Patch-O-Matic in den Kernel eingebaut.
authorms <ms@ea5c0bd1-69bd-2848-81d8-4f18e57aeed8>
Mon, 11 Dec 2006 20:02:07 +0000 (20:02 +0000)
committerms <ms@ea5c0bd1-69bd-2848-81d8-4f18e57aeed8>
Mon, 11 Dec 2006 20:02:07 +0000 (20:02 +0000)
(Einige Module fehlen noch...)
Unattended Installer bearbeitet.
Firewallscript hinzugefuegt.

git-svn-id: http://svn.ipfire.org/svn/ipfire/trunk@360 ea5c0bd1-69bd-2848-81d8-4f18e57aeed8

19 files changed:
config/kernel/kernel.config.i586
config/kernel/kernel.config.i586.smp
config/kernel/unattended.conf
config/rootfiles/common/glib [new file with mode: 0644]
config/rootfiles/common/kudzu [new file with mode: 0644]
config/rootfiles/common/mc [new file with mode: 0644]
config/rootfiles/common/misc-progs [new file with mode: 0644]
config/rootfiles/common/perl
doc/packages-list.txt
lfs/kudzu
lfs/linux
lfs/openswan
make.sh
src/initscripts/init.d/firewall [new file with mode: 0644]
src/initscripts/init.d/network
src/initscripts/sysconfig/clock
src/initscripts/sysconfig/firewall.local [new file with mode: 0644]
src/initscripts/sysconfig/network
src/install+setup/install/main.c

index 59cfe54..0262915 100644 (file)
@@ -1,7 +1,7 @@
 #
 # Automatically generated make config: don't edit
 # Linux kernel version: 2.6.16
-# Tue Nov 28 19:31:51 2006
+# Wed Nov 29 00:06:35 2006
 #
 CONFIG_X86_32=y
 CONFIG_SEMAPHORE_SLEEPERS=y
@@ -343,6 +343,7 @@ CONFIG_IP_PIMSM_V1=y
 CONFIG_IP_PIMSM_V2=y
 # CONFIG_ARPD is not set
 CONFIG_SYN_COOKIES=y
+CONFIG_IPSEC_NAT_TRAVERSAL=y
 CONFIG_INET_AH=y
 CONFIG_INET_ESP=y
 CONFIG_INET_IPCOMP=y
@@ -458,6 +459,9 @@ CONFIG_IP_NF_RAW=m
 CONFIG_IP_NF_ARPTABLES=m
 CONFIG_IP_NF_ARPFILTER=m
 CONFIG_IP_NF_ARP_MANGLE=m
+CONFIG_IP_NF_TARGET_TARPIT=m
+CONFIG_IP_NF_NAT_SIP=m
+CONFIG_IP_NF_SIP=m
 
 #
 # Bridge: Netfilter Configuration
@@ -579,6 +583,21 @@ CONFIG_IEEE80211=m
 CONFIG_IEEE80211_CRYPT_WEP=m
 # CONFIG_IEEE80211_CRYPT_CCMP is not set
 # CONFIG_IEEE80211_CRYPT_TKIP is not set
+CONFIG_KLIPS=m
+
+#
+# KLIPS options
+#
+CONFIG_KLIPS_ESP=y
+CONFIG_KLIPS_AH=y
+CONFIG_KLIPS_AUTH_HMAC_MD5=y
+CONFIG_KLIPS_AUTH_HMAC_SHA1=y
+# CONFIG_KLIPS_ENC_CRYPTOAPI is not set
+CONFIG_KLIPS_ENC_3DES=y
+CONFIG_KLIPS_ENC_AES=y
+# CONFIG_KLIPS_ENC_NULL is not set
+CONFIG_KLIPS_IPCOMP=y
+CONFIG_KLIPS_DEBUG=y
 
 #
 # Device Drivers
index e0a9769..7fbcfd4 100644 (file)
@@ -1,7 +1,7 @@
 #
 # Automatically generated make config: don't edit
 # Linux kernel version: 2.6.16
-# Tue Nov 28 19:33:09 2006
+# Wed Nov 29 00:35:50 2006
 #
 CONFIG_X86_32=y
 CONFIG_SEMAPHORE_SLEEPERS=y
@@ -349,6 +349,7 @@ CONFIG_IP_PIMSM_V1=y
 CONFIG_IP_PIMSM_V2=y
 # CONFIG_ARPD is not set
 CONFIG_SYN_COOKIES=y
+CONFIG_IPSEC_NAT_TRAVERSAL=y
 CONFIG_INET_AH=y
 CONFIG_INET_ESP=y
 CONFIG_INET_IPCOMP=y
@@ -464,6 +465,9 @@ CONFIG_IP_NF_RAW=m
 CONFIG_IP_NF_ARPTABLES=m
 CONFIG_IP_NF_ARPFILTER=m
 CONFIG_IP_NF_ARP_MANGLE=m
+CONFIG_IP_NF_TARGET_TARPIT=m
+CONFIG_IP_NF_NAT_SIP=m
+CONFIG_IP_NF_SIP=m
 
 #
 # Bridge: Netfilter Configuration
@@ -585,6 +589,21 @@ CONFIG_IEEE80211=m
 CONFIG_IEEE80211_CRYPT_WEP=m
 # CONFIG_IEEE80211_CRYPT_CCMP is not set
 # CONFIG_IEEE80211_CRYPT_TKIP is not set
+CONFIG_KLIPS=m
+
+#
+# KLIPS options
+#
+CONFIG_KLIPS_ESP=y
+CONFIG_KLIPS_AH=y
+CONFIG_KLIPS_AUTH_HMAC_MD5=y
+CONFIG_KLIPS_AUTH_HMAC_SHA1=y
+# CONFIG_KLIPS_ENC_CRYPTOAPI is not set
+CONFIG_KLIPS_ENC_3DES=y
+CONFIG_KLIPS_ENC_AES=y
+# CONFIG_KLIPS_ENC_NULL is not set
+CONFIG_KLIPS_IPCOMP=y
+CONFIG_KLIPS_DEBUG=y
 
