IPTables in Kernel aktiviert.
[people/pmueller/ipfire-2.x.git] / lfs / linux
CommitLineData
df5e82b3
MT
1###############################################################################
2# This file is part of the IPCop Firewall. #
3# #
4# IPCop is free software; you can redistribute it and/or modify #
5# it under the terms of the GNU General Public License as published by #
6# the Free Software Foundation; either version 2 of the License, or #
7# (at your option) any later version. #
8# #
9# IPCop is distributed in the hope that it will be useful, #
10# but WITHOUT ANY WARRANTY; without even the implied warranty of #
11# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
12# GNU General Public License for more details. #
13# #
14# You should have received a copy of the GNU General Public License #
15# along with IPCop; if not, write to the Free Software #
16# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA #
17# #
18# Makefiles are based on LFSMake, which is #
19# Copyright (C) 2002 Rod Roard <rod@sunsetsystems.com> #
20# #
df5e82b3
MT
21###############################################################################
22
23###############################################################################
24# Definitions
25###############################################################################
26
27include Config
28
f59e1e88
MT
29VER = 2.6.16
30PATCHLEVEL = 2.6.16.27
df5e82b3
MT
31
32THISAPP = linux-$(VER)
33DL_FILE = $(THISAPP).tar.gz
a2cb3a33 34DL_FROM = $(URL_IPFIRE)
df5e82b3
MT
35DIR_APP = $(DIR_SRC)/$(THISAPP)
36CFLAGS =
37CXXFLAGS =
38
39# Normal build or /tools build.
40#
c3e36980 41ifeq "$(PASS)" ""
90c973a6 42 TARGET = $(DIR_INFO)/linux-$(PATCHLEVEL)-ipfire
df5e82b3 43endif
6b8cff41 44ifeq "$(PASS)" "S"
90c973a6 45 TARGET = $(DIR_INFO)/linux-$(PATCHLEVEL)-ipfire-smp
df5e82b3 46endif
6b8cff41 47ifeq "$(PASS)" "I"
90c973a6 48 TARGET = $(DIR_INFO)/linux-$(PATCHLEVEL)-ipfire-installer
df5e82b3 49endif
df5e82b3
MT
50
51###############################################################################
52# Top-level Rules
53###############################################################################
54objects =$(DL_FILE) \
f59e1e88 55 openswan-2.4.6.kernel-2.6-natt.patch.gz \
df5e82b3
MT
56 iptables-1.3.5.tar.bz2 \
57 patch-o-matic-ng-20060206.tar.bz2 \
58 kbc_option_2420.patch \
59 net4801.kernel.patch_2.4.31 \
c3e36980 60 netfilter-layer7-v2.6.tar.gz \
f59e1e88 61 patch-$(PATCHLEVEL).gz
df5e82b3 62
f59e1e88 63$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
d16d0d22 64patch-$(PATCHLEVEL).gz = $(DL_FROM)/patch-$(PATCHLEVEL).gz
f59e1e88 65openswan-2.4.6.kernel-2.6-natt.patch.gz = $(URL_IPFIRE)/openswan-2.4.6.kernel-2.6-natt.patch.gz
3e45cc09 66patch-o-matic-ng-20060206.tar.bz2 = $(URL_IPFIRE)/patch-o-matic-ng-20060206.tar.bz2
f59e1e88
MT
67iptables-1.3.5.tar.bz2 = $(URL_IPFIRE)/iptables-1.3.5.tar.bz2
68kbc_option_2420.patch = $(URL_IPFIRE)/kbc_option_2420.patch
69net4801.kernel.patch_2.4.31 = $(URL_IPFIRE)/net4801.kernel.patch_2.4.31
c3e36980 70netfilter-layer7-v2.6.tar.gz = $(URL_IPFIRE)/netfilter-layer7-v2.6.tar.gz
df5e82b3 71
f59e1e88
MT
72$(DL_FILE)_MD5 = 50695965725367f39007023feac5e256
73patch-$(PATCHLEVEL).gz_MD5 = 4b09dd018286850c20c0f051ced7b583
74openswan-2.4.6.kernel-2.6-natt.patch.gz_MD5 = 398110db4372ea3acc45bd66d6d86eac
75patch-o-matic-ng-20060206.tar.bz2_MD5 = eca9893afb753e331caddfe63142b566
76iptables-1.3.5.tar.bz2_MD5 = 00fb916fa8040ca992a5ace56d905ea5
77kbc_option_2420.patch_MD5 = 6d37870344f7fcf97ace1fbf43323c60
78net4801.kernel.patch_2.4.31_MD5 = c7d64e3caedb2f2b10e1c11db7f73a04
c3e36980 79netfilter-layer7-v2.6.tar.gz_MD5 = 58135cd1aafaf4ae2fa478159206f064
df5e82b3
MT
80
81install : $(TARGET)
82
83check : $(patsubst %,$(DIR_CHK)/%,$(objects))
84
85download :$(patsubst %,$(DIR_DL)/%,$(objects))
86
87md5 : $(subst %,%_MD5,$(objects))
88
89###############################################################################
90# Downloading, checking, md5sum
91###############################################################################
92
93$(patsubst %,$(DIR_CHK)/%,$(objects)) :
94 @$(CHECK)
95
96$(patsubst %,$(DIR_DL)/%,$(objects)) :
97 @$(LOAD)
98
99$(subst %,%_MD5,$(objects)) :
100 @$(MD5)
101
102###############################################################################
103# Installation Details
104###############################################################################
105
106$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
107 @$(PREBUILD)
108 @rm -rf $(DIR_APP) $(DIR_SRC)/linux && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
f59e1e88
MT
109 cd $(DIR_APP) && zcat $(DIR_DL)/patch-$(PATCHLEVEL).gz | patch -p1
110 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux-2.6.16.27-utf8_input-1.patch
90c973a6
MT
111 # Remove patch level in EXTRAVERSION.
