]>
Commit | Line | Data |
---|---|---|
cd1a2927 | 1 | ############################################################################### |
cd1a2927 | 2 | # # |
70df8302 | 3 | # IPFire.org - A linux based firewall # |
30335673 | 4 | # Copyright (C) 2007-2013 IPFire Team <info@ipfire.org> # |
70df8302 MT |
5 | # # |
6 | # This program is free software: you can redistribute it and/or modify # | |
cd1a2927 | 7 | # it under the terms of the GNU General Public License as published by # |
70df8302 | 8 | # the Free Software Foundation, either version 3 of the License, or # |
cd1a2927 MT |
9 | # (at your option) any later version. # |
10 | # # | |
70df8302 | 11 | # This program is distributed in the hope that it will be useful, # |
cd1a2927 MT |
12 | # but WITHOUT ANY WARRANTY; without even the implied warranty of # |
13 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # | |
14 | # GNU General Public License for more details. # | |
15 | # # | |
16 | # You should have received a copy of the GNU General Public License # | |
70df8302 | 17 | # along with this program. If not, see <http://www.gnu.org/licenses/>. # |
cd1a2927 | 18 | # # |
cd1a2927 MT |
19 | ############################################################################### |
20 | ||
21 | ############################################################################### | |
22 | # Definitions | |
23 | ############################################################################### | |
24 | ||
25 | include Config | |
26 | ||
15679d9f MT |
27 | VER = ipfire |
28 | ||
cd1a2927 MT |
29 | THISAPP = configroot |
30 | DIR_APP = $(DIR_SRC)/$(THISAPP) | |
31 | TARGET = $(DIR_INFO)/$(THISAPP) | |
32 | ||
33 | ############################################################################### | |
34 | # Top-level Rules | |
35 | ############################################################################### | |
36 | ||
37 | install : $(TARGET) | |
38 | ||
39 | check : | |
40 | ||
41 | download : | |
42 | ||
43 | md5 : | |
44 | ||
45 | ############################################################################### | |
46 | # Installation Details | |
47 | ############################################################################### | |
48 | ||
49 | $(TARGET) : | |
50 | @$(PREBUILD) | |
51 | ||
52 | # Create all directories | |
111c99dd | 53 | for i in addon-lang auth backup ca certs connscheduler crls ddns dhcp dhcpc dns dnsforward \ |
daa3a950 AF |
54 | ethernet extrahd/bin fwlogs fwhosts forward forward/bin isdn key langs logging mac main \ |
55 | menu.d modem net-traffic net-traffic/templates nfs optionsfw \ | |
9dafa928 | 56 | ovpn patches pakfire portfw ppp private proxy/advanced/cre \ |
d9716b06 CS |
57 | proxy/calamaris/bin qos/bin red remote sensors snort time tripwire/report \ |
58 | updatexlrator/bin updatexlrator/autocheck urlfilter/autoupdate urlfilter/bin upnp vpn \ | |
111c99dd | 59 | wakeonlan wireless ; do \ |
cd1a2927 MT |
60 | mkdir -p $(CONFIG_ROOT)/$$i; \ |
61 | done | |
62 | ||
63 | # Touch empty files | |
64 | for i in auth/users backup/include.user backup/exclude.user \ | |
1fde937c | 65 | certs/index.txt ddns/config ddns/noipsettings ddns/settings ddns/ipcache dhcp/settings \ |
111c99dd | 66 | dhcp/fixleases dhcp/advoptions dhcp/dhcpd.conf.local dns/settings dnsforward/config ethernet/aliases ethernet/settings ethernet/known_nics ethernet/scanned_nics \ |
daa3a950 | 67 | ethernet/wireless extrahd/scan extrahd/devices extrahd/partitions extrahd/settings forward/settings forward/config forward/input forward/outgoing forward/dmz forward/nat \ |
