]> git.ipfire.org Git - ipfire-2.x.git/blame - lfs/configroot
Merge branch 'next' of git.ipfire.org:/pub/git/ipfire-2.x into next
[ipfire-2.x.git] / lfs / configroot
CommitLineData
cd1a2927 1###############################################################################
cd1a2927 2# #
70df8302 3# IPFire.org - A linux based firewall #
30335673 4# Copyright (C) 2007-2013 IPFire Team <info@ipfire.org> #
70df8302
MT
5# #
6# This program is free software: you can redistribute it and/or modify #
cd1a2927 7# it under the terms of the GNU General Public License as published by #
70df8302 8# the Free Software Foundation, either version 3 of the License, or #
cd1a2927
MT
9# (at your option) any later version. #
10# #
70df8302 11# This program is distributed in the hope that it will be useful, #
cd1a2927
MT
12# but WITHOUT ANY WARRANTY; without even the implied warranty of #
13# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
14# GNU General Public License for more details. #
15# #
16# You should have received a copy of the GNU General Public License #
70df8302 17# along with this program. If not, see <http://www.gnu.org/licenses/>. #
cd1a2927 18# #
cd1a2927
MT
19###############################################################################
20
21###############################################################################
22# Definitions
23###############################################################################
24
25include Config
26
15679d9f
MT
27VER = ipfire
28
cd1a2927
MT
29THISAPP = configroot
30DIR_APP = $(DIR_SRC)/$(THISAPP)
31TARGET = $(DIR_INFO)/$(THISAPP)
32
33###############################################################################
34# Top-level Rules
35###############################################################################
36
37install : $(TARGET)
38
39check :
40
41download :
42
43md5 :
44
45###############################################################################
46# Installation Details
47###############################################################################
48
49$(TARGET) :
50 @$(PREBUILD)
51
52 # Create all directories
111c99dd 53 for i in addon-lang auth backup ca certs connscheduler crls ddns dhcp dhcpc dns dnsforward \
73372ed4 54 ethernet extrahd/bin fwlogs fwhosts firewall isdn key langs logging mac main \
5edc06b7 55 menu.d modem nfs optionsfw \
9dafa928 56 ovpn patches pakfire portfw ppp private proxy/advanced/cre \
2b163f44 57 proxy/calamaris/bin qos/bin red remote sensors snort time \
d9716b06 58 updatexlrator/bin updatexlrator/autocheck urlfilter/autoupdate urlfilter/bin upnp vpn \
111c99dd 59 wakeonlan wireless ; do \
cd1a2927
MT
60 mkdir -p $(CONFIG_ROOT)/$$i; \
61 done
62
63 # Touch empty files
64 for i in auth/users backup/include.user backup/exclude.user \
1fde937c 65 certs/index.txt ddns/config ddns/noipsettings ddns/settings ddns/ipcache dhcp/settings \
111c99dd 66 dhcp/fixleases dhcp/advoptions dhcp/dhcpd.conf.local dns/settings dnsforward/config ethernet/aliases ethernet/settings ethernet/known_nics ethernet/scanned_nics \
30654fd8
SS
67 ethernet/wireless extrahd/scan extrahd/devices extrahd/partitions extrahd/settings firewall/settings firewall/config firewall/geoipblock firewall/input firewall/outgoing \