112 # We want to avoid the need to supply a full kernel
113 # (installed in a different place) if only one part could be updated
114 cd $(DIR_APP) && sed -i -e 's/EXTRAVERSION\ =.*/EXTRAVERSION\ =/' Makefile
df5e82b3
MT
115 cd $(DIR_APP) && sed -i -e 's/-Werror//' drivers/scsi/aic7xxx/Makefile
116
f59e1e88
MT
117 # Openswan-2
118 # cd $(DIR_SRC) && zcat $(DIR_DL)/openswan-2.4.6.kernel-2.6-natt.patch.gz | patch -Np0
ac1cfefa 119
df5e82b3
MT
120 # Patch-o-matic
121 cd $(DIR_SRC) && rm -rf iptables-*
f59e1e88 122 cd $(DIR_SRC) && tar xfj $(DIR_DL)/iptables-1.3.5.tar.bz2
df5e82b3
MT
123 cd $(DIR_SRC) && ln -sf iptables-1.3.5 iptables
124 cd $(DIR_SRC) && rm -rf patch-o-matic*
125 cd $(DIR_SRC) && tar xfj $(DIR_DL)/patch-o-matic-ng-20060206.tar.bz2
ac1cfefa 126
f59e1e88
MT
127# cd $(DIR_SRC)/patch-o-matic* && yes 'y' | ./runme --kernel-path=$(DIR_APP) --iptables-path=$(ROOT)/usr/src/iptables/ pending
128# cd $(DIR_SRC)/patch-o-matic* && yes 'y' | ./runme --kernel-path=$(DIR_APP) --iptables-path=$(ROOT)/usr/src/iptables/ base
129# cd $(DIR_SRC)/patch-o-matic* && yes 'y' | ./runme --kernel-path=$(DIR_APP) --iptables-path=$(ROOT)/usr/src/iptables/ h323-conntrack-nat
130# cd $(DIR_SRC)/patch-o-matic* && yes 'y' | ./runme --kernel-path=$(DIR_APP) --iptables-path=$(ROOT)/usr/src/iptables/ cuseeme-nat
131# cd $(DIR_SRC)/patch-o-matic* && yes 'y' | ./runme --kernel-path=$(DIR_APP) --iptables-path=$(ROOT)/usr/src/iptables/ mms-conntrack-nat
132# cd $(DIR_SRC)/patch-o-matic* && yes 'y' | ./runme --kernel-path=$(DIR_APP) --iptables-path=$(ROOT)/usr/src/iptables/ pptp-conntrack-nat
133# cd $(DIR_SRC)/patch-o-matic* && yes 'y' | ./runme --kernel-path=$(DIR_APP) --iptables-path=$(ROOT)/usr/src/iptables/ rtsp-conntrack
134# cd $(DIR_SRC)/patch-o-matic* && yes 'y' | ./runme --kernel-path=$(DIR_APP) --iptables-path=$(ROOT)/usr/src/iptables/ quake3-conntrack-nat
135# cd $(DIR_SRC)/patch-o-matic* && yes 'y' | ./runme --kernel-path=$(DIR_APP) --iptables-path=$(ROOT)/usr/src/iptables/ sip-conntrack-nat
136# cd $(DIR_SRC)/patch-o-matic* && yes 'y' | ./runme --kernel-path=$(DIR_APP) --iptables-path=$(ROOT)/usr/src/iptables/ ip_queue_vwmark
137# cd $(DIR_SRC)/patch-o-matic* && yes 'y' | ./runme --kernel-path=$(DIR_APP) --iptables-path=$(ROOT)/usr/src/iptables/ ipp2p
138# cd $(DIR_SRC)/patch-o-matic* && yes 'y' | ./runme --kernel-path=$(DIR_APP) --iptables-path=$(ROOT)/usr/src/iptables/ ipsec-01-output-hooks
139# cd $(DIR_SRC)/patch-o-matic* && yes 'y' | ./runme --kernel-path=$(DIR_APP) --iptables-path=$(ROOT)/usr/src/iptables/ ipsec-02-input-hooks
140# cd $(DIR_SRC)/patch-o-matic* && yes 'y' | ./runme --kernel-path=$(DIR_APP) --iptables-path=$(ROOT)/usr/src/iptables/ ipsec-03-policy-lookup
141# cd $(DIR_SRC)/patch-o-matic* && yes 'y' | ./runme --kernel-path=$(DIR_APP) --iptables-path=$(ROOT)/usr/src/iptables/ ipsec-04-policy-checks
142# cd $(DIR_SRC)/patch-o-matic* && yes 'y' | ./runme --kernel-path=$(DIR_APP) --iptables-path=$(ROOT)/usr/src/iptables/ TARPIT