 #
 # Device Drivers
index 9362028..b8ddba2 100644 (file)
@@ -3,9 +3,9 @@ HOSTNAME=ipfire
 KEYMAP=/usr/share/kbd/keymaps/i386/qwerty/de.map.gz
 LANGUAGE=de
 TIMEZONE=/usr/share/zoneinfo/posix/Europe/Berlin
-GREEN_ADDRESS=192.168.0.15
+GREEN_ADDRESS=192.168.180.30
 GREEN_NETMASK=255.255.255.0
-GREEN_NETADDRESS=192.168.0.0
-GREEN_BROADCAST=192.168.0.255
+GREEN_NETADDRESS=192.168.180.0
+GREEN_BROADCAST=192.168.180.255
 ROOT_PASSWORD=ipfire
 ADMIN_PASSWORD=ipfire
diff --git a/config/rootfiles/common/glib b/config/rootfiles/common/glib
new file mode 100644 (file)
index 0000000..7fb52aa
--- /dev/null
@@ -0,0 +1,439 @@
+#usr/bin/glib-genmarshal
+#usr/bin/glib-gettextize
+#usr/bin/glib-mkenums
+#usr/bin/gobject-query
+#usr/include/glib-2.0
+#usr/include/glib-2.0/glib
+#usr/include/glib-2.0/glib-object.h
+#usr/include/glib-2.0/glib.h
+#usr/include/glib-2.0/glib/galloca.h
+#usr/include/glib-2.0/glib/garray.h
+#usr/include/glib-2.0/glib/gasyncqueue.h
+#usr/include/glib-2.0/glib/gatomic.h
+#usr/include/glib-2.0/glib/gbacktrace.h
+#usr/include/glib-2.0/glib/gcache.h
+#usr/include/glib-2.0/glib/gcompletion.h
+#usr/include/glib-2.0/glib/gconvert.h
+#usr/include/glib-2.0/glib/gdataset.h
+#usr/include/glib-2.0/glib/gdate.h
+#usr/include/glib-2.0/glib/gdir.h
+#usr/include/glib-2.0/glib/gerror.h
+#usr/include/glib-2.0/glib/gfileutils.h
+#usr/include/glib-2.0/glib/ghash.h
+#usr/include/glib-2.0/glib/ghook.h
+#usr/include/glib-2.0/glib/gi18n-lib.h
+#usr/include/glib-2.0/glib/gi18n.h
+#usr/include/glib-2.0/glib/giochannel.h
+#usr/include/glib-2.0/glib/gkeyfile.h
+#usr/include/glib-2.0/glib/glist.h
+#usr/include/glib-2.0/glib/gmacros.h
+#usr/include/glib-2.0/glib/gmain.h
+#usr/include/glib-2.0/glib/gmappedfile.h
+#usr/include/glib-2.0/glib/gmarkup.h
+#usr/include/glib-2.0/glib/gmem.h
+#usr/include/glib-2.0/glib/gmessages.h
+#usr/include/glib-2.0/glib/gnode.h
+#usr/include/glib-2.0/glib/goption.h
+#usr/include/glib-2.0/glib/gpattern.h
+#usr/include/glib-2.0/glib/gprimes.h
+#usr/include/glib-2.0/glib/gprintf.h
+#usr/include/glib-2.0/glib/gqsort.h
+#usr/include/glib-2.0/glib/gquark.h
+#usr/include/glib-2.0/glib/gqueue.h
+#usr/include/glib-2.0/glib/grand.h
+#usr/include/glib-2.0/glib/grel.h
+#usr/include/glib-2.0/glib/gscanner.h
+#usr/include/glib-2.0/glib/gshell.h
+#usr/include/glib-2.0/glib/gslice.h
+#usr/include/glib-2.0/glib/gslist.h
+#usr/include/glib-2.0/glib/gspawn.h
+#usr/include/glib-2.0/glib/gstdio.h
+#usr/include/glib-2.0/glib/gstrfuncs.h
+#usr/include/glib-2.0/glib/gstring.h
+#usr/include/glib-2.0/glib/gthread.h
+#usr/include/glib-2.0/glib/gthreadpool.h
+#usr/include/glib-2.0/glib/gtimer.h
+#usr/include/glib-2.0/glib/gtree.h
+#usr/include/glib-2.0/glib/gtypes.h
+#usr/include/glib-2.0/glib/gunicode.h
+#usr/include/glib-2.0/glib/gutils.h
+#usr/include/glib-2.0/glib/gwin32.h
+#usr/include/glib-2.0/gmodule.h
+#usr/include/glib-2.0/gobject
+#usr/include/glib-2.0/gobject/gboxed.h
+#usr/include/glib-2.0/gobject/gclosure.h
+#usr/include/glib-2.0/gobject/genums.h
+#usr/include/glib-2.0/gobject/gmarshal.h
+#usr/include/glib-2.0/gobject/gobject.h
+#usr/include/glib-2.0/gobject/gobjectnotifyqueue.c
+#usr/include/glib-2.0/gobject/gparam.h
+#usr/include/glib-2.0/gobject/gparamspecs.h
+#usr/include/glib-2.0/gobject/gsignal.h
+#usr/include/glib-2.0/gobject/gsourceclosure.h
+#usr/include/glib-2.0/gobject/gtype.h
+#usr/include/glib-2.0/gobject/gtypemodule.h
+#usr/include/glib-2.0/gobject/gtypeplugin.h
+#usr/include/glib-2.0/gobject/gvalue.h
+#usr/include/glib-2.0/gobject/gvaluearray.h
+#usr/include/glib-2.0/gobject/gvaluecollector.h
+#usr/include/glib-2.0/gobject/gvaluetypes.h
+#usr/lib/glib-2.0
+#usr/lib/glib-2.0/include
+#usr/lib/glib-2.0/include/glibconfig.h
+#usr/lib/libglib-2.0.la
+usr/lib/libglib-2.0.so
+usr/lib/libglib-2.0.so.0
+usr/lib/libglib-2.0.so.0.902.4
+#usr/lib/libgmodule-2.0.la
+usr/lib/libgmodule-2.0.so
+usr/lib/libgmodule-2.0.so.0
+usr/lib/libgmodule-2.0.so.0.902.4
+#usr/lib/libgobject-2.0.la
+usr/lib/libgobject-2.0.so
+usr/lib/libgobject-2.0.so.0
+usr/lib/libgobject-2.0.so.0.902.4
+#usr/lib/libgthread-2.0.la
+usr/lib/libgthread-2.0.so
+usr/lib/libgthread-2.0.so.0
+usr/lib/libgthread-2.0.so.0.902.4
+#usr/lib/pkgconfig/glib-2.0.pc
+#usr/lib/pkgconfig/gmodule-2.0.pc
+#usr/lib/pkgconfig/gmodule-export-2.0.pc
+#usr/lib/pkgconfig/gmodule-no-export-2.0.pc
+#usr/lib/pkgconfig/gobject-2.0.pc
+#usr/lib/pkgconfig/gthread-2.0.pc
+#usr/man/man1/glib-genmarshal.1
+#usr/man/man1/glib-gettextize.1
+#usr/man/man1/glib-mkenums.1
+#usr/man/man1/gobject-query.1
+#usr/share/aclocal/glib-2.0.m4
+#usr/share/aclocal/glib-gettext.m4
+#usr/share/glib-2.0
+#usr/share/glib-2.0/gettext
+#usr/share/glib-2.0/gettext/mkinstalldirs
+#usr/share/glib-2.0/gettext/po
+#usr/share/glib-2.0/gettext/po/Makefile.in.in
+#usr/share/gtk-doc/html/glib
+#usr/share/gtk-doc/html/glib/file-name-encodings.png
+#usr/share/gtk-doc/html/glib/glib-Arrays.html
+#usr/share/gtk-doc/html/glib/glib-Asynchronous-Queues.html
+#usr/share/gtk-doc/html/glib/glib-Atomic-Operations.html
+#usr/share/gtk-doc/html/glib/glib-Automatic-String-Completion.html
+#usr/share/gtk-doc/html/glib/glib-Balanced-Binary-Trees.html
+#usr/share/gtk-doc/html/glib/glib-Basic-Types.html
+#usr/share/gtk-doc/html/glib/glib-Byte-Arrays.html
+#usr/share/gtk-doc/html/glib/glib-Byte-Order-Macros.html
+#usr/share/gtk-doc/html/glib/glib-Caches.html
+#usr/share/gtk-doc/html/glib/glib-Character-Set-Conversion.html
+#usr/share/gtk-doc/html/glib/glib-Commandline-option-parser.html
+#usr/share/gtk-doc/html/glib/glib-Datasets.html
+#usr/share/gtk-doc/html/glib/glib-Date-and-Time-Functions.html
+#usr/share/gtk-doc/html/glib/glib-Double-ended-Queues.html
+#usr/share/gtk-doc/html/glib/glib-Doubly-Linked-Lists.html
+#usr/share/gtk-doc/html/glib/glib-Dynamic-Loading-of-Modules.html
+#usr/share/gtk-doc/html/glib/glib-Error-Reporting.html
+#usr/share/gtk-doc/html/glib/glib-File-Utilities.html
+#usr/share/gtk-doc/html/glib/glib-Glob-style-pattern-matching.html
+#usr/share/gtk-doc/html/glib/glib-Hash-Tables.html
+#usr/share/gtk-doc/html/glib/glib-Hook-Functions.html
+#usr/share/gtk-doc/html/glib/glib-I18N.html
+#usr/share/gtk-doc/html/glib/glib-IO-Channels.html
+#usr/share/gtk-doc/html/glib/glib-Key-value-file-parser.html
+#usr/share/gtk-doc/html/glib/glib-Keyed-Data-Lists.html
+#usr/share/gtk-doc/html/glib/glib-Lexical-Scanner.html
+#usr/share/gtk-doc/html/glib/glib-Limits-of-Basic-Types.html
+#usr/share/gtk-doc/html/glib/glib-Memory-Allocation.html
+#usr/share/gtk-doc/html/glib/glib-Memory-Allocators.html
+#usr/share/gtk-doc/html/glib/glib-Memory-Chunks.html
+#usr/share/gtk-doc/html/glib/glib-Memory-Slices.html
+#usr/share/gtk-doc/html/glib/glib-Message-Logging.html
+#usr/share/gtk-doc/html/glib/glib-Miscellaneous-Macros.html
+#usr/share/gtk-doc/html/glib/glib-Miscellaneous-Utility-Functions.html
+#usr/share/gtk-doc/html/glib/glib-N-ary-Trees.html
+#usr/share/gtk-doc/html/glib/glib-Numerical-Definitions.html
+#usr/share/gtk-doc/html/glib/glib-Pointer-Arrays.html
+#usr/share/gtk-doc/html/glib/glib-Quarks.html
+#usr/share/gtk-doc/html/glib/glib-Random-Numbers.html
+#usr/share/gtk-doc/html/glib/glib-Relations-and-Tuples.html
+#usr/share/gtk-doc/html/glib/glib-Shell-related-Utilities.html
+#usr/share/gtk-doc/html/glib/glib-Simple-XML-Subset-Parser.html
+#usr/share/gtk-doc/html/glib/glib-Singly-Linked-Lists.html
+#usr/share/gtk-doc/html/glib/glib-Spawning-Processes.html
+#usr/share/gtk-doc/html/glib/glib-Standard-Macros.html
+#usr/share/gtk-doc/html/glib/glib-String-Chunks.html
+#usr/share/gtk-doc/html/glib/glib-String-Utility-Functions.html
+#usr/share/gtk-doc/html/glib/glib-Strings.html
+#usr/share/gtk-doc/html/glib/glib-The-Main-Event-Loop.html
+#usr/share/gtk-doc/html/glib/glib-Thread-Pools.html
+#usr/share/gtk-doc/html/glib/glib-Threads.html
+#usr/share/gtk-doc/html/glib/glib-Timers.html
+#usr/share/gtk-doc/html/glib/glib-Trash-Stacks.html
+#usr/share/gtk-doc/html/glib/glib-Type-Conversion-Macros.html
+#usr/share/gtk-doc/html/glib/glib-Unicode-Manipulation.html
+#usr/share/gtk-doc/html/glib/glib-Version-Information.html
+#usr/share/gtk-doc/html/glib/glib-Warnings-and-Assertions.html
+#usr/share/gtk-doc/html/glib/glib-Windows-Compatibility-Functions.html
+#usr/share/gtk-doc/html/glib/glib-building.html
+#usr/share/gtk-doc/html/glib/glib-changes.html
+#usr/share/gtk-doc/html/glib/glib-compiling.html
+#usr/share/gtk-doc/html/glib/glib-core.html
+#usr/share/gtk-doc/html/glib/glib-cross-compiling.html
+#usr/share/gtk-doc/html/glib/glib-data-types.html
+#usr/share/gtk-doc/html/glib/glib-fundamentals.html
+#usr/share/gtk-doc/html/glib/glib-gettextize.html
+#usr/share/gtk-doc/html/glib/glib-resources.html
+#usr/share/gtk-doc/html/glib/glib-running.html
+#usr/share/gtk-doc/html/glib/glib-utilities.html
+#usr/share/gtk-doc/html/glib/glib.devhelp
+#usr/share/gtk-doc/html/glib/glib.devhelp2
+#usr/share/gtk-doc/html/glib/glib.html
+#usr/share/gtk-doc/html/glib/home.png
+#usr/share/gtk-doc/html/glib/index.html
+#usr/share/gtk-doc/html/glib/index.sgml
+#usr/share/gtk-doc/html/glib/ix01.html
+#usr/share/gtk-doc/html/glib/ix02.html
+#usr/share/gtk-doc/html/glib/ix03.html
+#usr/share/gtk-doc/html/glib/ix04.html
+#usr/share/gtk-doc/html/glib/ix05.html
+#usr/share/gtk-doc/html/glib/ix06.html
+#usr/share/gtk-doc/html/glib/ix07.html
+#usr/share/gtk-doc/html/glib/left.png
+#usr/share/gtk-doc/html/glib/mainloop-states.gif
+#usr/share/gtk-doc/html/glib/right.png
+#usr/share/gtk-doc/html/glib/style.css
+#usr/share/gtk-doc/html/glib/tools.html
+#usr/share/gtk-doc/html/glib/up.png
+#usr/share/gtk-doc/html/gobject
+#usr/share/gtk-doc/html/gobject/GTypeModule.html
+#usr/share/gtk-doc/html/gobject/GTypePlugin.html
+#usr/share/gtk-doc/html/gobject/ch01.html
+#usr/share/gtk-doc/html/gobject/ch01s02.html
+#usr/share/gtk-doc/html/gobject/ch02.html
+#usr/share/gtk-doc/html/gobject/ch06s03.html
+#usr/share/gtk-doc/html/gobject/ch07s02.html
+#usr/share/gtk-doc/html/gobject/ch07s03.html
+#usr/share/gtk-doc/html/gobject/chapter-gobject.html
+#usr/share/gtk-doc/html/gobject/chapter-signal.html
+#usr/share/gtk-doc/html/gobject/glib-genmarshal.html
+#usr/share/gtk-doc/html/gobject/glib-mkenums.html
+#usr/share/gtk-doc/html/gobject/glue.png
+#usr/share/gtk-doc/html/gobject/gobject-Boxed-Types.html
+#usr/share/gtk-doc/html/gobject/gobject-Closures.html
+#usr/share/gtk-doc/html/gobject/gobject-Enumeration-and-Flag-Types.html
+#usr/share/gtk-doc/html/gobject/gobject-GParamSpec.html
+#usr/share/gtk-doc/html/gobject/gobject-Generic-values.html
+#usr/share/gtk-doc/html/gobject/gobject-Signals.html
+#usr/share/gtk-doc/html/gobject/gobject-Standard-Parameter-and-Value-Types.html
+#usr/share/gtk-doc/html/gobject/gobject-The-Base-Object-Type.html
+#usr/share/gtk-doc/html/gobject/gobject-Type-Information.html
+#usr/share/gtk-doc/html/gobject/gobject-Value-arrays.html
+#usr/share/gtk-doc/html/gobject/gobject-Varargs-Value-Collection.html
+#usr/share/gtk-doc/html/gobject/gobject-memory.html
+#usr/share/gtk-doc/html/gobject/gobject-properties.html
+#usr/share/gtk-doc/html/gobject/gobject-query.html
+#usr/share/gtk-doc/html/gobject/gobject.devhelp
+#usr/share/gtk-doc/html/gobject/gobject.devhelp2
+#usr/share/gtk-doc/html/gobject/gtype-conventions.html
+#usr/share/gtk-doc/html/gobject/gtype-instantiable-classed.html
+#usr/share/gtk-doc/html/gobject/gtype-non-instantiable-classed.html
+#usr/share/gtk-doc/html/gobject/gtype-non-instantiable.html
+#usr/share/gtk-doc/html/gobject/home.png
+#usr/share/gtk-doc/html/gobject/howto-gobject-chainup.html
+#usr/share/gtk-doc/html/gobject/howto-gobject-code.html
+#usr/share/gtk-doc/html/gobject/howto-gobject-construction.html
+#usr/share/gtk-doc/html/gobject/howto-gobject-destruction.html
+#usr/share/gtk-doc/html/gobject/howto-gobject-methods.html
+#usr/share/gtk-doc/html/gobject/howto-gobject.html
+#usr/share/gtk-doc/html/gobject/howto-interface-implement.html
+#usr/share/gtk-doc/html/gobject/howto-interface-properties.html
+#usr/share/gtk-doc/html/gobject/howto-interface.html
+#usr/share/gtk-doc/html/gobject/howto-signals.html
+#usr/share/gtk-doc/html/gobject/index.html
+#usr/share/gtk-doc/html/gobject/index.sgml
+#usr/share/gtk-doc/html/gobject/ix01.html
+#usr/share/gtk-doc/html/gobject/ix02.html
+#usr/share/gtk-doc/html/gobject/ix03.html
+#usr/share/gtk-doc/html/gobject/ix04.html
+#usr/share/gtk-doc/html/gobject/ix05.html
+#usr/share/gtk-doc/html/gobject/ix06.html
+#usr/share/gtk-doc/html/gobject/ix07.html
+#usr/share/gtk-doc/html/gobject/left.png
+#usr/share/gtk-doc/html/gobject/pr01.html
+#usr/share/gtk-doc/html/gobject/pt01.html
+#usr/share/gtk-doc/html/gobject/pt02.html
+#usr/share/gtk-doc/html/gobject/pt03.html
+#usr/share/gtk-doc/html/gobject/right.png
+#usr/share/gtk-doc/html/gobject/rn01.html
+#usr/share/gtk-doc/html/gobject/rn02.html
+#usr/share/gtk-doc/html/gobject/signal.html
+#usr/share/gtk-doc/html/gobject/style.css
+#usr/share/gtk-doc/html/gobject/tools-ginspector.html
+#usr/share/gtk-doc/html/gobject/tools-gob.html
+#usr/share/gtk-doc/html/gobject/tools-gtkdoc.html
+#usr/share/gtk-doc/html/gobject/tools-refdb.html
+#usr/share/gtk-doc/html/gobject/up.png
+#usr/share/locale/am
+#usr/share/locale/am/LC_MESSAGES
+#usr/share/locale/am/LC_MESSAGES/glib20.mo
+#usr/share/locale/ar
+#usr/share/locale/ar/LC_MESSAGES
+#usr/share/locale/ar/LC_MESSAGES/glib20.mo
+#usr/share/locale/az
+#usr/share/locale/az/LC_MESSAGES
+#usr/share/locale/az/LC_MESSAGES/glib20.mo
+#usr/share/locale/be/LC_MESSAGES/glib20.mo
+#usr/share/locale/bg
+#usr/share/locale/bg/LC_MESSAGES
+#usr/share/locale/bg/LC_MESSAGES/glib20.mo
+#usr/share/locale/bn
+#usr/share/locale/bn/LC_MESSAGES
+#usr/share/locale/bn/LC_MESSAGES/glib20.mo
+#usr/share/locale/bs
+#usr/share/locale/bs/LC_MESSAGES
+#usr/share/locale/bs/LC_MESSAGES/glib20.mo
+#usr/share/locale/ca/LC_MESSAGES/glib20.mo
+#usr/share/locale/cs/LC_MESSAGES/glib20.mo
+#usr/share/locale/cy
+#usr/share/locale/cy/LC_MESSAGES
+#usr/share/locale/cy/LC_MESSAGES/glib20.mo
+#usr/share/locale/da/LC_MESSAGES/glib20.mo
+#usr/share/locale/de/LC_MESSAGES/glib20.mo
+#usr/share/locale/el/LC_MESSAGES/glib20.mo
+#usr/share/locale/en_CA
+#usr/share/locale/en_CA/LC_MESSAGES
+#usr/share/locale/en_CA/LC_MESSAGES/glib20.mo
+#usr/share/locale/en_GB/LC_MESSAGES/glib20.mo
+#usr/share/locale/eo
+#usr/share/locale/eo/LC_MESSAGES
+#usr/share/locale/eo/LC_MESSAGES/glib20.mo
+#usr/share/locale/es/LC_MESSAGES/glib20.mo
+#usr/share/locale/et/LC_MESSAGES/glib20.mo
+#usr/share/locale/eu
+#usr/share/locale/eu/LC_MESSAGES
+#usr/share/locale/eu/LC_MESSAGES/glib20.mo
+#usr/share/locale/fa
+#usr/share/locale/fa/LC_MESSAGES
+#usr/share/locale/fa/LC_MESSAGES/glib20.mo
+#usr/share/locale/fi/LC_MESSAGES/glib20.mo
+#usr/share/locale/fr/LC_MESSAGES/glib20.mo
+#usr/share/locale/ga
+#usr/share/locale/ga/LC_MESSAGES
+#usr/share/locale/ga/LC_MESSAGES/glib20.mo
+#usr/share/locale/gl/LC_MESSAGES/glib20.mo
+#usr/share/locale/gu
+#usr/share/locale/gu/LC_MESSAGES
+#usr/share/locale/gu/LC_MESSAGES/glib20.mo
+#usr/share/locale/he
+#usr/share/locale/he/LC_MESSAGES
+#usr/share/locale/he/LC_MESSAGES/glib20.mo
+#usr/share/locale/hi
+#usr/share/locale/hi/LC_MESSAGES
+#usr/share/locale/hi/LC_MESSAGES/glib20.mo
+#usr/share/locale/hr/LC_MESSAGES/glib20.mo
+#usr/share/locale/hu/LC_MESSAGES/glib20.mo
+#usr/share/locale/id
+#usr/share/locale/id/LC_MESSAGES
+#usr/share/locale/id/LC_MESSAGES/glib20.mo
+#usr/share/locale/is
+#usr/share/locale/is/LC_MESSAGES
+#usr/share/locale/is/LC_MESSAGES/glib20.mo
+#usr/share/locale/it/LC_MESSAGES/glib20.mo
+#usr/share/locale/ja/LC_MESSAGES/glib20.mo
+#usr/share/locale/ko/LC_MESSAGES/glib20.mo
+#usr/share/locale/ku
+#usr/share/locale/ku/LC_MESSAGES
+#usr/share/locale/ku/LC_MESSAGES/glib20.mo