68 fwhosts/customnetworks fwhosts/customhosts fwhosts/customgroups fwhosts/customservicegrp fwhosts/customgeoipgrp fwlogs/ipsettings fwlogs/portsettings \
5edc06b7 69 isdn/settings mac/settings main/hosts main/routing main/settings optionsfw/settings \
51379603 70 ovpn/ccd.conf ovpn/ccdroute ovpn/ccdroute2 pakfire/settings portfw/config ppp/settings-1 ppp/settings-2 ppp/settings-3 ppp/settings-4 \
dfb1bfaf 71 ppp/settings-5 ppp/settings proxy/settings proxy/squid.conf proxy/advanced/settings proxy/advanced/cre/enable remote/settings qos/settings qos/classes qos/subclasses qos/level7config qos/portconfig \
2b163f44 72 qos/tosconfig snort/settings upnp/settings vpn/config vpn/settings vpn/ipsec.conf \
4e565351 73 vpn/ipsec.secrets vpn/caconfig wakeonlan/clients.conf wireless/config wireless/settings; do \
111c99dd 74 touch $(CONFIG_ROOT)/$$i; \
cd1a2927
MT
75 done
76
77 # Copy initial configfiles
78 cp $(DIR_SRC)/config/cfgroot/header.pl $(CONFIG_ROOT)/
79 cp $(DIR_SRC)/config/cfgroot/general-functions.pl $(CONFIG_ROOT)/
4e9a2b57 80 cp $(DIR_SRC)/config/cfgroot/network-functions.pl $(CONFIG_ROOT)/
30654fd8 81 cp $(DIR_SRC)/config/cfgroot/geoip-functions.pl $(CONFIG_ROOT)/
cd1a2927 82 cp $(DIR_SRC)/config/cfgroot/lang.pl $(CONFIG_ROOT)/
111c99dd 83 cp $(DIR_SRC)/config/cfgroot/countries.pl $(CONFIG_ROOT)/
341ff36c 84 cp $(DIR_SRC)/config/cfgroot/graphs.pl $(CONFIG_ROOT)/
c5e3d520 85 cp $(DIR_SRC)/config/cfgroot/modem-lib.pl $(CONFIG_ROOT)/
4e565351 86 cp $(DIR_SRC)/config/cfgroot/advoptions-list $(CONFIG_ROOT)/dhcp/advoptions-list
4e565351 87 cp $(DIR_SRC)/config/cfgroot/connscheduler-lib.pl $(CONFIG_ROOT)/connscheduler/lib.pl
1fde937c 88 cp $(DIR_SRC)/config/cfgroot/connscheduler.conf $(CONFIG_ROOT)/connscheduler
aa2870e6 89 cp $(DIR_SRC)/config/extrahd/* $(CONFIG_ROOT)/extrahd/bin/
958d26ac 90 cp $(DIR_SRC)/config/cfgroot/sensors-settings $(CONFIG_ROOT)/sensors/settings
111c99dd 91 cp $(DIR_SRC)/config/menu/* $(CONFIG_ROOT)/menu.d/
cd1a2927
MT
92 cp $(DIR_SRC)/config/cfgroot/modem-defaults $(CONFIG_ROOT)/modem/defaults
93 cp $(DIR_SRC)/config/cfgroot/modem-settings $(CONFIG_ROOT)/modem/settings
60cbd6e7 94 cp $(DIR_SRC)/config/cfgroot/nfs-server $(CONFIG_ROOT)/nfs/nfs-server
cd1a2927 95 cp $(DIR_SRC)/config/cfgroot/proxy-acl $(CONFIG_ROOT)/proxy/acl-1.4
111c99dd
MT
96 cp $(DIR_SRC)/config/qos/* $(CONFIG_ROOT)/qos/bin/
97 cp $(DIR_SRC)/config/cfgroot/ssh-settings $(CONFIG_ROOT)/remote/settings
cd1a2927 98 cp $(DIR_SRC)/config/cfgroot/time-settings $(CONFIG_ROOT)/time/settings
111c99dd 99 cp $(DIR_SRC)/config/cfgroot/logging-settings $(CONFIG_ROOT)/logging/settings
ed38f89d 100 cp $(DIR_SRC)/config/cfgroot/useragents $(CONFIG_ROOT)/proxy/advanced
d23fc912 101 cp $(DIR_SRC)/config/cfgroot/ethernet-vlans $(CONFIG_ROOT)/ethernet/vlans
111c99dd 102 cp $(DIR_SRC)/langs/list $(CONFIG_ROOT)/langs/
6921f0ea
AM
103 cp $(DIR_SRC)/config/firewall/convert-xtaccess /usr/sbin/convert-xtaccess
104 cp $(DIR_SRC)/config/firewall/convert-outgoingfw /usr/sbin/convert-outgoingfw
105 cp $(DIR_SRC)/config/firewall/convert-dmz /usr/sbin/convert-dmz
106 cp $(DIR_SRC)/config/firewall/convert-portfw /usr/sbin/convert-portfw
6d8eb5de 107 cp $(DIR_SRC)/config/firewall/p2protocols $(CONFIG_ROOT)/firewall/p2protocols
6921f0ea 108 cp $(DIR_SRC)/config/firewall/firewall-policy /usr/sbin/firewall-policy
