X-Git-Url: http://git.ipfire.org/?p=people%2Fteissler%2Fipfire-2.x.git;a=blobdiff_plain;f=lfs%2Fiptables;h=5a1764be0a302c716d536e5c8d06c6d8960ea987;hp=b51b1cdf30297c7f8434afe76f8cb97b9ffa7367;hb=2a07aa9d9c4c1968a1072147107d889a1a8aae5e;hpb=cd1a2927226c734d96478e12bb768256fb64a06a diff --git a/lfs/iptables b/lfs/iptables index b51b1cdf3..5a1764be0 100644 --- a/lfs/iptables +++ b/lfs/iptables @@ -1,28 +1,20 @@ ############################################################################### -# This file is part of the IPCop Firewall. # # # -# IPCop is free software; you can redistribute it and/or modify # +# IPFire.org - A linux based firewall # +# Copyright (C) 2007-2013 IPFire Team # +# # +# This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # -# the Free Software Foundation; either version 2 of the License, or # +# the Free Software Foundation, either version 3 of the License, or # # (at your option) any later version. # # # -# IPCop is distributed in the hope that it will be useful, # +# This program is distributed in the hope that it will be useful, # # but WITHOUT ANY WARRANTY; without even the implied warranty of # # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # # GNU General Public License for more details. # # # # You should have received a copy of the GNU General Public License # -# along with IPCop; if not, write to the Free Software # -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA # -# # -# Makefiles are based on LFSMake, which is # -# Copyright (C) 2002 Rod Roard # -# # -# Modifications by: # -# ??-12-2003 Mark Wormgoor < mark@wormgoor.com> # -# - Modified Makefile for IPCop build # -# # -# $Id: iptables,v 1.5.2.4 2005/02/05 15:38:15 gespinasse Exp $ +# along with this program. If not, see . # # # ############################################################################### @@ -32,29 +24,37 @@ include Config -VER = 1.3.5 +VER = 1.4.21 THISAPP = iptables-$(VER) DL_FILE = $(THISAPP).tar.bz2 -DL_FROM = http://ftp.netfilter.org/pub/iptables +DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) ############################################################################### # Top-level Rules ############################################################################### - objects = $(DL_FILE) \ - iptables-1.3.0-imq1.diff \ - netfilter-layer7-v2.1.tar.gz + netfilter-layer7-v2.22.tar.gz \ + libnfnetlink-1.0.0.tar.bz2 \ + libnetfilter_queue-1.0.1.tar.bz2 \ + libnetfilter_conntrack-1.0.2.tar.bz2 \ + libnetfilter_cttimeout-1.0.0.tar.bz2 $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -iptables-1.3.0-imq1.diff = http://www.linuximq.net/patchs/iptables-1.3.0-imq1.diff -netfilter-layer7-v2.1.tar.gz = http://mesh.dl.sourceforge.net/sourceforge/l7-filter/netfilter-layer7-v2.1.tar.gz - -$(DL_FILE)_MD5 = 00fb916fa8040ca992a5ace56d905ea5 -iptables-1.3.0-imq1.diff_MD5 = 9adae8be9562775a176fc1b275b3cb29 -netfilter-layer7-v2.1.tar.gz_MD5 = 551626a158c2a2cbfd937d27ecc7fac1 +netfilter-layer7-v2.22.tar.gz = $(URL_IPFIRE)/netfilter-layer7-v2.22.tar.gz +libnfnetlink-1.0.0.tar.bz2 = $(URL_IPFIRE)/libnfnetlink-1.0.0.tar.bz2 +libnetfilter_queue-1.0.1.tar.bz2 = $(URL_IPFIRE)/libnetfilter_queue-1.0.1.tar.bz2 +libnetfilter_conntrack-1.0.2.tar.bz2 = $(URL_IPFIRE)/libnetfilter_conntrack-1.0.2.tar.bz2 +libnetfilter_cttimeout-1.0.0.tar.bz2 = $(URL_IPFIRE)/libnetfilter_cttimeout-1.0.0.tar.bz2 + +$(DL_FILE)_MD5 = 536d048c8e8eeebcd9757d0863ebb0c0 +netfilter-layer7-v2.22.tar.gz_MD5 = 98dff8a3d5a31885b73341633f69501f +libnfnetlink-1.0.0.tar.bz2_MD5 = 016fdec8389242615024c529acc1adb8 +libnetfilter_queue-1.0.1.tar.bz2_MD5 = 08b968cb2d36c24deb7f26a69f5d8602 +libnetfilter_conntrack-1.0.2.tar.bz2_MD5 = 447114b5d61bb9a9617ead3217c3d3ff +libnetfilter_cttimeout-1.0.0.tar.bz2_MD5 = 7697437fc9ebb6f6b83df56a633db7f9 install : $(TARGET) @@ -83,16 +83,60 @@ $(subst %,%_MD5,$(objects)) : $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) - # iptables-fixed.tar.gz is made in the linux kernel build process - @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/iptables-fixed.tar.gz - @rm -rf $(DIR_DL)/netfilter-layer7-v2.1 && cd $(DIR_SRC) && tar zxf $(DIR_DL)/netfilter-layer7-v2.1.tar.gz - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/netfilter-layer7-v2.1/iptables-layer7-2.1.patch - # Appears that libipt_set/SET maybe a little broken, fix it for now... - cd $(DIR_APP)/extensions && sed -i -e 's/#include\ \"..\/ipset\/libipt_set.h\"//' libipt_set.c - cd $(DIR_APP)/extensions && sed -i -e 's/#include\ \"..\/ipset\/libipt_set.h\"//' libipt_SET.c - cd $(DIR_APP) && patch -Np1 < $(DIR_DL)/iptables-1.3.0-imq1.diff - chmod +x $(DIR_APP)/extensions/.IMQ-test* $(DIR_APP)/extensions/.layer7-test* - cd $(DIR_APP) && make BINDIR=/sbin MANDIR=/usr/share/man LIBDIR=/lib - cd $(DIR_APP) && make BINDIR=/sbin MANDIR=/usr/share/man LIBDIR=/lib install - @rm -rf $(DIR_APP) + @rm -rf $(DIR_APP) $(DIR_SRC)/libnfnetlink-1.0.0 $(DIR_SRC)/netfilter-layer7* $(DIR_SRC)/libnetfilter_queue-0.0.17 + + @cd $(DIR_SRC) && tar jxf $(DIR_DL)/$(DL_FILE) +# cp -rf /usr/src/linux/include/linux/netfilter /usr/include/linux + + # Layer7 + cd $(DIR_SRC) && tar zxf $(DIR_DL)/netfilter-layer7-v2.22.tar.gz + cd $(DIR_APP) && cp -vf $(DIR_SRC)/netfilter-layer7-v2.22/iptables-1.4.3forward-for-kernel-2.6.20forward/* \ + ./extensions/ + + # ipp2p 0.8.2-pomng + cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/iptables-1.4.14-ipp2p-0.8.2-ipfire.patch + + # imq + cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/iptables-1.4.12-IMQ-test4.diff + + cd $(DIR_APP) && ./configure --prefix=/usr --with-ksource=/usr/src/linux \ + --libdir=/lib --includedir=/usr/include --enable-libipq \ + --libexecdir=/lib --bindir=/sbin \ + --sbindir=/sbin --mandir=/usr/share/man \ + --with-pkgconfigdir=/usr/lib/pkgconfig + cd $(DIR_APP) && make $(MAKETUNING) + cd $(DIR_APP) && make install + + # Iptables doesn't install all headers +# mkdir -p /usr/include/net/netfilter +# cp -f $(DIR_APP)/include/net/netfilter/*.h /usr/include/net/netfilter/ +# mkdir -p /usr/include/iptables +# cp -f $(DIR_APP)/include/iptables/*.h /usr/include/iptables/ +# cp -f $(DIR_APP)/include/iptables.h /usr/include/ +# mkdir -p /usr/include/libipulog +# cp -f $(DIR_APP)/include/libipulog/*.h /usr/include/libipulog/ +# mkdir -p /usr/include/libiptc +# cp -f $(DIR_APP)/include/libiptc/*.h /usr/include/libiptc/ + + cd $(DIR_SRC) && tar xfj $(DIR_DL)/libnfnetlink-1.0.0.tar.bz2 + cd $(DIR_SRC)/libnfnetlink-1.0.0 && ./configure --prefix=/usr + cd $(DIR_SRC)/libnfnetlink-1.0.0 && make $(MAKETUNING) $(EXTRA_MAKE) + cd $(DIR_SRC)/libnfnetlink-1.0.0 && make install + + cd $(DIR_SRC) && tar xfj $(DIR_DL)/libnetfilter_queue-1.0.1.tar.bz2 + cd $(DIR_SRC)/libnetfilter_queue-1.0.1 && ./configure --prefix=/usr + cd $(DIR_SRC)/libnetfilter_queue-1.0.1 && make $(MAKETUNING) $(EXTRA_MAKE) + cd $(DIR_SRC)/libnetfilter_queue-1.0.1 && make install + + cd $(DIR_SRC) && tar xfj $(DIR_DL)/libnetfilter_conntrack-1.0.2.tar.bz2 + cd $(DIR_SRC)/libnetfilter_conntrack-1.0.2 && ./configure --prefix=/usr + cd $(DIR_SRC)/libnetfilter_conntrack-1.0.2 && make $(MAKETUNING) $(EXTRA_MAKE) + cd $(DIR_SRC)/libnetfilter_conntrack-1.0.2 && make install + + cd $(DIR_SRC) && tar xfj $(DIR_DL)/libnetfilter_cttimeout-1.0.0.tar.bz2 + cd $(DIR_SRC)/libnetfilter_cttimeout-1.0.0 && ./configure --prefix=/usr + cd $(DIR_SRC)/libnetfilter_cttimeout-1.0.0 && make $(MAKETUNING) $(EXTRA_MAKE) + cd $(DIR_SRC)/libnetfilter_cttimeout-1.0.0 && make install + + @rm -rf $(DIR_APP) $(DIR_SRC)/libnfnetlink-1.0.0 $(DIR_SRC)/netfilter-layer7* $(DIR_SRC)/libnetfilter_queue-0.0.17 @$(POSTBUILD)