1.4.x +# Cutter home page (include documentation) is at: +# http://www.lowth.com/cutter + +############################################################################### +# Definitions +############################################################################### + +include Config + +VER = 1.03 + +THISAPP = cutter-$(VER) +DL_FILE = $(THISAPP).tgz +DL_FROM = http://www.lowth.com/cutter/software +DIR_APP = $(DIR_SRC)/$(THISAPP) +TARGET = $(DIR_INFO)/$(THISAPP) + +############################################################################### +# Top-level Rules +############################################################################### + +objects = $(DL_FILE) + +$(DL_FILE) = $(DL_FROM)/$(DL_FILE) + +$(DL_FILE)_MD5 = 50093db9b64277643969ee75b83ebbd1 + +install : $(TARGET) + +check : $(patsubst %,$(DIR_CHK)/%,$(objects)) + +download :$(patsubst %,$(DIR_DL)/%,$(objects)) + +md5 : $(subst %,%_MD5,$(objects)) + +############################################################################### +# Downloading, checking, md5sum +############################################################################### + +$(patsubst %,$(DIR_CHK)/%,$(objects)) : + @$(CHECK) + +$(patsubst %,$(DIR_DL)/%,$(objects)) : + @$(LOAD) + +$(subst %,%_MD5,$(objects)) : + @$(MD5) + +############################################################################### +# Installation Details +############################################################################### + +$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) + @$(PREBUILD) + @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE) + cd $(DIR_APP) && make + cd $(DIR_APP) && install -m 0755 cutter /usr/bin + @rm -rf $(DIR_APP) + @$(POSTBUILD) diff -Naur --exclude=CVS ipcop-1.4.10-ORG/lfs/iptables ipcop-1.4.10/lfs/iptables --- ipcop-1.4.10-ORG/lfs/iptables 2005-11-12 08:03:12.000000000 +0000 +++ ipcop-1.4.10/lfs/iptables 2005-12-12 13:41:18.000000000 +0000 @@ -79,11 +79,18 @@ @$(PREBUILD) # iptables-fixed.tar.gz is made in the linux kernel build process @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/iptables-fixed.tar.gz + # update the ipset files + cp $(DIR_SRC)/ipset/iptables/extensions/libipt_set.* \ + $(DIR_SRC)/ipset/iptables/extensions/libipt_SET.* \ + $(DIR_SRC)/ipset/iptables/extensions/.set-test \ + $(DIR_APP)/extensions # Appears that libipt_set/SET maybe a little broken, fix it for now... - cd $(DIR_APP)/extensions && sed -i -e 's/#include\ \"..\/ipset\/libipt_set.h\"//' libipt_set.c - cd $(DIR_APP)/extensions && sed -i -e 's/#include\ \"..\/ipset\/libipt_set.h\"//' libipt_SET.c + #cd $(DIR_APP)/extensions && sed -i -e 's/#include\ \"..\/ipset\/libipt_set.h\"//' libipt_set.c + #cd $(DIR_APP)/extensions && sed -i -e 's/#include\ \"..\/ipset\/libipt_set.h\"//' libipt_SET.c cd $(DIR_APP) && patch -Np0 < $(DIR_SRC)/src/patches/$(THISAPP).patch + cd /usr/src/rope-* && make IPTABLES_DIR=$(DIR_APP) patch-iptables + echo -e '#! /bin/sh\necho rope' > $(DIR_APP)/extensions/.rope-test cd $(DIR_APP) && make BINDIR=/sbin MANDIR=/usr/share/man LIBDIR=/lib cd $(DIR_APP) && make BINDIR=/sbin MANDIR=/usr/share/man LIBDIR=/lib install - @rm -rf $(DIR_APP) + #@rm -rf $(DIR_APP) @$(POSTBUILD) diff -Naur --exclude=CVS ipcop-1.4.10-ORG/lfs/linux ipcop-1.4.10/lfs/linux --- ipcop-1.4.10-ORG/lfs/linux 2005-11-12 08:03:12.000000000 +0000 +++ ipcop-1.4.10/lfs/linux 2005-12-12 19:25:58.000000000 +0000 @@ -67,7 +67,9 @@ objects =$(DL_FILE) \ openswan-1.0.10rc2.tar.gz \ iptables-1.2.11.tar.bz2 \ + iptables-1.3.2-20050720.tar.bz2 \ patch-o-matic-ng-20040621.tar.bz2 \ + patch-o-matic-ng-20051124.tar.bz2 $(DL_FILE) = $(DL_FROM)/$(DL_FILE) openswan-1.0.10rc2.tar.gz = http://www.openswan.org/download/openswan-1.0.10rc2.tar.gz @@ -79,6 +81,13 @@ patch-o-matic-ng-20040621.tar.bz2_MD5 = 4fd3c744bf55f119fef6c7c3c4acc4b6 iptables-1.2.11.tar.bz2_MD5 = 0a5f5f226e41ce408a895bec995e8c05 +# for ipset.. +iptables-1.3.2-20050720.tar.bz2 = http://ipset.netfilter.org/iptables-1.3.2-20050720.tar.bz2 +iptables-1.3.2-20050720.tar.bz2_MD5 = 074e0e9e246aebf0b3ebe0157413fbe9 +patch-o-matic-ng-20051124.tar.bz2 = http://ipset.netfilter.org/patch-o-matic-ng-20051124.tar.bz2 +patch-o-matic-ng-20051124.tar.bz2_MD5 = 070e8176072614fa6c31ff4dd0d3b7a1 + + install : $(TARGET) check : $(patsubst %,$(DIR_CHK)/%,$(objects)) @@ -126,6 +135,15 @@ cd $(DIR_SRC) && rm -rf patch-o-matic* cd $(DIR_SRC) && tar xfj $(DIR_DL)/patch-o-matic-ng-20040621.tar.bz2 cd $(DIR_SRC)/patch-o-matic* && sed -i -e 's/head\ -1/head\ -n\ 1/' runme + + # oddly enough: the "ipset" patch-o-match tarball is in gzip format, not bzip! + cd $(DIR_SRC) && \ + rm -fr ipset && \ + mkdir ipset && \ + cd ipset && \ + tar xfz $(DIR_DL)/patch-o-matic-ng-20051124.tar.bz2 && \ + tar xfj $(DIR_DL)/iptables-1.3.2-20050720.tar.bz2 + # This patch changes /proc/net/ip_conntrack to mode 0440 # and messes up the connections.cgi page. So remove it for now. # As of 2.4.27 it's in as standard, so we use the patch to reverse @@ -145,7 +163,7 @@ # fix patch-o-matic for 2.4.31 cd $(DIR_SRC)/patch-o-matic* && cp -f $(DIR_SRC)/src/patches/patch-o-matic-ng-raw_2.4.31.patch raw/linux-2.4.patch - + cd $(DIR_SRC)/patch-o-matic*/nf-log && patch -Np0 < $(DIR_SRC)/src/patches/pomng.fix cd $(DIR_SRC)/patch-o-matic* && yes 'y' | ./runme --kernel-path=$(ROOT)/usr/src/linux/ --iptables-path=$(ROOT)/usr/src/iptables/ pending cd $(DIR_SRC)/patch-o-matic* && yes 'y' | ./runme --kernel-path=$(ROOT)/usr/src/linux/ --iptables-path=$(ROOT)/usr/src/iptables/ base @@ -157,6 +175,9 @@ cd $(DIR_SRC)/patch-o-matic* && yes 'y' | ./runme --kernel-path=$(ROOT)/usr/src/linux/ --iptables-path=$(ROOT)/usr/src/iptables/ quake3-conntrack-nat cd $(DIR_SRC)/patch-o-matic* && yes 'y' | ./runme --kernel-path=$(ROOT)/usr/src/linux/ --iptables-path=$(ROOT)/usr/src/iptables/ string cd $(DIR_SRC)/patch-o-matic* && yes 'y' | ./runme --kernel-path=$(ROOT)/usr/src/linux/ --iptables-path=$(ROOT)/usr/src/iptables/ TARPIT + cd $(DIR_SRC)/patch-o-matic* && yes 'y' | ./runme --kernel-path=$(ROOT)/usr/src/linux/ --iptables-path=$(ROOT)/usr/src/iptables/ CONNMARK + #cd $(DIR_SRC)/patch-o-matic* && yes 'y' | ./runme --kernel-path=$(ROOT)/usr/src/linux/ --iptables-path=$(ROOT)/usr/src/iptables/ connbytes + cd $(DIR_SRC)/ipset/patch-o-matic-ng && yes 'y' | ./runme --kernel-path=$(ROOT)/usr/src/linux/ --iptables-path=$(ROOT)/usr/src/ipset/iptables/ set ifeq "$(SMP)" "" # Only do this once on the non-SMP pass @@ -200,7 +221,18 @@ cd $(DIR_APP) && sed -i -e 's/-O2/-Os/g' Makefile endif - cd $(DIR_APP) && make CC="$(KGCC)" oldconfig +ifeq "$(SMP)" "" + # Only add ROPE on non-SNP kernels + cd /usr/src/rope-* && make KERNEL_DIR=/usr/src/linux patch-kernel + cd $(DIR_APP) && if [ -f /usr/src/rope-*/extend_ipset.pl ]; then perl /usr/src/rope-*/extend_ipset.pl; fi +endif + + cd $(DIR_APP) && make CC="$(KGCC)" oldconfig \ + CONFIG_IP_NF_SET_HASHSIZE=1024 CONFIG_IP_NF_MATCH_SET=m CONFIG_IP_NF_TARGET_SET=m \ + CONFIG_IP_NF_SET_NETHASH=m CONFIG_IP_NF_SET_IPPORTHASH=m CONFIG_IP_NF_SET_IPTREE=m \ + CONFIG_IP_NF_CONNTRACK_MARK=y CONFIG_IP_NF_MATCH_CONNMARK=m CONFIG_IP_NF_TARGET_CONNMARK=m \ + `awk '$$1 ~ /^CONFIG_[A-Z0-9_]*=/ {print $$1}' /usr/src/rope-*/Makefile` + cd $(DIR_APP) && make CC="$(KGCC)" dep cd $(DIR_APP) && make CC="$(KGCC)" clean if [ "$(MACHINE)" = "i386" -a "$(SMP)" = "" ]; then \ diff -Naur --exclude=CVS ipcop-1.4.10-ORG/lfs/rope ipcop-1.4.10/lfs/rope --- ipcop-1.4.10-ORG/lfs/rope 1970-01-01 00:00:00.000000000 +0000 +++ ipcop-1.4.10/lfs/rope 2005-12-12 22:24:33.000000000 +0000 @@ -0,0 +1,87 @@ +############################################################################### +# This file is part of the IPCop Firewall. # +# # +# IPCop is free software; you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation; either version 2 of the License, or # +# (at your option) any later version. # +# # +# IPCop is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with IPCop; if not, write to the Free Software # +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA # +# # +# Makefiles are based on LFSMake, which is # +# Copyright (C) 2002 Rod Roard # +# # +# Created by: # +# 01-July-2004 Chris Lowth # +# - Makefile for ROPE in IPCop build # +# # +############################################################################### + +############################################################################### +# Definitions +############################################################################### + +include Config + +VER = 20051212 + +THISAPP = rope-$(VER) +DL_FILE = $(THISAPP).tgz +DL_FROM = http://www.lowth.com/rope/attach/Download +DIR_APP = $(DIR_SRC)/$(THISAPP) +TARGET = $(DIR_INFO)/$(THISAPP) + +############################################################################### +# Top-level Rules +############################################################################### +objects = $(DL_FILE) + +$(DL_FILE) = $(DL_FROM)/$(DL_FILE) + +$(DL_FILE)_MD5 = fccc6ef6c0a0632b1b57ea5b5f5829a2 + +install : $(TARGET) + +check : $(patsubst %,$(DIR_CHK)/%,$(objects)) + +download :$(patsubst %,$(DIR_DL)/%,$(objects)) + +md5 : $(subst %,%_MD5,$(objects)) + +############################################################################### +# Downloading, checking, md5sum +############################################################################### + +$(patsubst %,$(DIR_CHK)/%,$(objects)) : + @$(CHECK) + +$(patsubst %,$(DIR_DL)/%,$(objects)) : + @$(LOAD) + +$(subst %,%_MD5,$(objects)) : + @$(MD5) + +############################################################################### +# Installation Details +############################################################################### + +$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) + @$(PREBUILD) + @rm -rf $(DIR_SRC)/rope-* && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE) + rm -rf /usr/local/rope /etc/rope.d + rm -f /usr/src/linux/net/ipv4/netfilter/*rope* + mkdir -p /usr/local/rope + mkdir -p /etc/rope.d/scripts + cd $(DIR_APP) && \ + cp ropec.pl rope.pl /usr/local/rope && \ + make userland-tools && \ + cp rope rddump /usr/local/rope && \ + make install-sample-scripts + @$(POSTBUILD) diff -Naur --exclude=CVS ipcop-1.4.10-ORG/make.sh ipcop-1.4.10/make.sh --- ipcop-1.4.10-ORG/make.sh 2005-11-12 08:03:12.000000000 +0000 +++ ipcop-1.4.10/make.sh 2005-12-12 22:13:56.000000000 +0000 @@ -483,6 +483,11 @@ ipcopmake ppp ipcopmake rp-pppoe ipcopmake unzip + + # www.lowth.com add-ons + ipcopmake rope + ipcopmake cutter + # Do SMP now if [ 'i386' = $MACHINE ]; then # abuse the SMP flag, and make an minimal installer kernel first @@ -931,8 +936,23 @@ fi exit 0 ;; + +ropepatch) + cd build || exit 2 + ROPEVER=`echo usr/src/rope-* | cut -f2 -d-` + tar cvfz ../rope-${ROPEVER}-ipcop-${VERSION}-binary-i386.tgz \ + etc/rope.d \ + usr/local/rope \ + usr/bin/cutter \ + lib/modules/*/kernel/net/ipv4/netfilter/ip_{set,set_*}.o.gz \ + lib/modules/*/kernel/net/ipv4/netfilter/ipt_{set,SET,rope,CONNMARK,connmark}.o.gz \ + lib/iptables/libipt_{rope,set,SET,CONNMARK,connmark}.so \ + sbin/iptables-{save,restore} + ;; + *) - echo "Usage: $0 {build|changelog|check|checkclean|clean|dist|newupdate|prefetch|rootfiles|shell}" + echo "Usage: $0 {build|changelog|check|checkclean|clean|dist|newupdate|prefetch|rootfiles|shell|ropepatch}" exit 1 ;; + esac