111c99dd 109 cp $(DIR_SRC)/config/fwhosts/icmp-types $(CONFIG_ROOT)/fwhosts/icmp-types
af8bc0d0 110 cp $(DIR_SRC)/config/fwhosts/customservices $(CONFIG_ROOT)/fwhosts/customservices
a3f2459f 111 cp $(DIR_SRC)/config/fwhosts/customservices $(CONFIG_ROOT)/fwhosts/customservices.default
cd1a2927
MT
112 # Oneliner configfiles
113 echo "ENABLED=off" > $(CONFIG_ROOT)/vpn/settings
114 echo "VPN_DELAYED_START=0" >>$(CONFIG_ROOT)/vpn/settings
115 echo "01" > $(CONFIG_ROOT)/certs/serial
116 echo "nameserver 1.2.3.4" > $(CONFIG_ROOT)/ppp/fake-resolv.conf
5595bc03
CS
117 echo "DROPNEWNOTSYN=on" >> $(CONFIG_ROOT)/optionsfw/settings
118 echo "DROPINPUT=on" >> $(CONFIG_ROOT)/optionsfw/settings
c0ec1996 119 echo "DROPFORWARD=on" >> $(CONFIG_ROOT)/optionsfw/settings
9dafa928 120 echo "FWPOLICY=DROP" >> $(CONFIG_ROOT)/optionsfw/settings
4e62b47f 121 echo "FWPOLICY1=DROP" >> $(CONFIG_ROOT)/optionsfw/settings
36e9534f 122 echo "FWPOLICY2=DROP" >> $(CONFIG_ROOT)/optionsfw/settings
5595bc03 123 echo "DROPPORTSCAN=on" >> $(CONFIG_ROOT)/optionsfw/settings
4e62b47f 124 echo "DROPOUTGOING=on" >> $(CONFIG_ROOT)/optionsfw/settings
409cd018
MT
125 echo "DROPSAMBA=off" >> $(CONFIG_ROOT)/optionsfw/settings
126 echo "DROPPROXY=off" >> $(CONFIG_ROOT)/optionsfw/settings
5aa8edf6 127 echo "SHOWREMARK=on" >> $(CONFIG_ROOT)/optionsfw/settings
4f3bd0ca
AM
128 echo "SHOWCOLORS=on" >> $(CONFIG_ROOT)/optionsfw/settings
129 echo "SHOWTABLES=off" >> $(CONFIG_ROOT)/optionsfw/settings
ec329c06 130 echo "SHOWDROPDOWN=off" >> $(CONFIG_ROOT)/optionsfw/settings
a1fdbdac
AF
131 echo "DROPWIRELESSINPUT=on" >> $(CONFIG_ROOT)/optionsfw/settings
132 echo "DROPWIRELESSFORWARD=on" >> $(CONFIG_ROOT)/optionsfw/settings
6d8eb5de
AM
133 echo "POLICY=MODE2" >> $(CONFIG_ROOT)/firewall/settings
134 echo "POLICY1=MODE2" >> $(CONFIG_ROOT)/firewall/settings
73372ed4 135
d57c6162 136 # Add conntrack helper default settings
53a6b00c 137 for proto in FTP H323 IRC SIP TFTP; do \
d57c6162
MT
138 echo "CONNTRACK_$${proto}=on" >> $(CONFIG_ROOT)/optionsfw/settings; \
139 done
140
53a6b00c
MT
141 # Do not enable these by default because these are broken
142 for proto in AMANDA PPTP; do \
143 echo "CONNTRACK_$${proto}=off" >> $(CONFIG_ROOT)/optionsfw/settings; \
144 done
145
99e698d0
AM
146 # set converters executable
147 chmod 755 /usr/sbin/convert-*
73372ed4 148
cd1a2927
MT
149 # Modify variables in header.pl
150 sed -i -e "s+CONFIG_ROOT+$(CONFIG_ROOT)+g" \
151 -e "s+VERSION+$(VERSION)+g" \
152 $(CONFIG_ROOT)/header.pl
153
154 # Modify variables in general-functions.pl
155 sed -i -e "s+CONFIG_ROOT+$(CONFIG_ROOT)+g" \
156 -e "s+VERSION+$(VERSION)+g" \
157 $(CONFIG_ROOT)/general-functions.pl
158
159 # Modify CONFIG_ROOT in lang.pl
160 sed -i -e "s+CONFIG_ROOT+$(CONFIG_ROOT)+g" \
161 $(CONFIG_ROOT)/lang.pl
162
163 # Language files
462515e4 164 cp $(DIR_SRC)/langs/*/cgi-bin/*.pl $(CONFIG_ROOT)/langs/
231499fc 165
cd1a2927
MT
166 # Configroot permissions
167 chown -R nobody:nobody $(CONFIG_ROOT)
168 chown root:root $(CONFIG_ROOT)
d7fcd5da 169 for i in backup/ header.pl general-functions.pl graphs.pl lang.pl addon-lang/ langs/ red/ ; do \
cd1a2927
MT
170 chown -R root:root $(CONFIG_ROOT)/$$i; \
171 done
7b906cb2 172 chown -Rv root:root $(CONFIG_ROOT)/*/bin
cd1a2927
MT
173 chown root:nobody $(CONFIG_ROOT)/dhcpc
174
175 @$(POSTBUILD)