af8bc0d0 | 68 | fwhosts/customnetworks fwhosts/customhosts fwhosts/customgroups fwhosts/customservicegrp fwlogs/ipsettings fwlogs/portsettings \ |
231499fc | 69 | isdn/settings mac/settings main/disable_nf_sip main/hosts main/routing main/settings net-traffic/settings optionsfw/settings \ |
51379603 | 70 | ovpn/ccd.conf ovpn/ccdroute ovpn/ccdroute2 pakfire/settings portfw/config ppp/settings-1 ppp/settings-2 ppp/settings-3 ppp/settings-4 \ |
daa3a950 | 71 | ppp/settings-5 ppp/settings proxy/settings proxy/advanced/settings proxy/advanced/cre/enable remote/settings qos/settings qos/classes qos/subclasses qos/level7config qos/portconfig \ |
e645448e | 72 | qos/tosconfig snort/settings tripwire/settings upnp/settings vpn/config vpn/settings vpn/ipsec.conf \ |
4e565351 | 73 | vpn/ipsec.secrets vpn/caconfig wakeonlan/clients.conf wireless/config wireless/settings; do \ |
111c99dd | 74 | touch $(CONFIG_ROOT)/$$i; \ |
cd1a2927 MT |
75 | done |
76 | ||
77 | # Copy initial configfiles | |
78 | cp $(DIR_SRC)/config/cfgroot/header.pl $(CONFIG_ROOT)/ | |
79 | cp $(DIR_SRC)/config/cfgroot/general-functions.pl $(CONFIG_ROOT)/ | |
80 | cp $(DIR_SRC)/config/cfgroot/lang.pl $(CONFIG_ROOT)/ | |
111c99dd | 81 | cp $(DIR_SRC)/config/cfgroot/countries.pl $(CONFIG_ROOT)/ |
341ff36c | 82 | cp $(DIR_SRC)/config/cfgroot/graphs.pl $(CONFIG_ROOT)/ |
4e565351 | 83 | cp $(DIR_SRC)/config/cfgroot/advoptions-list $(CONFIG_ROOT)/dhcp/advoptions-list |
4e565351 | 84 | cp $(DIR_SRC)/config/cfgroot/connscheduler-lib.pl $(CONFIG_ROOT)/connscheduler/lib.pl |
1fde937c | 85 | cp $(DIR_SRC)/config/cfgroot/connscheduler.conf $(CONFIG_ROOT)/connscheduler |
aa2870e6 | 86 | cp $(DIR_SRC)/config/extrahd/* $(CONFIG_ROOT)/extrahd/bin/ |
958d26ac | 87 | cp $(DIR_SRC)/config/cfgroot/sensors-settings $(CONFIG_ROOT)/sensors/settings |
111c99dd | 88 | cp $(DIR_SRC)/config/menu/* $(CONFIG_ROOT)/menu.d/ |
cd1a2927 MT |
89 | cp $(DIR_SRC)/config/cfgroot/modem-defaults $(CONFIG_ROOT)/modem/defaults |
90 | cp $(DIR_SRC)/config/cfgroot/modem-settings $(CONFIG_ROOT)/modem/settings | |
10a04d70 | 91 | cp $(DIR_SRC)/config/cfgroot/net-traffic-lib.pl $(CONFIG_ROOT)/net-traffic/net-traffic-lib.pl |
111c99dd | 92 | cp $(DIR_SRC)/config/cfgroot/net-traffic-admin.pl $(CONFIG_ROOT)/net-traffic/net-traffic-admin.pl |
60cbd6e7 | 93 | cp $(DIR_SRC)/config/cfgroot/nfs-server $(CONFIG_ROOT)/nfs/nfs-server |
cd1a2927 | 94 | cp $(DIR_SRC)/config/cfgroot/proxy-acl $(CONFIG_ROOT)/proxy/acl-1.4 |
111c99dd MT |
95 | cp $(DIR_SRC)/config/qos/* $(CONFIG_ROOT)/qos/bin/ |
96 | cp $(DIR_SRC)/config/cfgroot/ssh-settings $(CONFIG_ROOT)/remote/settings | |
cd1a2927 | 97 | cp $(DIR_SRC)/config/cfgroot/time-settings $(CONFIG_ROOT)/time/settings |
111c99dd | 98 | cp $(DIR_SRC)/config/cfgroot/logging-settings $(CONFIG_ROOT)/logging/settings |
ed38f89d | 99 | cp $(DIR_SRC)/config/cfgroot/useragents $(CONFIG_ROOT)/proxy/advanced |
d23fc912 | 100 | cp $(DIR_SRC)/config/cfgroot/ethernet-vlans $(CONFIG_ROOT)/ethernet/vlans |
111c99dd MT |
101 | cp $(DIR_SRC)/langs/list $(CONFIG_ROOT)/langs/ |
102 | cp $(DIR_SRC)/config/forwardfw/rules.pl $(CONFIG_ROOT)/forward/bin/rules.pl | |
27f4a6b1 AM |
103 | cp $(DIR_SRC)/config/forwardfw/convert-xtaccess /usr/sbin/convert-xtaccess |
104 | cp $(DIR_SRC)/config/forwardfw/convert-outgoingfw /usr/sbin/convert-outgoingfw | |
a60dbb4b AM |
105 | cp $(DIR_SRC)/config/forwardfw/convert-dmz /usr/sbin/convert-dmz |
106 | cp $(DIR_SRC)/config/forwardfw/convert-portfw /usr/sbin/convert-portfw | |