df5e82b3
MT
143
144 #layer7-patch
f59e1e88
MT
145 cd $(DIR_SRC) && tar xzf $(DIR_DL)/netfilter-layer7-v2.6.tar.gz
146 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/netfilter-layer7-v2.6/for_older_kernels/kernel-2.6.13-2.6.16-layer7-2.2.patch
df5e82b3 147
769a61c5 148 # ip_conntrack permissions from 440 to 444
f59e1e88 149 # cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/ip_conntrack_standalone-patch-for-ipfire.patch
769a61c5 150
c3e36980 151ifeq "$(PASS)" ""
df5e82b3 152 # Only do this once on the non-SMP pass
ac1cfefa 153 cd $(DIR_SRC) && tar czf $(DIR_DL)/iptables-fixed.tar.gz iptables-1.3.5
df5e82b3
MT
154endif
155
156 # Olitec isdn gazel patch
f59e1e88 157# cd $(DIR_APP) && patch -Np0 < $(DIR_SRC)/src/patches/linux-2.4.23-olitec-isdn.patch
df5e82b3
MT
158
159 # Fix /proc/stat output
f59e1e88 160# cd $(DIR_APP) && patch -Np2 < $(DIR_SRC)/src/patches/linux-2.4.26-proc-stat.patch
df5e82b3
MT
161
162 # Fix libata-core.c
163 # cd $(DIR_APP) && patch -Np0 < $(DIR_SRC)/src/patches/linux-2.4.26-scsi.patch
164
165 # frandom patch
f59e1e88 166# cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux-2.4.27-frandom-2.patch
df5e82b3
MT
167
168 # Propolice
f59e1e88 169# cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux-2.4.27-ssp-1.patch
df5e82b3
MT
170
171 # Support ppp-2.4.3 multilink behavior (terminate when no channel is connected)
172 # need updated libpcap older than 0.8.3
173 # cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/ppp_generic-ppp-2.4.3_multilink.patch
174
175 # R8169 clone D-link GSE-528T
f59e1e88 176# cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux-2.4.29_r8169clone.patch
df5e82b3 177
65a5a838 178 # bootsplash
c3e36980 179 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/bootsplash-3.1.6-2.6.15.diff
65a5a838 180
df5e82b3
MT
181 # Cleanup kernel source
182 cd $(DIR_APP) && make mrproper
c3e36980 183ifeq "$(PASS)" ""
df5e82b3
MT
184 cp $(DIR_SRC)/config/kernel/kernel.config.$(MACHINE) $(DIR_APP)/.config
185endif
6b8cff41 186ifeq "$(PASS)" "S"
df5e82b3
MT
187 cp $(DIR_SRC)/config/kernel/kernel.config.$(MACHINE).smp $(DIR_APP)/.config
188endif
6b8cff41 189ifeq "$(PASS)" "I"
df5e82b3
MT
190 cp $(DIR_SRC)/config/kernel/kernel.config.$(MACHINE).installer $(DIR_APP)/.config
191 cd $(DIR_APP) && sed -i -e 's/-O2/-Os/g' Makefile
192endif
193
194 cd $(DIR_APP) && make CC="$(KGCC)" oldconfig
195 cd $(DIR_APP) && make CC="$(KGCC)" dep
196 cd $(DIR_APP) && make CC="$(KGCC)" clean
c3e36980 197 if [ "$(PASS)" = "" ]; then \
f59e1e88 198 cd $(DIR_APP) && make $(MAKETUNING) CC="$(KGCC)" bzImage; \
c3e36980
MT
199 cd $(DIR_APP) && cp -v arch/i386/boot/bzImage /boot/vmlinuz-$(VER); \
200 cd $(DIR_APP) && cp -v System.map /boot/System.map-$(VER); \
201 cd $(DIR_APP) && cp -v .config /boot/config-$(VER); \
df5e82b3
MT
202 ln -sf vmlinuz-$(VER) /boot/vmlinuz; \
203 ln -sf System.map-$(VER) /boot/System.map; \