+#usr/share/locale/lt
+#usr/share/locale/lt/LC_MESSAGES
+#usr/share/locale/lt/LC_MESSAGES/glib20.mo
+#usr/share/locale/lv
+#usr/share/locale/lv/LC_MESSAGES
+#usr/share/locale/lv/LC_MESSAGES/glib20.mo
+#usr/share/locale/mk
+#usr/share/locale/mk/LC_MESSAGES
+#usr/share/locale/mk/LC_MESSAGES/glib20.mo
+#usr/share/locale/ml
+#usr/share/locale/ml/LC_MESSAGES
+#usr/share/locale/ml/LC_MESSAGES/glib20.mo
+#usr/share/locale/mn
+#usr/share/locale/mn/LC_MESSAGES
+#usr/share/locale/mn/LC_MESSAGES/glib20.mo
+#usr/share/locale/ms
+#usr/share/locale/ms/LC_MESSAGES
+#usr/share/locale/ms/LC_MESSAGES/glib20.mo
+#usr/share/locale/nb/LC_MESSAGES/glib20.mo
+#usr/share/locale/ne
+#usr/share/locale/ne/LC_MESSAGES
+#usr/share/locale/ne/LC_MESSAGES/glib20.mo
+#usr/share/locale/nl/LC_MESSAGES/glib20.mo
+#usr/share/locale/nn
+#usr/share/locale/nn/LC_MESSAGES
+#usr/share/locale/nn/LC_MESSAGES/glib20.mo
+#usr/share/locale/no
+#usr/share/locale/no/LC_MESSAGES
+#usr/share/locale/no/LC_MESSAGES/glib20.mo
+#usr/share/locale/or
+#usr/share/locale/or/LC_MESSAGES
+#usr/share/locale/or/LC_MESSAGES/glib20.mo
+#usr/share/locale/pa
+#usr/share/locale/pa/LC_MESSAGES
+#usr/share/locale/pa/LC_MESSAGES/glib20.mo
+#usr/share/locale/pl/LC_MESSAGES/glib20.mo
+#usr/share/locale/pt
+#usr/share/locale/pt/LC_MESSAGES
+#usr/share/locale/pt/LC_MESSAGES/glib20.mo
+#usr/share/locale/pt_BR/LC_MESSAGES/glib20.mo
+#usr/share/locale/ro/LC_MESSAGES/glib20.mo
+#usr/share/locale/ru/LC_MESSAGES/glib20.mo
+#usr/share/locale/rw
+#usr/share/locale/rw/LC_MESSAGES
+#usr/share/locale/rw/LC_MESSAGES/glib20.mo
+#usr/share/locale/sk/LC_MESSAGES/glib20.mo
+#usr/share/locale/sl/LC_MESSAGES/glib20.mo
+#usr/share/locale/sq
+#usr/share/locale/sq/LC_MESSAGES
+#usr/share/locale/sq/LC_MESSAGES/glib20.mo
+#usr/share/locale/sr
+#usr/share/locale/sr/LC_MESSAGES
+#usr/share/locale/sr/LC_MESSAGES/glib20.mo
+#usr/share/locale/sr@Latn
+#usr/share/locale/sr@Latn/LC_MESSAGES
+#usr/share/locale/sr@Latn/LC_MESSAGES/glib20.mo
+#usr/share/locale/sr@ije
+#usr/share/locale/sr@ije/LC_MESSAGES
+#usr/share/locale/sr@ije/LC_MESSAGES/glib20.mo
+#usr/share/locale/sv/LC_MESSAGES/glib20.mo
+#usr/share/locale/ta
+#usr/share/locale/ta/LC_MESSAGES
+#usr/share/locale/ta/LC_MESSAGES/glib20.mo
+#usr/share/locale/te
+#usr/share/locale/te/LC_MESSAGES
+#usr/share/locale/te/LC_MESSAGES/glib20.mo
+#usr/share/locale/th
+#usr/share/locale/th/LC_MESSAGES
+#usr/share/locale/th/LC_MESSAGES/glib20.mo
+#usr/share/locale/tl
+#usr/share/locale/tl/LC_MESSAGES
+#usr/share/locale/tl/LC_MESSAGES/glib20.mo
+#usr/share/locale/tr/LC_MESSAGES/glib20.mo
+#usr/share/locale/tt
+#usr/share/locale/tt/LC_MESSAGES
+#usr/share/locale/tt/LC_MESSAGES/glib20.mo
+#usr/share/locale/uk/LC_MESSAGES/glib20.mo
+#usr/share/locale/vi
+#usr/share/locale/vi/LC_MESSAGES
+#usr/share/locale/vi/LC_MESSAGES/glib20.mo
+#usr/share/locale/wa
+#usr/share/locale/wa/LC_MESSAGES
+#usr/share/locale/wa/LC_MESSAGES/glib20.mo
+#usr/share/locale/xh
+#usr/share/locale/xh/LC_MESSAGES
+#usr/share/locale/xh/LC_MESSAGES/glib20.mo
+#usr/share/locale/yi
+#usr/share/locale/yi/LC_MESSAGES
+#usr/share/locale/yi/LC_MESSAGES/glib20.mo
+#usr/share/locale/zh_CN/LC_MESSAGES/glib20.mo
+#usr/share/locale/zh_HK
+#usr/share/locale/zh_HK/LC_MESSAGES
+#usr/share/locale/zh_HK/LC_MESSAGES/glib20.mo
+#usr/share/locale/zh_TW/LC_MESSAGES/glib20.mo
diff --git a/config/rootfiles/common/kudzu b/config/rootfiles/common/kudzu
new file mode 100644 (file)
index 0000000..7773620
--- /dev/null
@@ -0,0 +1,125 @@
+#etc/rc.d/init.d
+#etc/rc.d/init.d/kudzu
+#etc/sysconfig
+#etc/sysconfig/kudzu
+sbin/kudzu
+#usr/include/kudzu
+#usr/include/kudzu/adb.h
+#usr/include/kudzu/alias.h
+#usr/include/kudzu/ddc.h
+#usr/include/kudzu/device.h
+#usr/include/kudzu/firewire.h
+#usr/include/kudzu/ide.h
+#usr/include/kudzu/isapnp.h
+#usr/include/kudzu/keyboard.h
+#usr/include/kudzu/kudzu.h
+#usr/include/kudzu/macio.h
+#usr/include/kudzu/misc.h
+#usr/include/kudzu/modules.h
+#usr/include/kudzu/parallel.h
+#usr/include/kudzu/pci.h
+#usr/include/kudzu/pcmcia.h
+#usr/include/kudzu/psaux.h
+#usr/include/kudzu/sbus.h
+#usr/include/kudzu/scsi.h
+#usr/include/kudzu/serial.h
+#usr/include/kudzu/usb.h
+usr/lib/libkudzu.a
+usr/lib/libkudzu_loader.a
+#usr/lib/python2.4/site-packages/_kudzumodule.so
+#usr/lib/python2.4/site-packages/drv_libxml2.pyc
+#usr/lib/python2.4/site-packages/kudzu.py
+#usr/lib/python2.4/site-packages/kudzu.pyc
+#usr/lib/python2.4/site-packages/libxml2.pyc
+#usr/lib/python2.4/site-packages/snack.pyc
+usr/sbin/kudzu
+#usr/share/locale/ar/LC_MESSAGES/kudzu.mo
+#usr/share/locale/as
+#usr/share/locale/as/LC_MESSAGES
+#usr/share/locale/as/LC_MESSAGES/kudzu.mo
+#usr/share/locale/be/LC_MESSAGES/kudzu.mo
+#usr/share/locale/bg/LC_MESSAGES/kudzu.mo
+#usr/share/locale/bn/LC_MESSAGES/kudzu.mo
+#usr/share/locale/bn_IN
+#usr/share/locale/bn_IN/LC_MESSAGES
+#usr/share/locale/bn_IN/LC_MESSAGES/kudzu.mo
+#usr/share/locale/bs/LC_MESSAGES/kudzu.mo
+#usr/share/locale/ca/LC_MESSAGES/kudzu.mo
+#usr/share/locale/cs/LC_MESSAGES/kudzu.mo
+#usr/share/locale/cy/LC_MESSAGES/kudzu.mo
+#usr/share/locale/da/LC_MESSAGES/kudzu.mo
+#usr/share/locale/de/LC_MESSAGES/kudzu.mo
+#usr/share/locale/el/LC_MESSAGES/kudzu.mo
+#usr/share/locale/en_GB/LC_MESSAGES/kudzu.mo
+#usr/share/locale/es/LC_MESSAGES/kudzu.mo
+#usr/share/locale/et/LC_MESSAGES/kudzu.mo
+#usr/share/locale/eu_ES
+#usr/share/locale/eu_ES/LC_MESSAGES
+#usr/share/locale/eu_ES/LC_MESSAGES/kudzu.mo
+#usr/share/locale/fi/LC_MESSAGES/kudzu.mo
+#usr/share/locale/fr/LC_MESSAGES/kudzu.mo
+#usr/share/locale/gl/LC_MESSAGES/kudzu.mo
+#usr/share/locale/gu/LC_MESSAGES/kudzu.mo
+#usr/share/locale/he/LC_MESSAGES/kudzu.mo
+#usr/share/locale/hi/LC_MESSAGES/kudzu.mo
+#usr/share/locale/hr/LC_MESSAGES/kudzu.mo
+#usr/share/locale/hu/LC_MESSAGES/kudzu.mo
+#usr/share/locale/hy
+#usr/share/locale/hy/LC_MESSAGES
+#usr/share/locale/hy/LC_MESSAGES/kudzu.mo
+#usr/share/locale/id/LC_MESSAGES/kudzu.mo
+#usr/share/locale/is/LC_MESSAGES/kudzu.mo
+#usr/share/locale/it/LC_MESSAGES/kudzu.mo
+#usr/share/locale/ja/LC_MESSAGES/kudzu.mo
+#usr/share/locale/ka/LC_MESSAGES/kudzu.mo
+#usr/share/locale/kn
+#usr/share/locale/kn/LC_MESSAGES
+#usr/share/locale/kn/LC_MESSAGES/kudzu.mo
+#usr/share/locale/ko/LC_MESSAGES/kudzu.mo
+#usr/share/locale/ku/LC_MESSAGES/kudzu.mo
+#usr/share/locale/lo
+#usr/share/locale/lo/LC_MESSAGES
+#usr/share/locale/lo/LC_MESSAGES/kudzu.mo
+#usr/share/locale/lt/LC_MESSAGES/kudzu.mo
+#usr/share/locale/lv/LC_MESSAGES/kudzu.mo
+#usr/share/locale/mk/LC_MESSAGES/kudzu.mo
+#usr/share/locale/ml/LC_MESSAGES/kudzu.mo
+#usr/share/locale/mr
+#usr/share/locale/mr/LC_MESSAGES
+#usr/share/locale/mr/LC_MESSAGES/kudzu.mo
+#usr/share/locale/ms/LC_MESSAGES/kudzu.mo
+#usr/share/locale/my
+#usr/share/locale/my/LC_MESSAGES
+#usr/share/locale/my/LC_MESSAGES/kudzu.mo
+#usr/share/locale/nb/LC_MESSAGES/kudzu.mo
+#usr/share/locale/nl/LC_MESSAGES/kudzu.mo
+#usr/share/locale/nn/LC_MESSAGES/kudzu.mo
+#usr/share/locale/no/LC_MESSAGES/kudzu.mo
+#usr/share/locale/or/LC_MESSAGES/kudzu.mo
+#usr/share/locale/pa/LC_MESSAGES/kudzu.mo
+#usr/share/locale/pl/LC_MESSAGES/kudzu.mo
+#usr/share/locale/pt/LC_MESSAGES/kudzu.mo
+#usr/share/locale/pt_BR/LC_MESSAGES/kudzu.mo
+#usr/share/locale/ro/LC_MESSAGES/kudzu.mo
+#usr/share/locale/ru/LC_MESSAGES/kudzu.mo
+#usr/share/locale/si
+#usr/share/locale/si/LC_MESSAGES
+#usr/share/locale/si/LC_MESSAGES/kudzu.mo
+#usr/share/locale/sk/LC_MESSAGES/kudzu.mo
+#usr/share/locale/sl/LC_MESSAGES/kudzu.mo
+#usr/share/locale/sq/LC_MESSAGES/kudzu.mo
+#usr/share/locale/sr/LC_MESSAGES/kudzu.mo
+#usr/share/locale/sr@Latn/LC_MESSAGES/kudzu.mo
+#usr/share/locale/sv/LC_MESSAGES/kudzu.mo
+#usr/share/locale/ta/LC_MESSAGES/kudzu.mo
+#usr/share/locale/te/LC_MESSAGES/kudzu.mo
+#usr/share/locale/tr/LC_MESSAGES/kudzu.mo
+#usr/share/locale/uk/LC_MESSAGES/kudzu.mo
+#usr/share/locale/ur
+#usr/share/locale/ur/LC_MESSAGES
+#usr/share/locale/ur/LC_MESSAGES/kudzu.mo
+#usr/share/locale/vi/LC_MESSAGES/kudzu.mo
+#usr/share/locale/wa/LC_MESSAGES/kudzu.mo
+#usr/share/locale/zh_CN/LC_MESSAGES/kudzu.mo
+#usr/share/locale/zh_TW/LC_MESSAGES/kudzu.mo
+#usr/share/man/man8/kudzu.8
diff --git a/config/rootfiles/common/mc b/config/rootfiles/common/mc
new file mode 100644 (file)
index 0000000..ec00e5f
--- /dev/null
@@ -0,0 +1,102 @@
+usr/bin/mc
+usr/bin/mcedit
+usr/bin/mcmfmt
+usr/bin/mcview
+#usr/lib/mc
+usr/lib/mc/cons.saver
+#usr/man/man1/mc.1
+#usr/man/man1/mcedit.1
+#usr/man/man1/mcview.1
+#usr/share/mc
+#usr/share/mc/bin
+usr/share/mc/bin/mc-wrapper.csh
+usr/share/mc/bin/mc-wrapper.sh
+usr/share/mc/bin/mc.csh
+usr/share/mc/bin/mc.sh
+usr/share/mc/cedit.menu
+usr/share/mc/edit.indent.rc
+usr/share/mc/edit.spell.rc
+#usr/share/mc/extfs
+usr/share/mc/extfs/README
+usr/share/mc/extfs/a
+usr/share/mc/extfs/apt
+usr/share/mc/extfs/audio
+usr/share/mc/extfs/bpp
+usr/share/mc/extfs/deb
+usr/share/mc/extfs/deba
+usr/share/mc/extfs/debd
+usr/share/mc/extfs/dpkg
+usr/share/mc/extfs/extfs.ini
+usr/share/mc/extfs/hp48
+usr/share/mc/extfs/lslR
+usr/share/mc/extfs/mailfs
+usr/share/mc/extfs/patchfs
+usr/share/mc/extfs/rpm
+usr/share/mc/extfs/rpms
+usr/share/mc/extfs/sfs.ini
+usr/share/mc/extfs/trpm
+usr/share/mc/extfs/uar
+usr/share/mc/extfs/uarj
+usr/share/mc/extfs/uha
+usr/share/mc/extfs/ulha
+usr/share/mc/extfs/urar
+usr/share/mc/extfs/uzip
+usr/share/mc/extfs/uzoo
+usr/share/mc/mc.ext
+usr/share/mc/mc.hint
+#usr/share/mc/mc.hint.cs
+#usr/share/mc/mc.hint.es
+#usr/share/mc/mc.hint.hu
+#usr/share/mc/mc.hint.it
+#usr/share/mc/mc.hint.nl
+#usr/share/mc/mc.hint.pl
+#usr/share/mc/mc.hint.ru
+#usr/share/mc/mc.hint.uk
+#usr/share/mc/mc.hint.zh
+usr/share/mc/mc.hlp
+usr/share/mc/mc.lib
+usr/share/mc/mc.menu
+#usr/share/mc/syntax
+usr/share/mc/syntax/Syntax
+usr/share/mc/syntax/ada95.syntax
+usr/share/mc/syntax/c.syntax
+usr/share/mc/syntax/changelog.syntax
+usr/share/mc/syntax/diff.syntax
+usr/share/mc/syntax/dos.syntax
+usr/share/mc/syntax/fortran.syntax
+usr/share/mc/syntax/html.syntax
+usr/share/mc/syntax/java.syntax
+usr/share/mc/syntax/js.syntax
+usr/share/mc/syntax/latex.syntax
+usr/share/mc/syntax/lisp.syntax
+usr/share/mc/syntax/lsm.syntax
+usr/share/mc/syntax/m4.syntax
+usr/share/mc/syntax/mail.syntax
+usr/share/mc/syntax/makefile.syntax
+usr/share/mc/syntax/ml.syntax
+usr/share/mc/syntax/nroff.syntax
+usr/share/mc/syntax/octave.syntax
+usr/share/mc/syntax/pascal.syntax
+usr/share/mc/syntax/perl.syntax
+usr/share/mc/syntax/php.syntax
+usr/share/mc/syntax/po.syntax
+usr/share/mc/syntax/python.syntax
+usr/share/mc/syntax/sh.syntax
+usr/share/mc/syntax/slang.syntax
+usr/share/mc/syntax/smalltalk.syntax
+usr/share/mc/syntax/spec.syntax
+usr/share/mc/syntax/sql.syntax
+usr/share/mc/syntax/swig.syntax
+usr/share/mc/syntax/syntax.syntax
+usr/share/mc/syntax/tcl.syntax
+usr/share/mc/syntax/texinfo.syntax
+usr/share/mc/syntax/unknown.syntax
+usr/share/mc/syntax/xml.syntax
+#usr/share/mc/term
+usr/share/mc/term/README.xterm
+usr/share/mc/term/ansi.ti
+usr/share/mc/term/linux.ti
+usr/share/mc/term/vt100.ti
+usr/share/mc/term/xterm.ad
+usr/share/mc/term/xterm.tcap
+usr/share/mc/term/xterm.ti
diff --git a/config/rootfiles/common/misc-progs b/config/rootfiles/common/misc-progs
new file mode 100644 (file)
index 0000000..65e1920
--- /dev/null
@@ -0,0 +1,29 @@
+usr/local/bin/getipstat
+#usr/local/bin/installfcdsl
+#usr/local/bin/installpackage
+#usr/local/bin/iowrap
+usr/local/bin/ipfirebackup
+usr/local/bin/ipfirebkcfg
+usr/local/bin/ipfirereboot
+usr/local/bin/ipfirerscfg
+usr/local/bin/ipsecctrl
+usr/local/bin/launch-ether-wake
+usr/local/bin/logwatch
+usr/local/bin/openvpnctrl
+usr/local/bin/qosctrl
+usr/local/bin/rebuildhosts
+usr/local/bin/restartapplejuice
+usr/local/bin/restartdhcp
+usr/local/bin/restartntpd
+usr/local/bin/restartsnort
+usr/local/bin/restartsquid
+usr/local/bin/restartssh
+usr/local/bin/restartsyslogd
+usr/local/bin/restartwireless
+usr/local/bin/setaliases
+usr/local/bin/setdate
+usr/local/bin/setdmzholes
+usr/local/bin/setfilters
+usr/local/bin/setportfw
+usr/local/bin/setxtaccess
+usr/local/bin/timecheckctrl
index 8771d80..9e83550 100644 (file)
@@ -512,7 +512,7 @@ usr/lib/perl5/5.8.8/i586-linux/ByteLoader.pm
 #usr/lib/perl5/5.8.8/i586-linux/CORE/warnings.h
 usr/lib/perl5/5.8.8/i586-linux/Config.pm
 #usr/lib/perl5/5.8.8/i586-linux/Config.pod
-#usr/lib/perl5/5.8.8/i586-linux/Config_heavy.pl
+usr/lib/perl5/5.8.8/i586-linux/Config_heavy.pl
 usr/lib/perl5/5.8.8/i586-linux/Cwd.pm
 usr/lib/perl5/5.8.8/i586-linux/DB_File.pm
 #usr/lib/perl5/5.8.8/i586-linux/Data
@@ -606,7 +606,7 @@ usr/lib/perl5/5.8.8/i586-linux/auto/Cwd/Cwd.so
 #usr/lib/perl5/5.8.8/i586-linux/auto/DB_File
 #usr/lib/perl5/5.8.8/i586-linux/auto/DB_File/DB_File.bs
 usr/lib/perl5/5.8.8/i586-linux/auto/DB_File/DB_File.so
-#usr/lib/perl5/5.8.8/i586-linux/auto/DB_File/autosplit.ix
+usr/lib/perl5/5.8.8/i586-linux/auto/DB_File/autosplit.ix
 #usr/lib/perl5/5.8.8/i586-linux/auto/Data
 #usr/lib/perl5/5.8.8/i586-linux/auto/Data/Dumper
 #usr/lib/perl5/5.8.8/i586-linux/auto/Data/Dumper/Dumper.bs
@@ -626,12 +626,12 @@ usr/lib/perl5/5.8.8/i586-linux/auto/Data/Dumper/Dumper.so
 #usr/lib/perl5/5.8.8/i586-linux/auto/Digest/MD5/MD5.bs
 usr/lib/perl5/5.8.8/i586-linux/auto/Digest/MD5/MD5.so
 #usr/lib/perl5/5.8.8/i586-linux/auto/DynaLoader
-#usr/lib/perl5/5.8.8/i586-linux/auto/DynaLoader/DynaLoader.a
-#usr/lib/perl5/5.8.8/i586-linux/auto/DynaLoader/autosplit.ix
-#usr/lib/perl5/5.8.8/i586-linux/auto/DynaLoader/dl_expandspec.al
-#usr/lib/perl5/5.8.8/i586-linux/auto/DynaLoader/dl_find_symbol_anywhere.al
-#usr/lib/perl5/5.8.8/i586-linux/auto/DynaLoader/dl_findfile.al
-#usr/lib/perl5/5.8.8/i586-linux/auto/DynaLoader/extralibs.ld
+usr/lib/perl5/5.8.8/i586-linux/auto/DynaLoader/DynaLoader.a
+usr/lib/perl5/5.8.8/i586-linux/auto/DynaLoader/autosplit.ix
+usr/lib/perl5/5.8.8/i586-linux/auto/DynaLoader/dl_expandspec.al
+usr/lib/perl5/5.8.8/i586-linux/auto/DynaLoader/dl_find_symbol_anywhere.al
+usr/lib/perl5/5.8.8/i586-linux/auto/DynaLoader/dl_findfile.al
+usr/lib/perl5/5.8.8/i586-linux/auto/DynaLoader/extralibs.ld
 #usr/lib/perl5/5.8.8/i586-linux/auto/Encode
 #usr/lib/perl5/5.8.8/i586-linux/auto/Encode/Byte
 #usr/lib/perl5/5.8.8/i586-linux/auto/Encode/Byte/Byte.bs
@@ -665,7 +665,7 @@ usr/lib/perl5/5.8.8/i586-linux/auto/Fcntl/Fcntl.so
 #usr/lib/perl5/5.8.8/i586-linux/auto/File
 #usr/lib/perl5/5.8.8/i586-linux/auto/File/Glob
 usr/lib/perl5/5.8.8/i586-linux/auto/File/Glob/Glob.bs
-#usr/lib/perl5/5.8.8/i586-linux/auto/File/Glob/Glob.so
+usr/lib/perl5/5.8.8/i586-linux/auto/File/Glob/Glob.so
 #usr/lib/perl5/5.8.8/i586-linux/auto/Filter
 #usr/lib/perl5/5.8.8/i586-linux/auto/Filter/Util
 #usr/lib/perl5/5.8.8/i586-linux/auto/Filter/Util/Call
index 1cfef40..b938b22 100644 (file)
 * openssh-4.3p2
 * openssl-0.9.8d
 * openswan-2.4.6
+* openswan-2.4.7
 * openvpn-2.0.9
 * pam_mysql-0.7RC1
 * patch-2.5.4
index 68ee370..963a8db 100644 (file)
--- a/lfs/kudzu
+++ b/lfs/kudzu
@@ -83,9 +83,8 @@ ifeq "$(LFS_PASS)" "install"
        cd $(DIR_APP) && install -m 0755 kudzu /install/initrd/bin/kudzu
        cd $(DIR_APP) && install -m 0644 libkudzu.a /install/initrd/lib
        cd $(DIR_APP) && install -m 0644 libkudzu_loader.a /install/initrd/lib
-#      -mkdir -p /install/include/kudzu
-#      cd $(DIR_APP) && install -m 0644 *.h /install/include/kudzu
 else
+       rm -rf /usr/sbin/kudzu
        cd $(DIR_APP) && ARCH=$(MACHINE) RPM_OPT_FLAGS="$(CFLAGS)" make
        cd $(DIR_APP) && ARCH=$(MACHINE) RPM_OPT_FLAGS="$(CFLAGS)" make install
        cd $(DIR_APP) && ARCH=$(MACHINE) RPM_OPT_FLAGS="$(CFLAGS)" make install-program
index b03973c..8264a69 100644 (file)
--- a/lfs/linux
+++ b/lfs/linux
@@ -36,25 +36,22 @@ DIR_APP    = $(DIR_SRC)/$(THISAPP)
 CFLAGS     =
 CXXFLAGS   =
 
