###############################################################################
-# This file is part of the IPCop Firewall. #
# #
-# IPCop is free software; you can redistribute it and/or modify #
+# IPFire.org - A linux based firewall #
+# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
+# #
+# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation; either version 2 of the License, or #
+# the Free Software Foundation, either version 3 of the License, or #
# (at your option) any later version. #
# #
-# IPCop is distributed in the hope that it will be useful, #
+# This program is distributed in the hope that it will be useful, #
# but WITHOUT ANY WARRANTY; without even the implied warranty of #
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
# GNU General Public License for more details. #
# #
# You should have received a copy of the GNU General Public License #
-# along with IPCop; if not, write to the Free Software #
-# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA #
-# #
-# Makefiles are based on LFSMake, which is #
-# Copyright (C) 2002 Rod Roard <rod@sunsetsystems.com> #
+# along with this program. If not, see <http://www.gnu.org/licenses/>. #
# #
###############################################################################
include Config
-VER = 2.6.16
-PATCHLEVEL = 2.6.16.27
+PATCHLEVEL = .57
+VER = 2.6.16.57
THISAPP = linux-$(VER)
-DL_FILE = $(THISAPP).tar.gz
+DL_FILE = $(THISAPP).tar.bz2
DL_FROM = $(URL_IPFIRE)
DIR_APP = $(DIR_SRC)/$(THISAPP)
CFLAGS =
# Normal build or SMP build.
#
ifeq "$(SMP)" "1"
- TARGET = $(DIR_INFO)/linux-$(PATCHLEVEL)-ipfire-smp
+ TARGET = $(DIR_INFO)/linux-$(VER)-smp
else
- TARGET = $(DIR_INFO)/linux-$(PATCHLEVEL)-ipfire
+ TARGET = $(DIR_INFO)/linux-$(VER)
endif
+
###############################################################################
# Top-level Rules
###############################################################################
objects =$(DL_FILE) \
- openswan-2.4.7.kernel-2.6-natt.patch.gz \
- openswan-2.4.7.kernel-2.6-klips.patch.gz \
+ mISDN-1_1_5.tar.gz \
+ squashfs3.2-r2.tar.gz \
iptables-1.3.5.tar.bz2 \
patch-o-matic-ng-20061210.tar.bz2 \
- kbc_option_2420.patch \
- net4801.kernel.patch_2.4.31 \
- netfilter-layer7-v2.6.tar.gz \
- patch-$(PATCHLEVEL).gz
-
-$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-patch-$(PATCHLEVEL).gz = $(DL_FROM)/patch-$(PATCHLEVEL).gz
-openswan-2.4.7.kernel-2.6-natt.patch.gz = $(URL_IPFIRE)/openswan-2.4.7.kernel-2.6-natt.patch.gz
-openswan-2.4.7.kernel-2.6-klips.patch.gz = $(URL_IPFIRE)/openswan-2.4.7.kernel-2.6-klips.patch.gz
