echo usr/libexec/ipsec >> /opt/pakfire/tmp/ROOTFILES
tar cjvf /var/ipfire/backup/core-upgrade_$KVER.tar.bz2 \
-C / -T /opt/pakfire/tmp/ROOTFILES --exclude='#*' > /dev/null 2>&1
+
+#
+# Stop Sevices
+#
+/etc/init.d/collectd stop
+/etc/init.d/squid stop
+/etc/init.d/ipsec stop
+
echo
echo Update Kernel to $KVER ...
# Remove old kernel, configs, initrd, modules ...
rm -rf /usr/lib/ipsec
rm -rf /usr/libexec/ipsec
-#
-# Stop Sevices
-#
-/etc/init.d/collectd stop
-/etc/init.d/squid stop
-
#
# Backup grub.conf
#
cp -vf /boot/grub/grub.conf /boot/grub/grub.conf.org
#
+# Stop sysklogd
+/etc/init.d/sysklogd stop
+#
# Unpack the updated files
#
echo
tar xvf /opt/pakfire/tmp/files --preserve --numeric-owner -C / \
--no-overwrite-dir
#
+# Start Sevices
+/etc/init.d/sysklogd start
+/etc/init.d/squid start
+#
# Modify grub.conf
#
echo
#
perl -e "require '/var/ipfire/lang.pl'; &Lang::BuildCacheLang"
#
-# Delete old lm-sensor modullist...
-#
-rm -rf /etc/sysconfig/lm_sensors
-#
# Cleanup Collectd statistics...
#
PRECLEAN=`du -sh /var/log/rrd/collectd`
rm -rf /var/log/rrd*/collectd/localhost/disk-*/disk_merged*
rm -rf /var/log/rrd*/collectd/localhost/disk-*/disk_ops*
rm -rf /var/log/rrd*/collectd/localhost/disk-*/disk_time*
+#
+rm -rf /var/log/rrd*/collectd/localhost/iptables-filter-INPUT/*-DROP_Wirelessinput*
+rm -rf /var/log/rrd*/collectd/localhost/iptables-filter-FORWARD/*-DROP_Wirelessforward*
+rm -rf /var/log/rrd*/collectd/localhost/iptables-filter-OUTGOINGFW
POSTCLEAN=`du -sh /var/log/rrd/collectd`
#
echo Cleaned up collectd directory from $PRECLEAN to $POSTCLEAN size.
#
+# Start collectd
+/etc/init.d/collectd start
+#
+# Delete old lm-sensor modullist to force search at next boot
+#
+rm -rf /etc/sysconfig/lm_sensors
+#
# USB Modeswitch conf now called setup, rename ...
#
if [ -e /etc/usb_modeswitch.conf ]; then
# rebuild qosscript if enabled...
if [ -e /var/ipfire/qos/enable ]; then
/usr/local/bin/qosctrl stop
-fi
-/usr/local/bin/qosctrl generate
-if [ -e /var/ipfire/qos/enable ]; then
+ /usr/local/bin/qosctrl generate
/usr/local/bin/qosctrl start
fi
#
#
-# Todo convert ipsec.conf from open to strongswan...
-#
-#
-# Start Sevices
-#
-/etc/init.d/squid start
+# convert ipsec.conf from openswan to strongswan...
+mv /var/ipfire/vpn/ipsec.conf /var/ipfire/vpn/ipsec.conf.org
+cat /var/ipfire/vpn/ipsec.conf.org | \
+grep -v "disablearrivalcheck=" | \
+grep -v "klipsdebug=" | \
+grep -v "leftfirewall=" | \
+grep -v "lefthostaccess=" | \
+grep -v "charonstart=" | \
+grep -v "aggrmode=" > /var/ipfire/vpn/ipsec.conf
+sed -i "s|ipsec[0-9]=||g" /var/ipfire/vpn/ipsec.conf
+sed -i "s|nat_t ||g" /var/ipfire/vpn/ipsec.conf
+sed -i "s|klips ||g" /var/ipfire/vpn/ipsec.conf
+sed -i "s|^conn [A-Za-z].*$|&\n\tleftfirewall=yes\n\tlefthostaccess=yes|g" /var/ipfire/vpn/ipsec.conf
+sed -i "s|^config setup$|&\n\tcharonstart=no|g" /var/ipfire/vpn/ipsec.conf
+chown nobody:nobody /var/ipfire/vpn/ipsec.conf
+chmod 644 /var/ipfire/vpn/ipsec.conf
+#
+# Add cryptodev to /etc/sysconfig/modules
+mv /etc/sysconfig/modules /etc/sysconfig/modules.org
+cat /etc/sysconfig/modules.org | \
+grep -v "cryptodev" | \
+grep -v "# End /etc/sysconfig/modules" > /etc/sysconfig/modules
+echo "" >> /etc/sysconfig/modules
+echo "### cryptodev" >> /etc/sysconfig/modules
+echo "#" >> /etc/sysconfig/modules
+echo "cryptodev" >> /etc/sysconfig/modules
+echo "" >> /etc/sysconfig/modules
+echo "# End /etc/sysconfig/modules" >> /etc/sysconfig/modules
+chmod 644 /etc/sysconfig/modules
#
# This core-update need a reboot
/usr/bin/logger -p syslog.emerg -t core-upgrade-38 "Upgrade finished. If you use a customized grub.cfg"