############################################################################### # This file is part of the IPCop Firewall. # # # # IPCop is free software; you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # # the Free Software Foundation; either version 2 of the License, or # # (at your option) any later version. # # # # IPCop is distributed in the hope that it will be useful, # # but WITHOUT ANY WARRANTY; without even the implied warranty of # # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # # GNU General Public License for more details. # # # # You should have received a copy of the GNU General Public License # # along with IPCop; if not, write to the Free Software # # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA # # # # Makefiles are based on LFSMake, which is # # Copyright (C) 2002 Rod Roard # # # ############################################################################### ############################################################################### # Definitions ############################################################################### include Config VER = 2.6.16 PATCHLEVEL = 2.6.16.27 THISAPP = linux-$(VER) DL_FILE = $(THISAPP).tar.gz DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) CFLAGS = CXXFLAGS = # Normal build or SMP build. # ifeq "$(SMP)" "1" TARGET = $(DIR_INFO)/linux-$(PATCHLEVEL)-ipfire-smp else TARGET = $(DIR_INFO)/linux-$(PATCHLEVEL)-ipfire endif ############################################################################### # Top-level Rules ############################################################################### objects =$(DL_FILE) \ openswan-2.4.7.kernel-2.6-natt.patch.gz \ openswan-2.4.7.kernel-2.6-klips.patch.gz \ iptables-1.3.5.tar.bz2 \ patch-o-matic-ng-20061210.tar.bz2 \ kbc_option_2420.patch \ net4801.kernel.patch_2.4.31 \ netfilter-layer7-v2.6.tar.gz \ patch-$(PATCHLEVEL).gz $(DL_FILE) = $(DL_FROM)/$(DL_FILE) patch-$(PATCHLEVEL).gz = $(DL_FROM)/patch-$(PATCHLEVEL).gz openswan-2.4.7.kernel-2.6-natt.patch.gz = $(URL_IPFIRE)/openswan-2.4.7.kernel-2.6-natt.patch.gz openswan-2.4.7.kernel-2.6-klips.patch.gz = $(URL_IPFIRE)/openswan-2.4.7.kernel-2.6-klips.patch.gz patch-o-matic-ng-20061210.tar.bz2 = $(URL_IPFIRE)/patch-o-matic-ng-20061210.tar.bz2 iptables-1.3.5.tar.bz2 = $(URL_IPFIRE)/iptables-1.3.5.tar.bz2 kbc_option_2420.patch = $(URL_IPFIRE)/kbc_option_2420.patch net4801.kernel.patch_2.4.31 = $(URL_IPFIRE)/net4801.kernel.patch_2.4.31 netfilter-layer7-v2.6.tar.gz = $(URL_IPFIRE)/netfilter-layer7-v2.6.tar.gz $(DL_FILE)_MD5 = 50695965725367f39007023feac5e256 patch-$(PATCHLEVEL).gz_MD5 = 4b09dd018286850c20c0f051ced7b583 openswan-2.4.7.kernel-2.6-natt.patch.gz_MD5 = 980d8bbdb29a761b7f5aa852f373df62 openswan-2.4.7.kernel-2.6-klips.patch.gz_MD5 = 5df0ffa2453488a407a23fc4ea4af879 patch-o-matic-ng-20061210.tar.bz2_MD5 = 76edac76301b45f89e467b41c8cf4393 iptables-1.3.5.tar.bz2_MD5 = 00fb916fa8040ca992a5ace56d905ea5 kbc_option_2420.patch_MD5 = 6d37870344f7fcf97ace1fbf43323c60 net4801.kernel.patch_2.4.31_MD5 = c7d64e3caedb2f2b10e1c11db7f73a04 netfilter-layer7-v2.6.tar.gz_MD5 = 58135cd1aafaf4ae2fa478159206f064 install : $(TARGET) check : $(patsubst %,$(DIR_CHK)/%,$(objects)) download :$(patsubst %,$(DIR_DL)/%,$(objects)) md5 : $(subst %,%_MD5,$(objects)) ############################################################################### # Downloading, checking, md5sum ############################################################################### $(patsubst %,$(DIR_CHK)/%,$(objects)) : @$(CHECK) $(patsubst %,$(DIR_DL)/%,$(objects)) : @$(LOAD) $(subst %,%_MD5,$(objects)) : @$(MD5) ############################################################################### # Installation Details ############################################################################### $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) @rm -rf $(DIR_APP) $(DIR_SRC)/linux && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE) ln -s linux-$(VER) /usr/src/linux # Update kernel to latest patchlevel cd $(DIR_APP) && zcat $(DIR_DL)/patch-$(PATCHLEVEL).gz | patch -p1 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux-2.6.16.27-utf8_input-1.patch # Remove patch level in EXTRAVERSION. # We want to avoid the need to supply a full kernel # (installed in a different place) if only one part could be updated cd $(DIR_APP) && sed -i -e 's/EXTRAVERSION\ =.*/EXTRAVERSION\ =/' Makefile cd $(DIR_APP) && sed -i -e 's/-Werror//' drivers/scsi/aic7xxx/Makefile cd $(DIR_APP) && sed -i -e 's/gettext//' scripts/kconfig/lkc.h # Openswan 2 cd $(DIR_SRC) && rm -rf openswan-* cd $(DIR_SRC) && tar xfz $(DIR_DL)/openswan-2.4.7.tar.gz cd $(DIR_APP) && gzip -dc $(DIR_DL)/openswan-2.4.7.kernel-2.6-natt.patch.gz | patch -Np1 cd $(DIR_APP) && gzip -dc $(DIR_DL)/openswan-2.4.7.kernel-2.6-klips.patch.gz | patch -Np1 cd $(DIR_SRC)/openswan-* && sed -i -e 's/INC_USRLOCAL=\/usr\/local/INC_USRLOCAL=\/usr/' Makefile.inc # Patch-o-matic cd $(DIR_SRC) && rm -rf iptables-* cd $(DIR_SRC) && tar xfj $(DIR_DL)/iptables-1.3.5.tar.bz2 cd $(DIR_SRC) && ln -sf iptables-1.3.5 iptables cd $(DIR_SRC) && rm -rf patch-o-matic* cd $(DIR_SRC) && tar xfj $(DIR_DL)/patch-o-matic-ng-20061210.tar.bz2 cd $(DIR_SRC)/patch-o-matic-ng* && \ ./runme --batch --kernel-path=$(ROOT)/usr/src/$(THISAPP)/ --iptables-path=$(ROOT)/usr/src/iptables/ \ TARPIT h323-conntrack-nat cuseeme-nat \ sip-conntrack-nat # rtsp-conntrack-nat quake3-conntrack-nat mms-conntrack-nat # cd $(DIR_SRC)/patch-o-matic* && yes 'y' | ./runme --kernel-path=$(DIR_APP) --iptables-path=$(ROOT)/usr/src/iptables/ pending # cd $(DIR_SRC)/patch-o-matic* && yes 'y' | ./runme --kernel-path=$(DIR_APP) --iptables-path=$(ROOT)/usr/src/iptables/ base # cd $(DIR_SRC)/patch-o-matic* && yes 'y' | ./runme --kernel-path=$(DIR_APP) --iptables-path=$(ROOT)/usr/src/iptables/ mms-conntrack-nat # cd $(DIR_SRC)/patch-o-matic* && yes 'y' | ./runme --kernel-path=$(DIR_APP) --iptables-path=$(ROOT)/usr/src/iptables/ pptp-conntrack-nat # cd $(DIR_SRC)/patch-o-matic* && yes 'y' | ./runme --kernel-path=$(DIR_APP) --iptables-path=$(ROOT)/usr/src/iptables/ rtsp-conntrack # cd $(DIR_SRC)/patch-o-matic* && yes 'y' | ./runme --kernel-path=$(DIR_APP) --iptables-path=$(ROOT)/usr/src/iptables/ quake3-conntrack-nat # cd $(DIR_SRC)/patch-o-matic* && yes 'y' | ./runme --kernel-path=$(DIR_APP) --iptables-path=$(ROOT)/usr/src/iptables/ ip_queue_vwmark # cd $(DIR_SRC)/patch-o-matic* && yes 'y' | ./runme --kernel-path=$(DIR_APP) --iptables-path=$(ROOT)/usr/src/iptables/ ipp2p # cd $(DIR_SRC)/patch-o-matic* && yes 'y' | ./runme --kernel-path=$(DIR_APP) --iptables-path=$(ROOT)/usr/src/iptables/ ipsec-01-output-hooks # cd $(DIR_SRC)/patch-o-matic* && yes 'y' | ./runme --kernel-path=$(DIR_APP) --iptables-path=$(ROOT)/usr/src/iptables/ ipsec-02-input-hooks # cd $(DIR_SRC)/patch-o-matic* && yes 'y' | ./runme --kernel-path=$(DIR_APP) --iptables-path=$(ROOT)/usr/src/iptables/ ipsec-03-policy-lookup # cd $(DIR_SRC)/patch-o-matic* && yes 'y' | ./runme --kernel-path=$(DIR_APP) --iptables-path=$(ROOT)/usr/src/iptables/ ipsec-04-policy-checks # Layer7-patch cd $(DIR_SRC) && tar xzf $(DIR_DL)/netfilter-layer7-v2.6.tar.gz cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/netfilter-layer7-v2.6/for_older_kernels/kernel-2.6.13-2.6.16-layer7-2.2.patch # ip_conntrack permissions from 440 to 444 # cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/ip_conntrack_standalone-patch-for-ipfire.patch ifeq "$(SMP)" "" # Only do this once on the non-SMP pass cd $(DIR_SRC) && tar czf $(DIR_DL)/iptables-fixed.tar.gz iptables-1.3.5 endif # Bootsplash cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/bootsplash-3.1.6-2.6.15.diff # Cleanup kernel source cd $(DIR_APP) && make mrproper ifeq "$(SMP)" "" cp $(DIR_SRC)/config/kernel/kernel.config.$(MACHINE) $(DIR_APP)/.config endif ifeq "$(SMP)" "1" cp $(DIR_SRC)/config/kernel/kernel.config.$(MACHINE).smp $(DIR_APP)/.config endif cd $(DIR_APP) && make CC="$(KGCC)" oldconfig cd $(DIR_APP) && make CC="$(KGCC)" clean if [ "$(SMP)" = "" ]; then \ cd $(DIR_APP) && make $(MAKETUNING) CC="$(KGCC)" bzImage; \ cd $(DIR_APP) && cp -v arch/i386/boot/bzImage /boot/vmlinuz-$(VER); \ cd $(DIR_APP) && cp -v System.map /boot/System.map-$(VER); \ cd $(DIR_APP) && cp -v .config /boot/config-$(VER); \ ln -sf vmlinuz-$(VER) /boot/vmlinuz; \ ln -sf System.map-$(VER) /boot/System.map; \ cd $(DIR_APP) && make CC="$(KGCC)" $(MAKETUNING) modules; \ cd $(DIR_APP) && make CC="$(KGCC)" $(MAKETUNING) modules_install; \ cd $(DIR_SRC)/openswan-* && make KERNELSRC=/usr/src/$(THISAPP) CC=$(CC) module; \ cd $(DIR_SRC)/openswan-* && make KERNELSRC=/usr/src/$(THISAPP) CC=$(CC) minstall; \ elif [ "$(SMP)" = "1" ]; then \ cd $(DIR_APP) && sed -i -e 's/EXTRAVERSION\ =/EXTRAVERSION\ =\ -smp/' Makefile; \ cd $(DIR_APP) && make $(MAKETUNING) CC="$(KGCC)" bzImage; \ cd $(DIR_APP) && cp -v arch/i386/boot/bzImage /boot/vmlinuz-$(VER)-smp; \ cd $(DIR_APP) && cp -v System.map /boot/System.map-$(VER)-smp; \ cd $(DIR_APP) && cp -v .config /boot/config-$(VER); \ ln -sf vmlinuz-$(VER)-smp /boot/vmlinuz-smp; \ cd $(DIR_APP) && make CC="$(KGCC)" $(MAKETUNING) modules; \ cd $(DIR_APP) && make CC="$(KGCC)" $(MAKETUNING) modules_install; \ cd $(DIR_SRC)/openswan-* && make KERNELSRC=/usr/src/$(THISAPP) CC=$(CC) module; \ cd $(DIR_SRC)/openswan-* && make KERNELSRC=/usr/src/$(THISAPP) CC=$(CC) minstall; \ fi # remove symlinked pcmcia directory ifeq "$(SMP)" "" rm -rf /lib/modules/$(VER)/pcmcia endif ifeq "$(SMP)" "1" rm -rf /lib/modules/$(VER)-smp/pcmcia endif @rm -rf $(DIR_SRC)/patch-o-matic* $(DIR_SRC)/iptables* @$(POSTBUILD)