-patch-o-matic-ng-20061210.tar.bz2 = $(URL_IPFIRE)/patch-o-matic-ng-20061210.tar.bz2
-iptables-1.3.5.tar.bz2 = $(URL_IPFIRE)/iptables-1.3.5.tar.bz2
-kbc_option_2420.patch = $(URL_IPFIRE)/kbc_option_2420.patch
-net4801.kernel.patch_2.4.31 = $(URL_IPFIRE)/net4801.kernel.patch_2.4.31
-netfilter-layer7-v2.6.tar.gz = $(URL_IPFIRE)/netfilter-layer7-v2.6.tar.gz
-
-$(DL_FILE)_MD5 = 50695965725367f39007023feac5e256
-patch-$(PATCHLEVEL).gz_MD5 = 4b09dd018286850c20c0f051ced7b583
-openswan-2.4.7.kernel-2.6-natt.patch.gz_MD5 = 980d8bbdb29a761b7f5aa852f373df62
-openswan-2.4.7.kernel-2.6-klips.patch.gz_MD5 = 5df0ffa2453488a407a23fc4ea4af879
-patch-o-matic-ng-20061210.tar.bz2_MD5 = 76edac76301b45f89e467b41c8cf4393
+ netfilter-layer7-v2.9.tar.gz \
+ patch-2.6.16-nath323-1.3.bz2 \
+ openswan-2.4.9.tar.gz
+
+$(DL_FILE) = $(URL_IPFIRE)/$(DL_FILE)
+patch-o-matic-ng-20061210.tar.bz2 = $(URL_IPFIRE)/patch-o-matic-ng-20061210.tar.bz2
+iptables-1.3.5.tar.bz2 = $(URL_IPFIRE)/iptables-1.3.5.tar.bz2
+netfilter-layer7-v2.9.tar.gz = $(URL_IPFIRE)/netfilter-layer7-v2.9.tar.gz
+patch-2.6.16-nath323-1.3.bz2 = $(URL_IPFIRE)/patch-2.6.16-nath323-1.3.bz2
+squashfs3.2-r2.tar.gz = $(URL_IPFIRE)/squashfs3.2-r2.tar.gz
+mISDN-1_1_5.tar.gz = $(URL_IPFIRE)/mISDN-1_1_5.tar.gz
+openswan-2.4.9.tar.gz = $(URL_IPFIRE)/openswan-2.4.9.tar.gz
+
+$(DL_FILE)_MD5 = d6f37a2967be44ab2696eef3132d4b0a
+patch-o-matic-ng-20061210.tar.bz2_MD5 = 76edac76301b45f89e467b41c8cf4393
iptables-1.3.5.tar.bz2_MD5 = 00fb916fa8040ca992a5ace56d905ea5
-kbc_option_2420.patch_MD5 = 6d37870344f7fcf97ace1fbf43323c60
-net4801.kernel.patch_2.4.31_MD5 = c7d64e3caedb2f2b10e1c11db7f73a04
-netfilter-layer7-v2.6.tar.gz_MD5 = 58135cd1aafaf4ae2fa478159206f064
+netfilter-layer7-v2.9.tar.gz_MD5 = ebf9043a5352ebe6dbd721989ef83dee
+patch-2.6.16-nath323-1.3.bz2_MD5 = f926409ff703a307baf54b57ab75d138
+squashfs3.2-r2.tar.gz_MD5 = bf360b92eba9e6d5610196ce2e02fcd1
+mISDN-1_1_5.tar.gz_MD5 = 93b1cff7817b82638a0475c2b7b7f1b6
+openswan-2.4.9.tar.gz_MD5 = 845f12d80d443cfa1a52f2b53b987bee
install : $(TARGET)
$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
@$(PREBUILD)
- @rm -rf $(DIR_APP) $(DIR_SRC)/linux && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
+ @rm -rf $(DIR_APP) $(DIR_SRC)/linux $(DIR_SRC)/xen-* && cd $(DIR_SRC) && tar jxf $(DIR_DL)/$(DL_FILE)
+ ln -s linux-$(VER) /usr/src/linux
- # Update kernel to latest patchlevel
- cd $(DIR_APP) && zcat $(DIR_DL)/patch-$(PATCHLEVEL).gz | patch -p1
+ # An UTF8 patch from LFS
cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux-2.6.16.27-utf8_input-1.patch
- # Remove patch level in EXTRAVERSION.