-# Normal build or /tools build.
+# Normal build or SMP build.
 #
-ifeq "$(PASS)" ""
-  TARGET = $(DIR_INFO)/linux-$(PATCHLEVEL)-ipfire
-endif
-ifeq "$(PASS)" "S"
-  TARGET = $(DIR_INFO)/linux-$(PATCHLEVEL)-ipfire-smp
-endif
-ifeq "$(PASS)" "I"
-  TARGET = $(DIR_INFO)/linux-$(PATCHLEVEL)-ipfire-installer
+ifeq "$(SMP)" "1"
+       TARGET = $(DIR_INFO)/linux-$(PATCHLEVEL)-ipfire-smp
+else
+       TARGET = $(DIR_INFO)/linux-$(PATCHLEVEL)-ipfire
 endif
 
 ###############################################################################
 # Top-level Rules
 ###############################################################################
 objects =$(DL_FILE) \
-       openswan-2.4.6.kernel-2.6-natt.patch.gz \
+       openswan-2.4.7.kernel-2.6-natt.patch.gz \
+       openswan-2.4.7.kernel-2.6-klips.patch.gz \
        iptables-1.3.5.tar.bz2 \
-       patch-o-matic-ng-20060206.tar.bz2 \
+       patch-o-matic-ng-20061210.tar.bz2 \
        kbc_option_2420.patch \
        net4801.kernel.patch_2.4.31 \
        netfilter-layer7-v2.6.tar.gz \
@@ -62,8 +59,9 @@ objects =$(DL_FILE) \
 