7f9d1c39 | 107 | cp $(DIR_SRC)/config/forwardfw/p2protocols $(CONFIG_ROOT)/forward/p2protocols |
111c99dd | 108 | cp $(DIR_SRC)/config/forwardfw/firewall-lib.pl $(CONFIG_ROOT)/forward/bin/firewall-lib.pl |
5d7faa45 | 109 | cp $(DIR_SRC)/config/forwardfw/firewall-policy /usr/sbin/firewall-policy |
111c99dd | 110 | cp $(DIR_SRC)/config/fwhosts/icmp-types $(CONFIG_ROOT)/fwhosts/icmp-types |
af8bc0d0 | 111 | cp $(DIR_SRC)/config/fwhosts/customservices $(CONFIG_ROOT)/fwhosts/customservices |
cd1a2927 MT |
112 | # Oneliner configfiles |
113 | echo "ENABLED=off" > $(CONFIG_ROOT)/vpn/settings | |
114 | echo "VPN_DELAYED_START=0" >>$(CONFIG_ROOT)/vpn/settings | |
115 | echo "01" > $(CONFIG_ROOT)/certs/serial | |
116 | echo "nameserver 1.2.3.4" > $(CONFIG_ROOT)/ppp/fake-resolv.conf | |
5595bc03 CS |
117 | echo "DROPNEWNOTSYN=on" >> $(CONFIG_ROOT)/optionsfw/settings |
118 | echo "DROPINPUT=on" >> $(CONFIG_ROOT)/optionsfw/settings | |
c0ec1996 | 119 | echo "DROPFORWARD=on" >> $(CONFIG_ROOT)/optionsfw/settings |
9dafa928 | 120 | echo "FWPOLICY=DROP" >> $(CONFIG_ROOT)/optionsfw/settings |
4e62b47f | 121 | echo "FWPOLICY1=DROP" >> $(CONFIG_ROOT)/optionsfw/settings |
36e9534f | 122 | echo "FWPOLICY2=DROP" >> $(CONFIG_ROOT)/optionsfw/settings |
5595bc03 | 123 | echo "DROPPORTSCAN=on" >> $(CONFIG_ROOT)/optionsfw/settings |
4e62b47f | 124 | echo "DROPOUTGOING=on" >> $(CONFIG_ROOT)/optionsfw/settings |
a0fb1099 AM |
125 | echo "DROPSAMBA=on" >> $(CONFIG_ROOT)/optionsfw/settings |
126 | echo "DROPPROXY=on" >> $(CONFIG_ROOT)/optionsfw/settings | |
5aa8edf6 | 127 | echo "SHOWREMARK=on" >> $(CONFIG_ROOT)/optionsfw/settings |
4f3bd0ca AM |
128 | echo "SHOWCOLORS=on" >> $(CONFIG_ROOT)/optionsfw/settings |
129 | echo "SHOWTABLES=off" >> $(CONFIG_ROOT)/optionsfw/settings | |
ec329c06 | 130 | echo "SHOWDROPDOWN=off" >> $(CONFIG_ROOT)/optionsfw/settings |
34f30c5f AM |
131 | echo "DROPWIRELESSINPUT=off" >> $(CONFIG_ROOT)/optionsfw/settings |
132 | echo "DROPWIRELESSFORWARD=off" >> $(CONFIG_ROOT)/optionsfw/settings | |
7bd9d462 | 133 | echo "POLICY=MODE2" >> $(CONFIG_ROOT)/forward/settings |
4e62b47f | 134 | echo "POLICY1=MODE2" >> $(CONFIG_ROOT)/forward/settings |
bc329725 | 135 | |
111c99dd MT |
136 | # set rules.pl executable |
137 | chmod 755 $(CONFIG_ROOT)/forward/bin/rules.pl | |
27f4a6b1 | 138 | |
99e698d0 AM |
139 | # set converters executable |
140 | chmod 755 /usr/sbin/convert-* | |
141 | ||
cd1a2927 MT |
142 | # Modify variables in header.pl |
143 | sed -i -e "s+CONFIG_ROOT+$(CONFIG_ROOT)+g" \ | |
144 | -e "s+VERSION+$(VERSION)+g" \ | |
145 | $(CONFIG_ROOT)/header.pl | |
146 | ||
147 | # Modify variables in general-functions.pl | |
148 | sed -i -e "s+CONFIG_ROOT+$(CONFIG_ROOT)+g" \ | |
149 | -e "s+VERSION+$(VERSION)+g" \ | |
150 | $(CONFIG_ROOT)/general-functions.pl | |
151 | ||
152 | # Modify CONFIG_ROOT in lang.pl | |
153 | sed -i -e "s+CONFIG_ROOT+$(CONFIG_ROOT)+g" \ | |
154 | $(CONFIG_ROOT)/lang.pl | |
155 | ||
156 | # Language files | |
462515e4 | 157 | cp $(DIR_SRC)/langs/*/cgi-bin/*.pl $(CONFIG_ROOT)/langs/ |
231499fc | 158 | |
cd1a2927 MT |
159 | # Configroot permissions |
160 | chown -R nobody:nobody $(CONFIG_ROOT) | |
161 | chown root:root $(CONFIG_ROOT) | |
d7fcd5da | 162 | for i in backup/ header.pl general-functions.pl graphs.pl lang.pl addon-lang/ langs/ red/ ; do \ |
cd1a2927 MT |
163 | chown -R root:root $(CONFIG_ROOT)/$$i; \ |
164 | done | |
7b906cb2 | 165 | chown -Rv root:root $(CONFIG_ROOT)/*/bin |
cd1a2927 MT |
166 | chown root:nobody $(CONFIG_ROOT)/dhcpc |
167 | ||
168 | @$(POSTBUILD) |