X-Git-Url: http://git.ipfire.org/?p=people%2Fpmueller%2Fipfire-2.x.git;a=blobdiff_plain;f=lfs%2Flinux;h=4714db5f8ad200f135aad06f9128e22ab79ef85d;hp=c55f57b74919f443095cb421dc11fcea24de7f2c;hb=f110a344a692292955e67061956548607eaf96f5;hpb=8bba296515ab256155d6dc649f7a2ad26baa5929 diff --git a/lfs/linux b/lfs/linux index c55f57b749..4714db5f8a 100644 --- a/lfs/linux +++ b/lfs/linux @@ -1,22 +1,20 @@ ############################################################################### -# This file is part of the IPCop Firewall. # # # -# IPCop is free software; you can redistribute it and/or modify # +# IPFire.org - A linux based firewall # +# Copyright (C) 2007 Michael Tremer & Christian Schmidt # +# # +# This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # -# the Free Software Foundation; either version 2 of the License, or # +# the Free Software Foundation, either version 3 of the License, or # # (at your option) any later version. # # # -# IPCop is distributed in the hope that it will be useful, # +# This program is distributed in the hope that it will be useful, # # but WITHOUT ANY WARRANTY; without even the implied warranty of # # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # # GNU General Public License for more details. # # # # You should have received a copy of the GNU General Public License # -# along with IPCop; if not, write to the Free Software # -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA # -# # -# Makefiles are based on LFSMake, which is # -# Copyright (C) 2002 Rod Roard # +# along with this program. If not, see . # # # ############################################################################### @@ -26,8 +24,8 @@ include Config -PATCHLEVEL = .50 -VER = 2.6.16.50 +PATCHLEVEL = .17 +VER = 2.6.23.17 THISAPP = linux-$(VER) DL_FILE = $(THISAPP).tar.bz2 @@ -40,45 +38,31 @@ CXXFLAGS = # ifeq "$(SMP)" "1" TARGET = $(DIR_INFO)/linux-$(VER)-smp -else -ifeq "$(XEN)" "1" - TARGET = $(DIR_INFO)/linux-$(VER)-xen else TARGET = $(DIR_INFO)/linux-$(VER) endif -endif ############################################################################### # Top-level Rules ############################################################################### objects =$(DL_FILE) \ - mISDN-1_1_3.tar.gz \ - squashfs3.2-r2.tar.gz \ - iptables-1.3.5.tar.bz2 \ - patch-o-matic-ng-20061210.tar.bz2 \ - netfilter-layer7-v2.9.tar.gz \ - patch-2.6.16-nath323-1.3.bz2 \ - openswan-2.5.13.tar.gz - -$(DL_FILE) = $(URL_IPFIRE)/$(DL_FILE) -patch-o-matic-ng-20061210.tar.bz2 = $(URL_IPFIRE)/patch-o-matic-ng-20061210.tar.bz2 -iptables-1.3.5.tar.bz2 = $(URL_IPFIRE)/iptables-1.3.5.tar.bz2 -netfilter-layer7-v2.9.tar.gz = $(URL_IPFIRE)/netfilter-layer7-v2.9.tar.gz -patch-2.6.16-nath323-1.3.bz2 = $(URL_IPFIRE)/patch-2.6.16-nath323-1.3.bz2 -squashfs3.2-r2.tar.gz = $(URL_IPFIRE)/squashfs3.2-r2.tar.gz -mISDN-1_1_3.tar.gz = $(URL_IPFIRE)/mISDN-1_1_3.tar.gz -openswan-2.5.13.tar.gz = $(URL_IPFIRE)/openswan-2.5.13.tar.gz - -$(DL_FILE)_MD5 = cc2106c6188675187d636aa518b04958 -linux-2.6.16.33.tar.bz2_MD5 = 22f56e3a5e7524b2bbde2696152b5ad7 -patch-o-matic-ng-20061210.tar.bz2_MD5 = 76edac76301b45f89e467b41c8cf4393 -iptables-1.3.5.tar.bz2_MD5 = 00fb916fa8040ca992a5ace56d905ea5 -netfilter-layer7-v2.9.tar.gz_MD5 = ebf9043a5352ebe6dbd721989ef83dee + mISDN-1_1_8.tar.gz \ + squashfs3.3.tgz \ + netfilter-layer7-v2.18.tar.gz \ + patch-2.6.16-nath323-1.3.bz2 + +$(DL_FILE) = $(URL_IPFIRE)/$(DL_FILE) +netfilter-layer7-v2.18.tar.gz = $(URL_IPFIRE)/netfilter-layer7-v2.18.tar.gz +patch-2.6.16-nath323-1.3.bz2 = $(URL_IPFIRE)/patch-2.6.16-nath323-1.3.bz2 +squashfs3.3.tgz = $(URL_IPFIRE)/squashfs3.3.tgz +mISDN-1_1_8.tar.gz = $(URL_IPFIRE)/mISDN-1_1_8.tar.gz + +$(DL_FILE)_MD5 = a0300a393ac91ce9c64bf31522b45e2e +netfilter-layer7-v2.18.tar.gz_MD5 = 8d2e2c00f5c20e8c0852998035aeffd2 patch-2.6.16-nath323-1.3.bz2_MD5 = f926409ff703a307baf54b57ab75d138 -squashfs3.2-r2.tar.gz_MD5 = bf360b92eba9e6d5610196ce2e02fcd1 -mISDN-1_1_3.tar.gz_MD5 = d29bcf48f16fc8a9b9f3552d111b308d -openswan-2.5.13.tar.gz_MD5 = b83a42ea00ee24ed34413bc122cada51 +squashfs3.3.tgz_MD5 = 95c40fca0d886893631b5de14a0af25b +mISDN-1_1_8.tar.gz_MD5 = 29c55ffe0b35668a41eaed3b1c3ddfe2 install : $(TARGET) @@ -109,81 +93,48 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) @rm -rf $(DIR_APP) $(DIR_SRC)/linux $(DIR_SRC)/xen-* && cd $(DIR_SRC) && tar jxf $(DIR_DL)/$(DL_FILE) ln -s linux-$(VER) /usr/src/linux - -ifeq "$(XEN)" "1" - # XEN - -cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/xen-3.0.4-2.6.16.x.patch - cd $(DIR_APP)/net/ipv4/netfilter && patch -Np0 < $(DIR_SRC)/src/patches/xen-3.0.4-netfilter-fix.patch -endif - # An UTF8 patch from LFS - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux-2.6.16.27-utf8_input-1.patch + # Security fix for CIFS & Netfilter SNMP + cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux-2.6.20.21-additional_check_on_BER_decoding.patch - # Openswan 2 - cd $(DIR_SRC) && rm -rf openswan-* - cd $(DIR_SRC) && tar xfz $(DIR_DL)/openswan-2.5.13.tar.gz - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/openswan-2.5.13.kernel-2.6-klips.patch - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/openswan-2.5.13.kernel-2.6-natt.patch - - cd $(DIR_SRC)/openswan-* && sed -i -e 's/INC_USRLOCAL=\/usr\/local/INC_USRLOCAL=\/usr/' Makefile.inc - - # H323 conntrack - cd $(DIR_APP) && bunzip2 -cd $(DIR_DL)/patch-2.6.16-nath323-1.3.bz2 | patch -Np1 + # Openswan nat-t + cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/openswan-2.4.x.kernel-2.6.23-natt.patch # Reiser4 - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/reiser4-for-2.6.16-5.patch + cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/reiser4-for-2.6.23.patch # SquashFS cd $(DIR_SRC) && rm -rf squashfs* - cd $(DIR_SRC) && tar xfz $(DIR_DL)/squashfs3.2-r2.tar.gz - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/squashfs3.2-r2/kernel-patches/linux-2.6.16/squashfs3.2-patch + cd $(DIR_SRC) && tar xfz $(DIR_DL)/squashfs3.3.tgz + cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/squashfs3.3/kernel-patches/linux-2.6.23/squashfs3.3-patch # ip_conntrack permissions from 440 to 444 - cd $(DIR_APP) && patch -Np0 < $(DIR_SRC)/src/patches/ip_conntrack_standalone-patch-for-ipfire.patch - - # Patch-o-matic - cd $(DIR_SRC) && rm -rf iptables-* patch-o-matic* - cd $(DIR_SRC) && tar xfj $(DIR_DL)/iptables-1.3.5.tar.bz2 - cd $(DIR_SRC) && ln -sf iptables-1.3.5 iptables - cd $(DIR_SRC) && tar xfj $(DIR_DL)/patch-o-matic-ng-20061210.tar.bz2 - cd $(DIR_SRC)/patch-o-matic-ng* && \ - ./runme --batch --kernel-path=$(ROOT)/usr/src/$(THISAPP)/ \ - --iptables-path=$(ROOT)/usr/src/iptables/ \ - sip-conntrack-nat rtsp-conntrack-nat \ - mms-conntrack-nat - +# cd $(DIR_APP) && patch -Np0 < $(DIR_SRC)/src/patches/ip_conntrack_standalone-patch-for-ipfire.patch + # Layer7-patch - cd $(DIR_SRC) && rm -rf $(DIR_SRC)/netfilter-layer7-v2.9 - cd $(DIR_SRC) && tar xzf $(DIR_DL)/netfilter-layer7-v2.9.tar.gz - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/netfilter-layer7-v2.9/for_older_kernels/kernel-2.6.13-2.6.16-layer7-2.2.patch -ifeq "$(XEN)" "1" - cd $(DIR_APP)/net/ipv4/netfilter && patch -Np0 < $(DIR_SRC)/src/patches/xen-3.0.4-layer7-fix.patch -endif + cd $(DIR_SRC) && rm -rf $(DIR_SRC)/netfilter-layer7-v2.18 + cd $(DIR_SRC) && tar xzf $(DIR_DL)/netfilter-layer7-v2.18.tar.gz + cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/netfilter-layer7-v2.18/for_older_kernels/kernel-2.6.22-2.6.24-layer7-2.18.patch # Linux Intermediate Queueing Device - #cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux-2.6.16-imq2.diff +ifeq "$(XEN)" "" + cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux-2.6.23-imq.diff +endif # mISDN cd $(DIR_SRC) && rm -rf mISDN-* - cd $(DIR_SRC) && tar xfz $(DIR_DL)/mISDN-1_1_3.tar.gz - cd $(DIR_SRC)/mISDN-1_1_3 && yes 'yes' | ./std2kern -k /usr/src/linux - -ifeq "$(SMP)" "" - # Only do this once on the non-SMP pass - cd $(DIR_SRC) && tar czf $(DIR_DL)/iptables-fixed.tar.gz iptables-1.3.5 -endif + cd $(DIR_SRC) && tar xfz $(DIR_DL)/mISDN-1_1_8.tar.gz + cd $(DIR_SRC)/mISDN-1_1_8 && yes 'yes' | ./std2kern -k /usr/src/linux + + cd $(DIR_APP)/drivers/isdn/hardware/mISDN && patch -Np0 < $(DIR_SRC)/src/patches/mISDN-avmfritz.patch # Cleanup kernel source cd $(DIR_APP) && make mrproper ifeq "$(SMP)" "1" cp $(DIR_SRC)/config/kernel/kernel.config.$(MACHINE).smp $(DIR_APP)/.config -else -ifeq "$(XEN)" "1" - cp $(DIR_SRC)/config/kernel/kernel.config.$(MACHINE).xen $(DIR_APP)/.config else cp $(DIR_SRC)/config/kernel/kernel.config.$(MACHINE) $(DIR_APP)/.config -endif endif cd $(DIR_APP) && make CC="$(KGCC)" oldconfig @@ -197,15 +148,6 @@ ifeq "$(SMP)" "1" ln -sf vmlinuz-$(VER)-ipfire-smp /boot/vmlinuz-ipfire-smp cd $(DIR_APP) && make CC="$(KGCC)" $(MAKETUNING) modules cd $(DIR_APP) && make CC="$(KGCC)" $(MAKETUNING) modules_install -else -ifeq "$(XEN)" "1" - cd $(DIR_APP) && sed -i -e 's/EXTRAVERSION\ =.*/EXTRAVERSION\ =\ $(PATCHLEVEL)-ipfire-xen/' Makefile - cd $(DIR_APP) && make $(MAKETUNING) CC="$(KGCC)" vmlinuz - cd $(DIR_APP) && cp -v vmlinuz /boot/vmlinuz-$(VER)-ipfire-xen - cd $(DIR_APP) && cp -v System.map /boot/System.map-$(VER)-ipfire-xen - ln -sf vmlinuz-$(VER)-ipfire-xen /boot/vmlinuz-ipfire-xen - cd $(DIR_APP) && make CC="$(KGCC)" $(MAKETUNING) modules - cd $(DIR_APP) && make CC="$(KGCC)" $(MAKETUNING) modules_install else cd $(DIR_APP) && sed -i -e 's/EXTRAVERSION\ =.*/EXTRAVERSION\ =\ $(PATCHLEVEL)-ipfire/' Makefile cd $(DIR_APP) && make $(MAKETUNING) CC="$(KGCC)" bzImage @@ -217,17 +159,12 @@ else cd $(DIR_APP) && make CC="$(KGCC)" $(MAKETUNING) modules cd $(DIR_APP) && make CC="$(KGCC)" $(MAKETUNING) modules_install endif -endif - - # remove symlinked pcmcia directory - -rm -rf /lib/modules/$(VER)-ipfire{,-smp}/pcmcia ifeq "$(SMP)" "" -ifeq "$(XEN)" "" # Only do this once on the non-SMP pass cd $(DIR_APP) && install -m 755 usr/gen_init_cpio /sbin/ -endif endif @rm -rf $(DIR_SRC)/patch-o-matic* $(DIR_SRC)/iptables* $(DIR_SRC)/squashfs* $(DIR_SRC)/mISDN-* $(DIR_SRC)/netfilter-layer7-* @$(POSTBUILD) +