- # We want to avoid the need to supply a full kernel
- # (installed in a different place) if only one part could be updated
- cd $(DIR_APP) && sed -i -e 's/EXTRAVERSION\ =.*/EXTRAVERSION\ =/' Makefile
- cd $(DIR_APP) && sed -i -e 's/-Werror//' drivers/scsi/aic7xxx/Makefile
- cd $(DIR_APP) && sed -i -e 's/gettext//' scripts/kconfig/lkc.h
# Openswan 2
cd $(DIR_SRC) && rm -rf openswan-*
- cd $(DIR_SRC) && tar xfz $(DIR_DL)/openswan-2.4.7.tar.gz
- cd $(DIR_APP) && gzip -dc $(DIR_DL)/openswan-2.4.7.kernel-2.6-natt.patch.gz | patch -Np1
- cd $(DIR_APP) && gzip -dc $(DIR_DL)/openswan-2.4.7.kernel-2.6-klips.patch.gz | patch -Np1
+ cd $(DIR_SRC) && tar xfz $(DIR_DL)/openswan-2.4.9.tar.gz
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/openswan-2.4.9.kernel-2.6-klips.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/openswan-2.4.9.kernel-2.6-natt.patch
+
cd $(DIR_SRC)/openswan-* && sed -i -e 's/INC_USRLOCAL=\/usr\/local/INC_USRLOCAL=\/usr/' Makefile.inc
+ # H323 conntrack
+ cd $(DIR_APP) && bunzip2 -cd $(DIR_DL)/patch-2.6.16-nath323-1.3.bz2 | patch -Np1
+
+ # Reiser4
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/reiser4-for-2.6.16-5.patch
+
+ # SquashFS
+ cd $(DIR_SRC) && rm -rf squashfs*
+ cd $(DIR_SRC) && tar xfz $(DIR_DL)/squashfs3.2-r2.tar.gz
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/squashfs3.2-r2/kernel-patches/linux-2.6.16/squashfs3.2-patch
+
+ # ip_conntrack permissions from 440 to 444
+ cd $(DIR_APP) && patch -Np0 < $(DIR_SRC)/src/patches/ip_conntrack_standalone-patch-for-ipfire.patch
+
+ # Some VIA patches
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/padlock-prereq-2.6.16.diff
+ cd $(DIR_APP) && patch -Np0 < $(DIR_SRC)/src/patches/epia_dma.patch
+
# Patch-o-matic
- cd $(DIR_SRC) && rm -rf iptables-*
+ cd $(DIR_SRC) && rm -rf iptables-* patch-o-matic*
cd $(DIR_SRC) && tar xfj $(DIR_DL)/iptables-1.3.5.tar.bz2
cd $(DIR_SRC) && ln -sf iptables-1.3.5 iptables
- cd $(DIR_SRC) && rm -rf patch-o-matic*
cd $(DIR_SRC) && tar xfj $(DIR_DL)/patch-o-matic-ng-20061210.tar.bz2
-
cd $(DIR_SRC)/patch-o-matic-ng* && \
- ./runme --batch --kernel-path=$(ROOT)/usr/src/$(THISAPP)/ --iptables-path=$(ROOT)/usr/src/iptables/ \
- TARPIT h323-conntrack-nat cuseeme-nat \
- sip-conntrack-nat
- # rtsp-conntrack-nat quake3-conntrack-nat mms-conntrack-nat
-
-# cd $(DIR_SRC)/patch-o-matic* && yes 'y' | ./runme --kernel-path=$(DIR_APP) --iptables-path=$(ROOT)/usr/src/iptables/ pending
-# cd $(DIR_SRC)/patch-o-matic* && yes 'y' | ./runme --kernel-path=$(DIR_APP) --iptables-path=$(ROOT)/usr/src/iptables/ base
-# cd $(DIR_SRC)/patch-o-matic* && yes 'y' | ./runme --kernel-path=$(DIR_APP) --iptables-path=$(ROOT)/usr/src/iptables/ mms-conntrack-nat
-# cd $(DIR_SRC)/patch-o-matic* && yes 'y' | ./runme --kernel-path=$(DIR_APP) --iptables-path=$(ROOT)/usr/src/iptables/ pptp-conntrack-nat
-# cd $(DIR_SRC)/patch-o-matic* && yes 'y' | ./runme --kernel-path=$(DIR_APP) --iptables-path=$(ROOT)/usr/src/iptables/ rtsp-conntrack