 $(DL_FILE)                                     = $(DL_FROM)/$(DL_FILE)
 patch-$(PATCHLEVEL).gz                 = $(DL_FROM)/patch-$(PATCHLEVEL).gz
-openswan-2.4.6.kernel-2.6-natt.patch.gz        = $(URL_IPFIRE)/openswan-2.4.6.kernel-2.6-natt.patch.gz
-patch-o-matic-ng-20060206.tar.bz2      = $(URL_IPFIRE)/patch-o-matic-ng-20060206.tar.bz2
+openswan-2.4.7.kernel-2.6-natt.patch.gz        = $(URL_IPFIRE)/openswan-2.4.7.kernel-2.6-natt.patch.gz
+openswan-2.4.7.kernel-2.6-klips.patch.gz       = $(URL_IPFIRE)/openswan-2.4.7.kernel-2.6-klips.patch.gz
+patch-o-matic-ng-20061210.tar.bz2      = $(URL_IPFIRE)/patch-o-matic-ng-20061210.tar.bz2
 iptables-1.3.5.tar.bz2                 = $(URL_IPFIRE)/iptables-1.3.5.tar.bz2
 kbc_option_2420.patch                  = $(URL_IPFIRE)/kbc_option_2420.patch
 net4801.kernel.patch_2.4.31                    = $(URL_IPFIRE)/net4801.kernel.patch_2.4.31
@@ -71,8 +69,9 @@ netfilter-layer7-v2.6.tar.gz          = $(URL_IPFIRE)/netfilter-layer7-v2.6.tar.gz
 
 $(DL_FILE)_MD5                                 = 50695965725367f39007023feac5e256
 patch-$(PATCHLEVEL).gz_MD5                             = 4b09dd018286850c20c0f051ced7b583
-openswan-2.4.6.kernel-2.6-natt.patch.gz_MD5    = 398110db4372ea3acc45bd66d6d86eac
-patch-o-matic-ng-20060206.tar.bz2_MD5          = eca9893afb753e331caddfe63142b566
+openswan-2.4.7.kernel-2.6-natt.patch.gz_MD5    = 980d8bbdb29a761b7f5aa852f373df62
+openswan-2.4.7.kernel-2.6-klips.patch.gz_MD5   = 5df0ffa2453488a407a23fc4ea4af879
+patch-o-matic-ng-20061210.tar.bz2_MD5          = 76edac76301b45f89e467b41c8cf4393
 iptables-1.3.5.tar.bz2_MD5                             = 00fb916fa8040ca992a5ace56d905ea5
 kbc_option_2420.patch_MD5                              = 6d37870344f7fcf97ace1fbf43323c60
 net4801.kernel.patch_2.4.31_MD5                        = c7d64e3caedb2f2b10e1c11db7f73a04
@@ -106,6 +105,8 @@ $(subst %,%_MD5,$(objects)) :
 $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
        @$(PREBUILD)
        @rm -rf $(DIR_APP) $(DIR_SRC)/linux && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
+
+       # Update kernel to latest patchlevel
        cd $(DIR_APP) && zcat $(DIR_DL)/patch-$(PATCHLEVEL).gz | patch -p1
        cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux-2.6.16.27-utf8_input-1.patch
        # Remove patch level in EXTRAVERSION.
@@ -113,86 +114,67 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
        # (installed in a different place) if only one part could be updated
        cd $(DIR_APP) && sed -i -e 's/EXTRAVERSION\ =.*/EXTRAVERSION\ =/' Makefile
        cd $(DIR_APP) && sed -i -e 's/-Werror//' drivers/scsi/aic7xxx/Makefile
+       cd $(DIR_APP) && sed -i -e 's/gettext//' scripts/kconfig/lkc.h
 
-       # Openswan-2
-       # cd $(DIR_SRC) && zcat $(DIR_DL)/openswan-2.4.6.kernel-2.6-natt.patch.gz | patch -Np0
+       # Openswan 2
+       cd $(DIR_SRC) && rm -rf openswan-*
+       cd $(DIR_SRC) && tar xfz $(DIR_DL)/openswan-2.4.7.tar.gz
+       cd $(DIR_APP) && gzip -dc $(DIR_DL)/openswan-2.4.7.kernel-2.6-natt.patch.gz | patch -Np1
+       cd $(DIR_APP) && gzip -dc $(DIR_DL)/openswan-2.4.7.kernel-2.6-klips.patch.gz | patch -Np1
+       cd $(DIR_SRC)/openswan-* && sed -i -e 's/INC_USRLOCAL=\/usr\/local/INC_USRLOCAL=\/usr/' Makefile.inc
 