6b8cff41
MT
204 cd $(DIR_APP) && make CC="$(KGCC)" $(MAKETUNING) modules; \
205 cd $(DIR_APP) && make CC="$(KGCC)" $(MAKETUNING) modules_install; \
206 elif [ "$(PASS)" = "S" ]; then \
ac1cfefa 207 cd $(DIR_APP) && sed -i -e 's/EXTRAVERSION\ =/EXTRAVERSION\ =\ -smp/' Makefile; \
f59e1e88 208 cd $(DIR_APP) && make $(MAKETUNING) CC="$(KGCC)" bzImage; \
c3e36980
MT
209 cd $(DIR_APP) && cp -v arch/i386/boot/bzImage /boot/vmlinuz-$(VER)-smp; \
210 cd $(DIR_APP) && cp -v System.map /boot/System.map-$(VER)-smp; \
211 cd $(DIR_APP) && cp -v .config /boot/config-$(VER); \
ac1cfefa 212 ln -sf vmlinuz-$(VER)-smp /boot/vmlinuz-smp; \
6b8cff41
MT
213 cd $(DIR_APP) && make CC="$(KGCC)" $(MAKETUNING) modules; \
214 cd $(DIR_APP) && make CC="$(KGCC)" $(MAKETUNING) modules_install; \
215 elif [ "$(PASS)" = "I" ]; then \
f59e1e88 216 cd $(DIR_APP) && make $(MAKETUNING) CC="$(KGCC)" bzImage; \
c3e36980
MT
217 cd $(DIR_APP) && cp -v arch/i386/boot/bzImage /boot/vmlinuz-installer; \
218 cd $(DIR_APP) && cp -v .config /boot/config-$(VER); \
df5e82b3
MT
219 fi
220 # remove symlinked pcmcia directory
c3e36980 221ifeq "$(PASS)" ""
df5e82b3
MT
222 rm -rf /lib/modules/$(VER)/pcmcia
223 find /lib/modules/$(VER)/ -name '*.o' -a -type f | xargs gzip -f9
224
225 # Move these SCSI drivers into same directory for probescsi.sh
226 mv -f /lib/modules/$(VER)/kernel/drivers/scsi/aic7xxx/* /lib/modules/$(VER)/kernel/drivers/scsi
227 rm -rf /lib/modules/$(VER)/kernel/drivers/scsi/aic7xxx
228 mv -f /lib/modules/$(VER)/kernel/drivers/scsi/aacraid/* /lib/modules/$(VER)/kernel/drivers/scsi
229 rm -rf /lib/modules/$(VER)/kernel/drivers/scsi/aacraid
230 mv -f /lib/modules/$(VER)/kernel/drivers/scsi/sym53c8xx_2/* /lib/modules/$(VER)/kernel/drivers/scsi
231 rm -rf /lib/modules/$(VER)/kernel/drivers/scsi/sym53c8xx_2
232endif
6b8cff41 233ifeq "$(PASS)" "S"
df5e82b3
MT
234 rm -rf /lib/modules/$(VER)-smp/pcmcia
235 find /lib/modules/$(VER)-smp/ -name '*.o' -a -type f | xargs gzip -f9
236
237 # Move these SCSI drivers into same directory for probescsi.sh
238 mv -f /lib/modules/$(VER)-smp/kernel/drivers/scsi/aic7xxx/* /lib/modules/$(VER)-smp/kernel/drivers/scsi
239 rm -rf /lib/modules/$(VER)-smp/kernel/drivers/scsi/aic7xxx
240 mv -f /lib/modules/$(VER)-smp/kernel/drivers/scsi/aacraid/* /lib/modules/$(VER)-smp/kernel/drivers/scsi
241 rm -rf /lib/modules/$(VER)-smp/kernel/drivers/scsi/aacraid
242 mv -f /lib/modules/$(VER)-smp/kernel/drivers/scsi/sym53c8xx_2/* /lib/modules/$(VER)-smp/kernel/drivers/scsi
243 rm -rf /lib/modules/$(VER)-smp/kernel/drivers/scsi/sym53c8xx_2
244endif
245
c3e36980 246ifeq "$(PASS)" ""
df5e82b3 247 # Only do this once on the non-SMP pass
6b8cff41
MT
248 # cd $(DIR_APP) && make mandocs
249 #-mkdir -p /usr/share/man/man9/
250 #cd $(DIR_APP) && cp -af Documentation/man/* /usr/share/man/man9/
df5e82b3
MT
251endif
252 @rm -rf $(DIR_SRC)/patch-o-matic* $(DIR_SRC)/iptables*
253 @$(POSTBUILD)