-# cd $(DIR_SRC)/patch-o-matic* && yes 'y' | ./runme --kernel-path=$(DIR_APP) --iptables-path=$(ROOT)/usr/src/iptables/ quake3-conntrack-nat
-# cd $(DIR_SRC)/patch-o-matic* && yes 'y' | ./runme --kernel-path=$(DIR_APP) --iptables-path=$(ROOT)/usr/src/iptables/ ip_queue_vwmark
-# cd $(DIR_SRC)/patch-o-matic* && yes 'y' | ./runme --kernel-path=$(DIR_APP) --iptables-path=$(ROOT)/usr/src/iptables/ ipp2p
-# cd $(DIR_SRC)/patch-o-matic* && yes 'y' | ./runme --kernel-path=$(DIR_APP) --iptables-path=$(ROOT)/usr/src/iptables/ ipsec-01-output-hooks
-# cd $(DIR_SRC)/patch-o-matic* && yes 'y' | ./runme --kernel-path=$(DIR_APP) --iptables-path=$(ROOT)/usr/src/iptables/ ipsec-02-input-hooks
-# cd $(DIR_SRC)/patch-o-matic* && yes 'y' | ./runme --kernel-path=$(DIR_APP) --iptables-path=$(ROOT)/usr/src/iptables/ ipsec-03-policy-lookup
-# cd $(DIR_SRC)/patch-o-matic* && yes 'y' | ./runme --kernel-path=$(DIR_APP) --iptables-path=$(ROOT)/usr/src/iptables/ ipsec-04-policy-checks
-
+ ./runme --batch --kernel-path=$(ROOT)/usr/src/$(THISAPP)/ \
+ --iptables-path=$(ROOT)/usr/src/iptables/ \
+ sip-conntrack-nat rtsp-conntrack-nat \
+ mms-conntrack-nat
+
# Layer7-patch
- cd $(DIR_SRC) && tar xzf $(DIR_DL)/netfilter-layer7-v2.6.tar.gz
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/netfilter-layer7-v2.6/for_older_kernels/kernel-2.6.13-2.6.16-layer7-2.2.patch
+ cd $(DIR_SRC) && rm -rf $(DIR_SRC)/netfilter-layer7-v2.9
+ cd $(DIR_SRC) && tar xzf $(DIR_DL)/netfilter-layer7-v2.9.tar.gz
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/netfilter-layer7-v2.9/for_older_kernels/kernel-2.6.13-2.6.16-layer7-2.2.patch
- # ip_conntrack permissions from 440 to 444
- # cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/ip_conntrack_standalone-patch-for-ipfire.patch
+ # Linux Intermediate Queueing Device
+ifeq "$(XEN)" ""
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux-2.6.16-imq2.diff
+endif
+
+ # mISDN
+ cd $(DIR_SRC) && rm -rf mISDN-*
+ cd $(DIR_SRC) && tar xfz $(DIR_DL)/mISDN-1_1_5.tar.gz
+ cd $(DIR_SRC)/mISDN-1_1_5 && yes 'yes' | ./std2kern -k /usr/src/linux
+
+ cd $(DIR_APP)/drivers/isdn/hardware/mISDN && patch -Np0 < $(DIR_SRC)/src/patches/mISDN-avmfritz.patch
ifeq "$(SMP)" ""
# Only do this once on the non-SMP pass
cd $(DIR_SRC) && tar czf $(DIR_DL)/iptables-fixed.tar.gz iptables-1.3.5
endif
- # Bootsplash
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/bootsplash-3.1.6-2.6.15.diff
-
# Cleanup kernel source
cd $(DIR_APP) && make mrproper
-ifeq "$(SMP)" ""
- cp $(DIR_SRC)/config/kernel/kernel.config.$(MACHINE) $(DIR_APP)/.config
-endif
ifeq "$(SMP)" "1"
cp $(DIR_SRC)/config/kernel/kernel.config.$(MACHINE).smp $(DIR_APP)/.config
+else
+ cp $(DIR_SRC)/config/kernel/kernel.config.$(MACHINE) $(DIR_APP)/.config
endif
cd $(DIR_APP) && make CC="$(KGCC)" oldconfig
cd $(DIR_APP) && make CC="$(KGCC)" clean
- if [ "$(PASS)" = "" ]; then \
- cd $(DIR_APP) && make $(MAKETUNING) CC="$(KGCC)" bzImage; \