        # Patch-o-matic
        cd $(DIR_SRC) && rm -rf iptables-*
        cd $(DIR_SRC) && tar xfj $(DIR_DL)/iptables-1.3.5.tar.bz2
        cd $(DIR_SRC) && ln -sf iptables-1.3.5 iptables
        cd $(DIR_SRC) && rm -rf patch-o-matic*
-       cd $(DIR_SRC) && tar xfj $(DIR_DL)/patch-o-matic-ng-20060206.tar.bz2
+       cd $(DIR_SRC) && tar xfj $(DIR_DL)/patch-o-matic-ng-20061210.tar.bz2
+
+       cd $(DIR_SRC)/patch-o-matic-ng* && \
+               ./runme --batch --kernel-path=$(ROOT)/usr/src/$(THISAPP)/ --iptables-path=$(ROOT)/usr/src/iptables/ \
+                       TARPIT h323-conntrack-nat cuseeme-nat \
+                       sip-conntrack-nat 
+                       # rtsp-conntrack-nat quake3-conntrack-nat mms-conntrack-nat
 
 #      cd $(DIR_SRC)/patch-o-matic* && yes 'y' | ./runme --kernel-path=$(DIR_APP) --iptables-path=$(ROOT)/usr/src/iptables/ pending
 #      cd $(DIR_SRC)/patch-o-matic* && yes 'y' | ./runme --kernel-path=$(DIR_APP) --iptables-path=$(ROOT)/usr/src/iptables/ base
-#      cd $(DIR_SRC)/patch-o-matic* && yes 'y' | ./runme --kernel-path=$(DIR_APP) --iptables-path=$(ROOT)/usr/src/iptables/ h323-conntrack-nat
-#      cd $(DIR_SRC)/patch-o-matic* && yes 'y' | ./runme --kernel-path=$(DIR_APP) --iptables-path=$(ROOT)/usr/src/iptables/ cuseeme-nat
 #      cd $(DIR_SRC)/patch-o-matic* && yes 'y' | ./runme --kernel-path=$(DIR_APP) --iptables-path=$(ROOT)/usr/src/iptables/ mms-conntrack-nat
 #      cd $(DIR_SRC)/patch-o-matic* && yes 'y' | ./runme --kernel-path=$(DIR_APP) --iptables-path=$(ROOT)/usr/src/iptables/ pptp-conntrack-nat
 #      cd $(DIR_SRC)/patch-o-matic* && yes 'y' | ./runme --kernel-path=$(DIR_APP) --iptables-path=$(ROOT)/usr/src/iptables/ rtsp-conntrack
 #      cd $(DIR_SRC)/patch-o-matic* && yes 'y' | ./runme --kernel-path=$(DIR_APP) --iptables-path=$(ROOT)/usr/src/iptables/ quake3-conntrack-nat
-#      cd $(DIR_SRC)/patch-o-matic* && yes 'y' | ./runme --kernel-path=$(DIR_APP) --iptables-path=$(ROOT)/usr/src/iptables/ sip-conntrack-nat
 #      cd $(DIR_SRC)/patch-o-matic* && yes 'y' | ./runme --kernel-path=$(DIR_APP) --iptables-path=$(ROOT)/usr/src/iptables/ ip_queue_vwmark
 #      cd $(DIR_SRC)/patch-o-matic* && yes 'y' | ./runme --kernel-path=$(DIR_APP) --iptables-path=$(ROOT)/usr/src/iptables/ ipp2p
 #      cd $(DIR_SRC)/patch-o-matic* && yes 'y' | ./runme --kernel-path=$(DIR_APP) --iptables-path=$(ROOT)/usr/src/iptables/ ipsec-01-output-hooks
 #      cd $(DIR_SRC)/patch-o-matic* && yes 'y' | ./runme --kernel-path=$(DIR_APP) --iptables-path=$(ROOT)/usr/src/iptables/ ipsec-02-input-hooks
 #      cd $(DIR_SRC)/patch-o-matic* && yes 'y' | ./runme --kernel-path=$(DIR_APP) --iptables-path=$(ROOT)/usr/src/iptables/ ipsec-03-policy-lookup
 #      cd $(DIR_SRC)/patch-o-matic* && yes 'y' | ./runme --kernel-path=$(DIR_APP) --iptables-path=$(ROOT)/usr/src/iptables/ ipsec-04-policy-checks
-#      cd $(DIR_SRC)/patch-o-matic* && yes 'y' | ./runme --kernel-path=$(DIR_APP) --iptables-path=$(ROOT)/usr/src/iptables/ TARPIT
        
-       #layer7-patch
+       # Layer7-patch
        cd $(DIR_SRC) && tar xzf $(DIR_DL)/netfilter-layer7-v2.6.tar.gz
        cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/netfilter-layer7-v2.6/for_older_kernels/kernel-2.6.13-2.6.16-layer7-2.2.patch
 
        # ip_conntrack permissions from 440 to 444
        # cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/ip_conntrack_standalone-patch-for-ipfire.patch
 
-ifeq "$(PASS)" ""
+ifeq "$(SMP)" ""
        # Only do this once on the non-SMP pass
        cd $(DIR_SRC) && tar czf $(DIR_DL)/iptables-fixed.tar.gz iptables-1.3.5
 endif
 
-       # Olitec isdn gazel patch
-#      cd $(DIR_APP) && patch -Np0 < $(DIR_SRC)/src/patches/linux-2.4.23-olitec-isdn.patch
-
-       # Fix /proc/stat output
-#      cd $(DIR_APP) && patch -Np2 < $(DIR_SRC)/src/patches/linux-2.4.26-proc-stat.patch
-
-       # Fix libata-core.c
-       # cd $(DIR_APP) && patch -Np0 < $(DIR_SRC)/src/patches/linux-2.4.26-scsi.patch
-
-       # frandom patch
-#      cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux-2.4.27-frandom-2.patch
-
-       # Propolice
-#      cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux-2.4.27-ssp-1.patch
-
-       # Support ppp-2.4.3 multilink behavior (terminate when no channel is connected)
-       # need updated libpcap older than 0.8.3
-       # cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/ppp_generic-ppp-2.4.3_multilink.patch
-
-       # R8169 clone D-link GSE-528T
-#      cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux-2.4.29_r8169clone.patch
-
-       # bootsplash
+       # Bootsplash
        cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/bootsplash-3.1.6-2.6.15.diff
 
        # Cleanup kernel source
        cd $(DIR_APP) && make mrproper
-ifeq "$(PASS)" ""
+
+ifeq "$(SMP)" ""
        cp $(DIR_SRC)/config/kernel/kernel.config.$(MACHINE) $(DIR_APP)/.config
 endif
-ifeq "$(PASS)" "S"
+ifeq "$(SMP)" "1"
        cp $(DIR_SRC)/config/kernel/kernel.config.$(MACHINE).smp $(DIR_APP)/.config
 endif
-ifeq "$(PASS)" "I"
-       cp $(DIR_SRC)/config/kernel/kernel.config.$(MACHINE).installer $(DIR_APP)/.config
-       cd $(DIR_APP) && sed -i -e 's/-O2/-Os/g' Makefile
-endif
 
        cd $(DIR_APP) && make CC="$(KGCC)" oldconfig
-       cd $(DIR_APP) && make CC="$(KGCC)" dep
        cd $(DIR_APP) && make CC="$(KGCC)" clean
        if [ "$(PASS)" = "" ]; then \
                cd $(DIR_APP) && make $(MAKETUNING) CC="$(KGCC)" bzImage; \
@@ -203,6 +185,8 @@ endif
                ln -sf System.map-$(VER) /boot/System.map; \
                cd $(DIR_APP) && make CC="$(KGCC)" $(MAKETUNING) modules; \
                cd $(DIR_APP) && make CC="$(KGCC)" $(MAKETUNING) modules_install; \
+               cd $(DIR_SRC)/openswan-* && make KERNELSRC=/usr/src/$(THISAPP) CC=$(CC) module; \
+               cd $(DIR_SRC)/openswan-* && make KERNELSRC=/usr/src/$(THISAPP) CC=$(CC) minstall; \
        elif [ "$(PASS)" = "S" ]; then \
                cd $(DIR_APP) && sed -i -e 's/EXTRAVERSION\ =/EXTRAVERSION\ =\ -smp/' Makefile; \
                cd $(DIR_APP) && make $(MAKETUNING) CC="$(KGCC)" bzImage; \
@@ -212,42 +196,16 @@ endif
                ln -sf vmlinuz-$(VER)-smp /boot/vmlinuz-smp; \
                cd $(DIR_APP) && make CC="$(KGCC)" $(MAKETUNING) modules; \
                cd $(DIR_APP) && make CC="$(KGCC)" $(MAKETUNING) modules_install; \
-       elif [ "$(PASS)" = "I" ]; then \
-               cd $(DIR_APP) && make $(MAKETUNING) CC="$(KGCC)" bzImage; \
-               cd $(DIR_APP) && cp -v arch/i386/boot/bzImage /boot/vmlinuz-installer; \
-               cd $(DIR_APP) && cp -v .config /boot/config-$(VER); \
+               cd $(DIR_SRC)/openswan-* && make KERNELSRC=/usr/src/$(THISAPP) CC=$(CC) module; \
+               cd $(DIR_SRC)/openswan-* && make KERNELSRC=/usr/src/$(THISAPP) CC=$(CC) minstall; \
        fi
+
        # remove symlinked pcmcia directory
-ifeq "$(PASS)" ""
+ifeq "$(SMP)" ""
        rm -rf /lib/modules/$(VER)/pcmcia
-       find /lib/modules/$(VER)/ -name '*.o' -a -type f | xargs gzip -f9
-
-       # Move these SCSI drivers into same directory for probescsi.sh
-       mv -f  /lib/modules/$(VER)/kernel/drivers/scsi/aic7xxx/*     /lib/modules/$(VER)/kernel/drivers/scsi
-       rm -rf /lib/modules/$(VER)/kernel/drivers/scsi/aic7xxx
-       mv -f  /lib/modules/$(VER)/kernel/drivers/scsi/aacraid/*     /lib/modules/$(VER)/kernel/drivers/scsi
-       rm -rf /lib/modules/$(VER)/kernel/drivers/scsi/aacraid
-       mv -f  /lib/modules/$(VER)/kernel/drivers/scsi/sym53c8xx_2/* /lib/modules/$(VER)/kernel/drivers/scsi
-       rm -rf /lib/modules/$(VER)/kernel/drivers/scsi/sym53c8xx_2
 endif
-ifeq "$(PASS)" "S"
+ifeq "$(SMP)" "1"
        rm -rf /lib/modules/$(VER)-smp/pcmcia
-       find /lib/modules/$(VER)-smp/ -name '*.o' -a -type f | xargs gzip -f9
-
-       # Move these SCSI drivers into same directory for probescsi.sh
-       mv -f  /lib/modules/$(VER)-smp/kernel/drivers/scsi/aic7xxx/*     /lib/modules/$(VER)-smp/kernel/drivers/scsi
-       rm -rf /lib/modules/$(VER)-smp/kernel/drivers/scsi/aic7xxx
-       mv -f  /lib/modules/$(VER)-smp/kernel/drivers/scsi/aacraid/*     /lib/modules/$(VER)-smp/kernel/drivers/scsi
-       rm -rf /lib/modules/$(VER)-smp/kernel/drivers/scsi/aacraid
-       mv -f  /lib/modules/$(VER)-smp/kernel/drivers/scsi/sym53c8xx_2/* /lib/modules/$(VER)-smp/kernel/drivers/scsi
-       rm -rf /lib/modules/$(VER)-smp/kernel/drivers/scsi/sym53c8xx_2
-endif
-
-ifeq "$(PASS)" ""
-       # Only do this once on the non-SMP pass
-       # cd $(DIR_APP) && make mandocs
-       #-mkdir -p /usr/share/man/man9/
-       #cd $(DIR_APP) && cp -af Documentation/man/* /usr/share/man/man9/
 endif
        @rm -rf $(DIR_SRC)/patch-o-matic* $(DIR_SRC)/iptables*
        @$(POSTBUILD)
index 16565db..3fee13f 100644 (file)
@@ -26,7 +26,7 @@
 
 include Config
 
-VER        = 2.4.6
+VER        = 2.4.7
 
 THISAPP    = openswan-$(VER)
 DL_FILE    = $(THISAPP).tar.gz
@@ -42,7 +42,7 @@ objects = $(DL_FILE)
 
 $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
 
-$(DL_FILE)_MD5 = b34d71ca49dedad017879b0e912d40dd
+$(DL_FILE)_MD5 = 70f22e8adc39e07a165f75eccb7cd079
 
 install : $(TARGET)
 
diff --git a/make.sh b/make.sh
index 24864c3..fdd425d 100644 (file)
--- a/make.sh
+++ b/make.sh
@@ -324,8 +324,7 @@ buildipfire() {
   ipfiremake ppp
   ipfiremake rp-pppoe
   ipfiremake unzip
-#  ipfiremake linux                    PASS=I # Can we remove the installer kernel?
-  ipfiremake linux                     PASS=S
+  ipfiremake linux                     SMP=1
 #  ipfiremake 3cp4218          PASS=SMP
 #  ipfiremake amedyn                   PASS=SMP
 #  ipfiremake cxacru                   PASS=SMP
diff --git a/src/initscripts/init.d/firewall b/src/initscripts/init.d/firewall
new file mode 100644 (file)
index 0000000..c1c0c7e
--- /dev/null
@@ -0,0 +1,295 @@
+#!/bin/sh
+
+eval $(/usr/local/bin/readhash /var/ipfire/ppp/settings)
+eval $(/usr/local/bin/readhash /var/ipfire/ethernet/settings)
+IFACE=`/bin/cat /var/ipfire/red/iface 2> /dev/null | /usr/bin/tr -d '\012'`
+
+if [ -f /var/ipfire/red/device ]; then
+       DEVICE=`/bin/cat /var/ipfire/red/device 2> /dev/null | /usr/bin/tr -d '\012'`
+fi
+
+iptables_init() {
+       # Flush all rules and delete all custom chains
+       /sbin/iptables -F
+       /sbin/iptables -t nat -F
+       /sbin/iptables -t mangle -F
+       /sbin/iptables -X
+       /sbin/iptables -t nat -X
+       /sbin/iptables -t mangle -X
+
+       # Set up policies
+       /sbin/iptables -P INPUT DROP
+       /sbin/iptables -P FORWARD DROP
+       /sbin/iptables -P OUTPUT ACCEPT
+
+       # Empty LOG_DROP and LOG_REJECT chains
+       /sbin/iptables -N LOG_DROP
+       /sbin/iptables -A LOG_DROP   -m limit --limit 10/minute -j LOG
+       /sbin/iptables -A LOG_DROP   -j DROP
+       /sbin/iptables -N LOG_REJECT
+       /sbin/iptables -A LOG_REJECT -m limit --limit 10/minute -j LOG
+       /sbin/iptables -A LOG_REJECT -j REJECT
+
+       # This chain will log, then DROPs packets with certain bad combinations
+       # of flags might indicate a port-scan attempt (xmas, null, etc)
+       /sbin/iptables -N PSCAN
+       /sbin/iptables -A PSCAN -p tcp  -m limit --limit 10/minute -j LOG --log-prefix "TCP Scan? "
+       /sbin/iptables -A PSCAN -p udp  -m limit --limit 10/minute -j LOG --log-prefix "UDP Scan? "
+       /sbin/iptables -A PSCAN -p icmp -m limit --limit 10/minute -j LOG --log-prefix "ICMP Scan? "
+       /sbin/iptables -A PSCAN -f      -m limit --limit 10/minute -j LOG --log-prefix "FRAG Scan? "
+       /sbin/iptables -A PSCAN -j DROP
+
+       # New tcp packets without SYN set - could well be an obscure type of port scan
+       # that's not covered above, may just be a broken windows machine
+       /sbin/iptables -N NEWNOTSYN
+       /sbin/iptables -A NEWNOTSYN  -m limit --limit 10/minute -j LOG  --log-prefix "NEW not SYN? "
+       /sbin/iptables -A NEWNOTSYN  -j DROP
+
+       # Chain to contain all the rules relating to bad TCP flags
+       /sbin/iptables -N BADTCP
+
+       # Disallow packets frequently used by port-scanners
+       # nmap xmas
+       /sbin/iptables -A BADTCP -p tcp --tcp-flags ALL FIN,URG,PSH  -j PSCAN
+       # Null
+       /sbin/iptables -A BADTCP -p tcp --tcp-flags ALL NONE -j PSCAN
+       # FIN
+       /sbin/iptables -A BADTCP -p tcp --tcp-flags ALL FIN -j PSCAN
+       # SYN/RST (also catches xmas variants that set SYN+RST+...)
+       /sbin/iptables -A BADTCP -p tcp --tcp-flags SYN,RST SYN,RST -j PSCAN
+       # SYN/FIN (QueSO or nmap OS probe)
+       /sbin/iptables -A BADTCP -p tcp --tcp-flags SYN,FIN SYN,FIN -j PSCAN
+       # NEW TCP without SYN
+       /sbin/iptables -A BADTCP -p tcp ! --syn -m state --state NEW -j NEWNOTSYN
+
+       /sbin/iptables -A INPUT   -j BADTCP
+       /sbin/iptables -A FORWARD -j BADTCP
+
+}
+
+iptables_red() {
+       /sbin/iptables -F REDINPUT
+       /sbin/iptables -F REDFORWARD
+       /sbin/iptables -t nat -F REDNAT
+
+       # PPPoE / PPTP Device
+       if [ "$IFACE" != "" ]; then
+               # PPPoE / PPTP
+               if [ "$DEVICE" != "" ]; then
+                       /sbin/iptables -A REDINPUT -i $DEVICE -j ACCEPT
+               fi
+               if [ "$RED_TYPE" == "PPTP" -o "$RED_TYPE" == "PPPOE" ]; then
+                       if [ "$RED_DEV" != "" ]; then
+                               /sbin/iptables -A REDINPUT -i $RED_DEV -j ACCEPT
+                       fi
+               fi
+       fi
+
+       # PPTP over DHCP
+       if [ "$DEVICE" != "" -a "$TYPE" == "PPTP" -a "$METHOD" == "DHCP" ]; then
+               /sbin/iptables -A REDINPUT -p tcp --source-port 67 --destination-port 68 -i $DEVICE -j ACCEPT
+               /sbin/iptables -A REDINPUT -p udp --source-port 67 --destination-port 68 -i $DEVICE -j ACCEPT
+       fi
+
+       # Orange pinholes
+       if [ "$ORANGE_DEV" != "" ]; then
+               # This rule enables a host on ORANGE network to connect to the outside
+               # (only if we have a red connection)
+               if [ "$IFACE" != "" ]; then
+                       /sbin/iptables -A REDFORWARD -i $ORANGE_DEV -p tcp -o $IFACE -j ACCEPT
+                       /sbin/iptables -A REDFORWARD -i $ORANGE_DEV -p udp -o $IFACE -j ACCEPT
+               fi
+       fi
+
+       if [ "$IFACE" != "" -a -f /var/ipfire/red/active ]; then
+               # DHCP
+               if [ "$RED_DEV" != "" -a "$RED_TYPE" == "DHCP" ]; then
+                       /sbin/iptables -A REDINPUT -p tcp --source-port 67 --destination-port 68 -i $IFACE -j ACCEPT
+                       /sbin/iptables -A REDINPUT -p udp --source-port 67 --destination-port 68 -i $IFACE -j ACCEPT
+               fi
+               if [ "$METHOD" == "DHCP"  -a "$PROTOCOL" == "RFC1483" ]; then
+                       /sbin/iptables -A REDINPUT -p tcp --source-port 67 --destination-port 68 -i $IFACE -j ACCEPT
+                       /sbin/iptables -A REDINPUT -p udp --source-port 67 --destination-port 68 -i $IFACE -j ACCEPT
+               fi
+
+               # Outgoing masquerading
+               /sbin/iptables -t nat -A REDNAT -o $IFACE -j MASQUERADE
+
+       fi
+}
+
+# See how we were called.
+case "$1" in
+  start)
+       iptables_init
+
+       # Limit Packets- helps reduce dos/syn attacks
+       # original do nothing line
+       #/sbin/iptables -A INPUT -p tcp -m tcp --tcp-flags SYN,RST,ACK SYN -m limit --limit 10/sec
+       # the correct one, but the negative '!' do nothing...
+       #/sbin/iptables -A INPUT -p tcp -m tcp --tcp-flags SYN,RST,ACK SYN -m limit ! --limit 10/sec -j DROP
+
+       # Fix for braindead ISP's
+       /sbin/iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
+
+       # CUSTOM chains, can be used by the users themselves
+       /sbin/iptables -N CUSTOMINPUT
+       /sbin/iptables -A INPUT -j CUSTOMINPUT
+       /sbin/iptables -N CUSTOMFORWARD
+       /sbin/iptables -A FORWARD -j CUSTOMFORWARD
+       /sbin/iptables -N CUSTOMOUTPUT
+       /sbin/iptables -A OUTPUT -j CUSTOMOUTPUT
+       /sbin/iptables -t nat -N CUSTOMPREROUTING
+       /sbin/iptables -t nat -A PREROUTING -j CUSTOMPREROUTING
+       /sbin/iptables -t nat -N CUSTOMPOSTROUTING
+       /sbin/iptables -t nat -A POSTROUTING -j CUSTOMPOSTROUTING
+
+       # filtering from GUI
+       /sbin/iptables -N GUIINPUT
+       /sbin/iptables -A INPUT -j GUIINPUT
+
+       # Accept everything connected
+       /sbin/iptables -A INPUT   -m state --state ESTABLISHED,RELATED -j ACCEPT
+       /sbin/iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
+
+       # localhost and ethernet.
+       /sbin/iptables -A INPUT   -i lo          -m state --state NEW -j ACCEPT
+       /sbin/iptables -A INPUT   -s 127.0.0.0/8 -m state --state NEW -j DROP   # Loopback not on lo
+       /sbin/iptables -A INPUT   -d 127.0.0.0/8 -m state --state NEW -j DROP
+       /sbin/iptables -A FORWARD -i lo          -m state --state NEW -j ACCEPT
+       /sbin/iptables -A FORWARD -s 127.0.0.0/8 -m state --state NEW -j DROP
+       /sbin/iptables -A FORWARD -d 127.0.0.0/8 -m state --state NEW -j DROP
+       /sbin/iptables -A INPUT   -i $GREEN_DEV  -m state --state NEW -j ACCEPT -p ! icmp
+       /sbin/iptables -A FORWARD -i $GREEN_DEV  -m state --state NEW -j ACCEPT
+
+       # If a host on orange tries to initiate a connection to IPFire's red IP and
+       # the connection gets DNATed back through a port forward to a server on orange
+       # we end up with orange -> orange traffic passing through IPFire
+       [ "$ORANGE_DEV" != "" ] && /sbin/iptables -A FORWARD -i $ORANGE_DEV -o $ORANGE_DEV -m state --state NEW -j ACCEPT
+
+       # accept all traffic from ipsec interfaces
+       /sbin/iptables -A INPUT   -i ipsec+ -j ACCEPT
+       /sbin/iptables -A FORWARD -i ipsec+ -j ACCEPT
+
+       # allow DHCP on BLUE to be turned on/off
+       /sbin/iptables -N DHCPBLUEINPUT 
+       /sbin/iptables -A INPUT -j DHCPBLUEINPUT
+
+       # IPSec chains
+       /sbin/iptables -N IPSECRED
+       /sbin/iptables -A INPUT -j IPSECRED
+       /sbin/iptables -N IPSECBLUE
+       /sbin/iptables -A INPUT -j IPSECBLUE
+
+       # WIRELESS chains
+       /sbin/iptables -N WIRELESSINPUT
+       /sbin/iptables -A INPUT -m state --state NEW -j WIRELESSINPUT
+       /sbin/iptables -N WIRELESSFORWARD
+       /sbin/iptables -A FORWARD -m state --state NEW -j WIRELESSFORWARD
+
+       # RED chain, used for the red interface
+       /sbin/iptables -N REDINPUT
+       /sbin/iptables -A INPUT -j REDINPUT
+       /sbin/iptables -N REDFORWARD
+       /sbin/iptables -A FORWARD -j REDFORWARD
+       /sbin/iptables -t nat -N REDNAT
+       /sbin/iptables -t nat -A POSTROUTING -j REDNAT
+
+       iptables_red
+
+       # DMZ pinhole chain.  setdmzholes setuid prog adds rules here to allow
+       # ORANGE to talk to GREEN / BLUE.
+       /sbin/iptables -N DMZHOLES
+       if [ "$ORANGE_DEV" != "" ]; then
+               /sbin/iptables -A FORWARD -i $ORANGE_DEV -m state --state NEW -j DMZHOLES
+       fi
+
+       # XTACCESS chain, used for external access
+       /sbin/iptables -N XTACCESS
+       /sbin/iptables -A INPUT -m state --state NEW -j XTACCESS
+
+       # PORTFWACCESS chain, used for portforwarding
+       /sbin/iptables -N PORTFWACCESS
+       /sbin/iptables -A FORWARD -m state --state NEW -j PORTFWACCESS
+
+       # Custom prerouting chains (for transparent proxy and port forwarding)
+       /sbin/iptables -t nat -N SQUID
+       /sbin/iptables -t nat -A PREROUTING -j SQUID
+       /sbin/iptables -t nat -N PORTFW
+       /sbin/iptables -t nat -A PREROUTING -j PORTFW
+
+
+       # Custom mangle chain (for port fowarding)
+       /sbin/iptables -t mangle -N PORTFWMANGLE
+       /sbin/iptables -t mangle -A PREROUTING -j PORTFWMANGLE
+
+       # Postrouting rules (for port forwarding)
+       /sbin/iptables -t nat -A POSTROUTING -m mark --mark 1 -j SNAT \
+        --to-source $GREEN_ADDRESS
+       if [ "$BLUE_DEV" != "" ]; then
+               /sbin/iptables -t nat -A POSTROUTING -m mark --mark 2 -j SNAT --to-source $BLUE_ADDRESS
+       fi
+       if [ "$ORANGE_DEV" != "" ]; then
+               /sbin/iptables -t nat -A POSTROUTING -m mark --mark 3 -j SNAT --to-source $ORANGE_ADDRESS
+       fi
+
+       # run openvpn
+       /usr/local/bin/openvpnctrl --create-chains-and-rules
+
+       # run local firewall configuration, if present
+       if [ -x /etc/sysconfig/firewall.local ]; then
+               /etc/sysconfig/firewall.local start
+       fi
+       
+       # last rule in input and forward chain is for logging.
+       /sbin/iptables -A INPUT   -m limit --limit 10/minute -j LOG --log-prefix "INPUT "
+       /sbin/iptables -A FORWARD -m limit --limit 10/minute -j LOG --log-prefix "OUTPUT "
+        ;;
+  stop)
+       iptables_init
+       # Accept everyting connected
+       /sbin/iptables -A INPUT   -m state --state ESTABLISHED,RELATED -j ACCEPT
+
+       # localhost and ethernet.
+       /sbin/iptables -A INPUT -i lo -j ACCEPT
+       /sbin/iptables -A INPUT -i $GREEN_DEV -m state --state NEW -j ACCEPT
+
+       if [ "$RED_DEV" != "" -a "$RED_TYPE" == "DHCP" ]; then
+               /sbin/iptables -A INPUT -p tcp --source-port 67 --destination-port 68 -i $IFACE -j ACCEPT
+               /sbin/iptables -A INPUT -p udp --source-port 67 --destination-port 68 -i $IFACE -j ACCEPT
+       fi
+       if [ "$PROTOCOL" == "RFC1483" -a "$METHOD" == "DHCP" ]; then
+               /sbin/iptables -A INPUT -p tcp --source-port 67 --destination-port 68 -i $IFACE -j ACCEPT
+               /sbin/iptables -A INPUT -p udp --source-port 67 --destination-port 68 -i $IFACE -j ACCEPT
+       fi
+
+       # stop openvpn
+       /usr/local/bin/openvpnctrl --delete-chains-and-rules
+
+       # run local firewall configuration, if present
+       if [ -x /etc/sysconfig/firewall.local ]; then
+               /etc/sysconfig/firewall.local stop
+       fi
+
+       /sbin/iptables -A INPUT   -m limit --limit 10/minute -j LOG --log-prefix "INPUT "
+       /sbin/iptables -A FORWARD -m limit --limit 10/minute -j LOG --log-prefix "OUTPUT "
+        ;;
+  reload)
+       iptables_red
+
+       # run local firewall configuration, if present
+       if [ -x /etc/sysconfig/firewall.local ]; then
+               /etc/sysconfig/firewall.local reload
+       fi
+       ;;
+  restart)
+       $0 stop
+       $0 start
+       ;;
+  *)
+        echo "Usage: $0 {start|stop|reload|restart}"
+        exit 1
+       ;;
+esac
+
+exit 0
index d392c16..8c989cc 100644 (file)
@@ -82,7 +82,7 @@ case "${1}" in
                fi
 