- cd $(DIR_APP) && cp -v arch/i386/boot/bzImage /boot/vmlinuz-$(VER); \
- cd $(DIR_APP) && cp -v System.map /boot/System.map-$(VER); \
- cd $(DIR_APP) && cp -v .config /boot/config-$(VER); \
- ln -sf vmlinuz-$(VER) /boot/vmlinuz; \
- ln -sf System.map-$(VER) /boot/System.map; \
- cd $(DIR_APP) && make CC="$(KGCC)" $(MAKETUNING) modules; \
- cd $(DIR_APP) && make CC="$(KGCC)" $(MAKETUNING) modules_install; \
- cd $(DIR_SRC)/openswan-* && make KERNELSRC=/usr/src/$(THISAPP) CC=$(CC) module; \
- cd $(DIR_SRC)/openswan-* && make KERNELSRC=/usr/src/$(THISAPP) CC=$(CC) minstall; \
- elif [ "$(PASS)" = "S" ]; then \
- cd $(DIR_APP) && sed -i -e 's/EXTRAVERSION\ =/EXTRAVERSION\ =\ -smp/' Makefile; \
- cd $(DIR_APP) && make $(MAKETUNING) CC="$(KGCC)" bzImage; \
- cd $(DIR_APP) && cp -v arch/i386/boot/bzImage /boot/vmlinuz-$(VER)-smp; \
- cd $(DIR_APP) && cp -v System.map /boot/System.map-$(VER)-smp; \
- cd $(DIR_APP) && cp -v .config /boot/config-$(VER); \
- ln -sf vmlinuz-$(VER)-smp /boot/vmlinuz-smp; \
- cd $(DIR_APP) && make CC="$(KGCC)" $(MAKETUNING) modules; \
- cd $(DIR_APP) && make CC="$(KGCC)" $(MAKETUNING) modules_install; \
- cd $(DIR_SRC)/openswan-* && make KERNELSRC=/usr/src/$(THISAPP) CC=$(CC) module; \
- cd $(DIR_SRC)/openswan-* && make KERNELSRC=/usr/src/$(THISAPP) CC=$(CC) minstall; \
- fi
-
- # remove symlinked pcmcia directory
-ifeq "$(SMP)" ""
- rm -rf /lib/modules/$(VER)/pcmcia
-endif
+
ifeq "$(SMP)" "1"
- rm -rf /lib/modules/$(VER)-smp/pcmcia
+ cd $(DIR_APP) && sed -i -e 's/EXTRAVERSION\ =.*/EXTRAVERSION\ =\ $(PATCHLEVEL)-ipfire-smp/' Makefile
+ cd $(DIR_APP) && make $(MAKETUNING) CC="$(KGCC)" bzImage
+ cd $(DIR_APP) && cp -v arch/i386/boot/bzImage /boot/vmlinuz-$(VER)-ipfire-smp
+ cd $(DIR_APP) && cp -v System.map /boot/System.map-$(VER)-ipfire-smp
+ ln -sf vmlinuz-$(VER)-ipfire-smp /boot/vmlinuz-ipfire-smp
+ cd $(DIR_APP) && make CC="$(KGCC)" $(MAKETUNING) modules
+ cd $(DIR_APP) && make CC="$(KGCC)" $(MAKETUNING) modules_install
+else
+ cd $(DIR_APP) && sed -i -e 's/EXTRAVERSION\ =.*/EXTRAVERSION\ =\ $(PATCHLEVEL)-ipfire/' Makefile
+ cd $(DIR_APP) && make $(MAKETUNING) CC="$(KGCC)" bzImage
+ cd $(DIR_APP) && cp -v arch/i386/boot/bzImage /boot/vmlinuz-$(VER)-ipfire
+ cd $(DIR_APP) && cp -v System.map /boot/System.map-$(VER)-ipfire
+ cd $(DIR_APP) && cp -v .config /boot/config-$(VER)-ipfire
+ ln -sf vmlinuz-$(VER)-ipfire /boot/vmlinuz-ipfire
+ ln -sf System.map-$(VER)-ipfire /boot/System.map-ipfire
+ cd $(DIR_APP) && make CC="$(KGCC)" $(MAKETUNING) modules
+ cd $(DIR_APP) && make CC="$(KGCC)" $(MAKETUNING) modules_install
endif
- @rm -rf $(DIR_SRC)/patch-o-matic* $(DIR_SRC)/iptables*
+
+ifeq "$(SMP)" ""
+ # Only do this once on the non-SMP pass
+ cd $(DIR_APP) && install -m 755 usr/gen_init_cpio /sbin/
+endif
+
+ @rm -rf $(DIR_SRC)/patch-o-matic* $(DIR_SRC)/iptables* $(DIR_SRC)/squashfs* $(DIR_SRC)/mISDN-* $(DIR_SRC)/netfilter-layer7-*
@$(POSTBUILD)