                boot_mesg "Setting up IPFire firewall rules"
-               /etc/rc.d/rc.firewall start
+               /etc/rc.d/init.d/firewall start
                evaluate_retval
                boot_mesg "Setting up IP Accounting"
                /etc/rc.d/helper/writeipac.pl
index d5d1c2f..ed6f78b 100644 (file)
@@ -1,5 +1,5 @@
 # Begin /etc/sysconfig/clock
 
-UTC=1
+UTC=0
 
 # End /etc/sysconfig/clock
diff --git a/src/initscripts/sysconfig/firewall.local b/src/initscripts/sysconfig/firewall.local
new file mode 100644 (file)
index 0000000..5e4677f
--- /dev/null
@@ -0,0 +1,20 @@
+#!/bin/sh
+# Used for private firewall rules
+
+# See how we were called.
+case "$1" in
+  start)
+        ## add your 'start' rules here
+        ;;
+  stop)
+        ## add your 'stop' rules here
+        ;;
+  reload)
+        $0 stop
+        $0 start
+        ## add your 'reload' rules here
+        ;;
+  *)
+        echo "Usage: $0 {start|stop|reload}"
+        ;;
+esac
index f3d665f..9e6443f 100644 (file)
@@ -14,7 +14,7 @@
 #define CDROM_INSTALL 0
 #define URL_INSTALL 1
 #define DISK_INSTALL 2
-#define INST_FILECOUNT 6600
+#define INST_FILECOUNT 5600
 #define UNATTENDED_CONF "/cdrom/boot/unattended.conf"
 
 int raid_disk = 0;
@@ -108,8 +108,6 @@ int unattended_setup(struct keyvalue *unattendedkv) {
     char green_broadcast[STRING_SIZE];
     char root_password[STRING_SIZE];
     char admin_password[STRING_SIZE];
-    char serial_console[STRING_SIZE];
-    char reversesort[STRING_SIZE];
 
     findkey(unattendedkv, "DOMAINNAME", domainname);
     findkey(unattendedkv, "HOSTNAME", hostname);
@@ -122,8 +120,6 @@ int unattended_setup(struct keyvalue *unattendedkv) {
     findkey(unattendedkv, "GREEN_BROADCAST", green_broadcast);
     findkey(unattendedkv, "ROOT_PASSWORD", root_password);
     findkey(unattendedkv, "ADMIN_PASSWORD", admin_password);
-    findkey(unattendedkv, "SERIAL_CONSOLE", serial_console);
-    findkey(unattendedkv, "REVERSE_NICS", reversesort);
 
     /* write main/settings. */
     replacekeyvalue(mainsettings, "DOMAINNAME", domainname);
@@ -138,7 +134,6 @@ int unattended_setup(struct keyvalue *unattendedkv) {
     fprintf(flog, "unattended: Starting setup\n");
 
     /* network */
-
     fprintf(flog, "unattended: setting up network configuration\n");
 
     (void) readkeyvalues(ethernetkv, "/harddisk" CONFIG_ROOT "/ethernet/settings");
@@ -164,7 +159,7 @@ int unattended_setup(struct keyvalue *unattendedkv) {
        return 0;
     }
     fprintf(file, "ServerName %s\n", hostname);
-    fclose(file);                                  
+    fclose(file);
 
     fprintf(flog, "unattended: writing hosts\n");
     if (!(hosts = fopen("/harddisk/etc/hosts", "w")))
@@ -174,7 +169,7 @@ int unattended_setup(struct keyvalue *unattendedkv) {
     }
     fprintf(hosts, "127.0.0.1\tlocalhost\n");
     fprintf(hosts, "%s\t%s.%s\t%s\n", green_address, hostname, domainname, hostname);
-    fclose(hosts);                                                             
+    fclose(hosts);
 
     fprintf(flog, "unattended: writing hosts.allow\n");
     if (!(file = fopen("/harddisk/etc/hosts.allow", "w")))
@@ -196,47 +191,24 @@ int unattended_setup(struct keyvalue *unattendedkv) {
     fprintf(file, "ALL : ALL\n");
     fclose(file);
 
-    if (strcmp(serial_console, "yes") != 0) {
-           snprintf(commandstring, STRING_SIZE,
-                    "/sbin/chroot /harddisk /bin/sed -i -e \"s/^s0/#s0/\" /etc/inittab");
-           if (mysystem(commandstring)) {
-                   errorbox("unattended: ERROR modifying inittab");
-                   return 0;    
-           }
-
-           snprintf(commandstring, STRING_SIZE,
-                    "/sbin/chroot /harddisk /bin/sed -i -e \"s/^serial/#serial/; s/^terminal/#terminal/\" /boot/grub/grub.conf");
-           if (mysystem(commandstring)) {
-                   errorbox("unattended: ERROR modifying inittab");
-                   return 0;
-           }
-    }
-
-    /* set reverse sorting of interfaces */
-    if (strcmp(reversesort, "yes") == 0) {
-           mysystem("/bin/touch /harddisk/var/ipfire/ethernet/reverse_nics");
-    }
-
     /* set root password */
     fprintf(flog, "unattended: setting root password\n");
-    
     snprintf(commandstring, STRING_SIZE,
            "/sbin/chroot /harddisk /bin/sh -c \"echo 'root:%s' | /usr/sbin/chpasswd\"", root_password);
     if (mysystem(commandstring)) {
        errorbox("unattended: ERROR setting root password");
        return 0;
     }
-    
+
     /* set admin password */
     fprintf(flog, "unattended: setting admin password\n");
     snprintf(commandstring, STRING_SIZE,
-           "/sbin/chroot /harddisk /usr/bin/htpasswd -c -m -b " CONFIG_ROOT "/auth/users admin '%s'", admin_password);
+           "/sbin/chroot /harddisk /usr/sbin/htpasswd -c -m -b " CONFIG_ROOT "/auth/users admin '%s'", admin_password);
     if (mysystem(commandstring)) {
        errorbox("unattended: ERROR setting admin password");
-       return 0;    
+       return 0;
     }
-    
-    return 1;                                                          
+    return 1;
 }
 
 int main(int argc, char *argv[])
@@ -849,8 +821,18 @@ EXIT:
                        printf("Unable to mount proc in /harddisk.");
                else
                {
-                       if (system("/sbin/chroot /harddisk /usr/local/sbin/setup /dev/tty2 INSTALL"))
-                               printf("Unable to run setup.\n");
+
+                       if (!unattended) {
+                           if (system("/bin/chroot /harddisk /usr/local/sbin/setup /dev/tty2 INSTALL"))
+                                   printf("Unable to run setup.\n");
+                       }
+                       else {
+                           fprintf(flog, "Entering unattended setup\n");
+                           unattended_setup(unattendedkv);
+                           snprintf(commandstring, STRING_SIZE, "/bin/sleep 10");
+                           runcommandwithstatus(commandstring, "Unattended installation finished, system will reboot");
+                       }
+
                        if (system("/bin/umount /harddisk/proc"))
                                printf("Unable to umount /harddisk/proc.\n");
                }
@@ -858,7 +840,15 @@ EXIT:
 
        fcloseall();
 
-       system("/sbin/swapoff /harddisk/swapfile");
+       if (swap_file) {
+               if (raid_disk)
+                       snprintf(commandstring, STRING_SIZE, "/bin/swapoff %sp2", hdparams.devnode);
+               else
+                       snprintf(commandstring, STRING_SIZE, "/bin/swapoff %s2", hdparams.devnode);
+       }
+
+       newtFinished();
+
        system("/bin/umount /harddisk/var");
        system("/bin/umount /harddisk/boot");
        system("/bin/umount /harddisk");