From: Michael Tremer Date: Thu, 22 May 2014 21:11:43 +0000 (+0200) Subject: Merge remote-tracking branch 'ms/firewall-block-green' into next X-Git-Url: http://git.ipfire.org/?p=people%2Fteissler%2Fipfire-2.x.git;a=commitdiff_plain;h=fded6faa72d581114e25ddb17bcc607625736fdc;hp=c0e0848f999ed8944ae551047fdea32bfee88d03 Merge remote-tracking branch 'ms/firewall-block-green' into next --- diff --git a/config/kernel/kernel.config.i586-ipfire b/config/kernel/kernel.config.i586-ipfire index ba63a2976..8a3e089dd 100644 --- a/config/kernel/kernel.config.i586-ipfire +++ b/config/kernel/kernel.config.i586-ipfire @@ -1,6 +1,6 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/x86 3.10.39 Kernel Configuration +# Linux/x86 3.10.40-ipfire Kernel Configuration # # CONFIG_64BIT is not set CONFIG_X86_32=y @@ -582,29 +582,29 @@ CONFIG_CPU_FREQ_GOV_CONSERVATIVE=m # x86 CPU frequency scaling drivers # CONFIG_X86_INTEL_PSTATE=y -CONFIG_X86_PCC_CPUFREQ=y -CONFIG_X86_ACPI_CPUFREQ=y +CONFIG_X86_PCC_CPUFREQ=m +CONFIG_X86_ACPI_CPUFREQ=m # CONFIG_X86_ACPI_CPUFREQ_CPB is not set -# CONFIG_X86_POWERNOW_K6 is not set -CONFIG_X86_POWERNOW_K7=y +CONFIG_X86_POWERNOW_K6=m +CONFIG_X86_POWERNOW_K7=m CONFIG_X86_POWERNOW_K7_ACPI=y -CONFIG_X86_POWERNOW_K8=y -# CONFIG_X86_AMD_FREQ_SENSITIVITY is not set -# CONFIG_X86_GX_SUSPMOD is not set +CONFIG_X86_POWERNOW_K8=m +CONFIG_X86_AMD_FREQ_SENSITIVITY=m +CONFIG_X86_GX_SUSPMOD=m # CONFIG_X86_SPEEDSTEP_CENTRINO is not set -CONFIG_X86_SPEEDSTEP_ICH=y -CONFIG_X86_SPEEDSTEP_SMI=y -CONFIG_X86_P4_CLOCKMOD=y -# CONFIG_X86_CPUFREQ_NFORCE2 is not set -CONFIG_X86_LONGRUN=y -# CONFIG_X86_LONGHAUL is not set +CONFIG_X86_SPEEDSTEP_ICH=m +CONFIG_X86_SPEEDSTEP_SMI=m +CONFIG_X86_P4_CLOCKMOD=m +CONFIG_X86_CPUFREQ_NFORCE2=m +CONFIG_X86_LONGRUN=m +CONFIG_X86_LONGHAUL=m # CONFIG_X86_E_POWERSAVER is not set # # shared options # -CONFIG_X86_SPEEDSTEP_LIB=y -# CONFIG_X86_SPEEDSTEP_RELAXED_CAP_CHECK is not set +CONFIG_X86_SPEEDSTEP_LIB=m +CONFIG_X86_SPEEDSTEP_RELAXED_CAP_CHECK=y CONFIG_CPU_IDLE=y # CONFIG_CPU_IDLE_MULTIPLE_DRIVERS is not set CONFIG_CPU_IDLE_GOV_LADDER=y diff --git a/config/kernel/kernel.config.i586-ipfire-pae b/config/kernel/kernel.config.i586-ipfire-pae index 88e557af9..775ed0ea1 100644 --- a/config/kernel/kernel.config.i586-ipfire-pae +++ b/config/kernel/kernel.config.i586-ipfire-pae @@ -1,6 +1,6 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/x86 3.10.33 Kernel Configuration +# Linux/x86 3.10.39-ipfire Kernel Configuration # # CONFIG_64BIT is not set CONFIG_X86_32=y @@ -55,9 +55,9 @@ CONFIG_HAVE_KERNEL_LZMA=y CONFIG_HAVE_KERNEL_XZ=y CONFIG_HAVE_KERNEL_LZO=y # CONFIG_KERNEL_GZIP is not set -# CONFIG_KERNEL_BZIP2 is not set +CONFIG_KERNEL_BZIP2=y # CONFIG_KERNEL_LZMA is not set -CONFIG_KERNEL_XZ=y +# CONFIG_KERNEL_XZ is not set # CONFIG_KERNEL_LZO is not set CONFIG_DEFAULT_HOSTNAME="(none)" CONFIG_SWAP=y @@ -594,29 +594,29 @@ CONFIG_CPU_FREQ_GOV_CONSERVATIVE=m # x86 CPU frequency scaling drivers # CONFIG_X86_INTEL_PSTATE=y -CONFIG_X86_PCC_CPUFREQ=y -CONFIG_X86_ACPI_CPUFREQ=y +CONFIG_X86_PCC_CPUFREQ=m +CONFIG_X86_ACPI_CPUFREQ=m # CONFIG_X86_ACPI_CPUFREQ_CPB is not set -# CONFIG_X86_POWERNOW_K6 is not set -CONFIG_X86_POWERNOW_K7=y +CONFIG_X86_POWERNOW_K6=m +CONFIG_X86_POWERNOW_K7=m CONFIG_X86_POWERNOW_K7_ACPI=y -CONFIG_X86_POWERNOW_K8=y -# CONFIG_X86_AMD_FREQ_SENSITIVITY is not set -# CONFIG_X86_GX_SUSPMOD is not set +CONFIG_X86_POWERNOW_K8=m +CONFIG_X86_AMD_FREQ_SENSITIVITY=m +CONFIG_X86_GX_SUSPMOD=m # CONFIG_X86_SPEEDSTEP_CENTRINO is not set -CONFIG_X86_SPEEDSTEP_ICH=y -CONFIG_X86_SPEEDSTEP_SMI=y -CONFIG_X86_P4_CLOCKMOD=y -# CONFIG_X86_CPUFREQ_NFORCE2 is not set -CONFIG_X86_LONGRUN=y -# CONFIG_X86_LONGHAUL is not set +CONFIG_X86_SPEEDSTEP_ICH=m +CONFIG_X86_SPEEDSTEP_SMI=m +CONFIG_X86_P4_CLOCKMOD=m +CONFIG_X86_CPUFREQ_NFORCE2=m +CONFIG_X86_LONGRUN=m +CONFIG_X86_LONGHAUL=m # CONFIG_X86_E_POWERSAVER is not set # # shared options # -CONFIG_X86_SPEEDSTEP_LIB=y -# CONFIG_X86_SPEEDSTEP_RELAXED_CAP_CHECK is not set +CONFIG_X86_SPEEDSTEP_LIB=m +CONFIG_X86_SPEEDSTEP_RELAXED_CAP_CHECK=y CONFIG_CPU_IDLE=y # CONFIG_CPU_IDLE_MULTIPLE_DRIVERS is not set CONFIG_CPU_IDLE_GOV_LADDER=y @@ -925,6 +925,8 @@ CONFIG_NETFILTER_XT_MATCH_HELPER=m CONFIG_NETFILTER_XT_MATCH_HL=m CONFIG_NETFILTER_XT_MATCH_IPRANGE=m # CONFIG_NETFILTER_XT_MATCH_IPVS is not set +CONFIG_NETFILTER_XT_MATCH_LAYER7=m +# CONFIG_NETFILTER_XT_MATCH_LAYER7_DEBUG is not set CONFIG_NETFILTER_XT_MATCH_LENGTH=m CONFIG_NETFILTER_XT_MATCH_LIMIT=m CONFIG_NETFILTER_XT_MATCH_MAC=m @@ -943,8 +945,6 @@ CONFIG_NETFILTER_XT_MATCH_RECENT=m CONFIG_NETFILTER_XT_MATCH_SCTP=m CONFIG_NETFILTER_XT_MATCH_SOCKET=m CONFIG_NETFILTER_XT_MATCH_STATE=m -CONFIG_NETFILTER_XT_MATCH_LAYER7=m -# CONFIG_NETFILTER_XT_MATCH_LAYER7_DEBUG is not set CONFIG_NETFILTER_XT_MATCH_STATISTIC=m CONFIG_NETFILTER_XT_MATCH_STRING=m CONFIG_NETFILTER_XT_MATCH_TCPMSS=m diff --git a/config/rootfiles/common/i586/linux b/config/rootfiles/common/i586/linux index fac263157..3f364aed5 100644 --- a/config/rootfiles/common/i586/linux +++ b/config/rootfiles/common/i586/linux @@ -240,10 +240,25 @@ lib/modules/KVER-ipfire #lib/modules/KVER-ipfire/kernel/drivers/clocksource/cs5535-clockevt.ko #lib/modules/KVER-ipfire/kernel/drivers/clocksource/scx200_hrt.ko #lib/modules/KVER-ipfire/kernel/drivers/cpufreq +#lib/modules/KVER-ipfire/kernel/drivers/cpufreq/acpi-cpufreq.ko +#lib/modules/KVER-ipfire/kernel/drivers/cpufreq/amd_freq_sensitivity.ko +#lib/modules/KVER-ipfire/kernel/drivers/cpufreq/cpufreq-nforce2.ko #lib/modules/KVER-ipfire/kernel/drivers/cpufreq/cpufreq_conservative.ko #lib/modules/KVER-ipfire/kernel/drivers/cpufreq/cpufreq_ondemand.ko #lib/modules/KVER-ipfire/kernel/drivers/cpufreq/cpufreq_powersave.ko #lib/modules/KVER-ipfire/kernel/drivers/cpufreq/cpufreq_stats.ko +#lib/modules/KVER-ipfire/kernel/drivers/cpufreq/gx-suspmod.ko +#lib/modules/KVER-ipfire/kernel/drivers/cpufreq/longhaul.ko +#lib/modules/KVER-ipfire/kernel/drivers/cpufreq/longrun.ko +#lib/modules/KVER-ipfire/kernel/drivers/cpufreq/mperf.ko +#lib/modules/KVER-ipfire/kernel/drivers/cpufreq/p4-clockmod.ko +#lib/modules/KVER-ipfire/kernel/drivers/cpufreq/pcc-cpufreq.ko +#lib/modules/KVER-ipfire/kernel/drivers/cpufreq/powernow-k6.ko +#lib/modules/KVER-ipfire/kernel/drivers/cpufreq/powernow-k7.ko +#lib/modules/KVER-ipfire/kernel/drivers/cpufreq/powernow-k8.ko +#lib/modules/KVER-ipfire/kernel/drivers/cpufreq/speedstep-ich.ko +#lib/modules/KVER-ipfire/kernel/drivers/cpufreq/speedstep-lib.ko +#lib/modules/KVER-ipfire/kernel/drivers/cpufreq/speedstep-smi.ko #lib/modules/KVER-ipfire/kernel/drivers/crypto #lib/modules/KVER-ipfire/kernel/drivers/crypto/geode-aes.ko #lib/modules/KVER-ipfire/kernel/drivers/crypto/hifn_795x.ko diff --git a/config/rootfiles/packages/linux-pae b/config/rootfiles/packages/linux-pae index fdba462f2..9b198c2bd 100644 --- a/config/rootfiles/packages/linux-pae +++ b/config/rootfiles/packages/linux-pae @@ -238,10 +238,25 @@ lib/modules/KVER-ipfire-pae #lib/modules/KVER-ipfire-pae/kernel/drivers/clocksource #lib/modules/KVER-ipfire-pae/kernel/drivers/clocksource/cs5535-clockevt.ko #lib/modules/KVER-ipfire-pae/kernel/drivers/cpufreq +#lib/modules/KVER-ipfire-pae/kernel/drivers/cpufreq/acpi-cpufreq.ko +#lib/modules/KVER-ipfire-pae/kernel/drivers/cpufreq/amd_freq_sensitivity.ko +#lib/modules/KVER-ipfire-pae/kernel/drivers/cpufreq/cpufreq-nforce2.ko #lib/modules/KVER-ipfire-pae/kernel/drivers/cpufreq/cpufreq_conservative.ko #lib/modules/KVER-ipfire-pae/kernel/drivers/cpufreq/cpufreq_ondemand.ko #lib/modules/KVER-ipfire-pae/kernel/drivers/cpufreq/cpufreq_powersave.ko #lib/modules/KVER-ipfire-pae/kernel/drivers/cpufreq/cpufreq_stats.ko +#lib/modules/KVER-ipfire-pae/kernel/drivers/cpufreq/gx-suspmod.ko +#lib/modules/KVER-ipfire-pae/kernel/drivers/cpufreq/longhaul.ko +#lib/modules/KVER-ipfire-pae/kernel/drivers/cpufreq/longrun.ko +#lib/modules/KVER-ipfire-pae/kernel/drivers/cpufreq/mperf.ko +#lib/modules/KVER-ipfire-pae/kernel/drivers/cpufreq/p4-clockmod.ko +#lib/modules/KVER-ipfire-pae/kernel/drivers/cpufreq/pcc-cpufreq.ko +#lib/modules/KVER-ipfire-pae/kernel/drivers/cpufreq/powernow-k6.ko +#lib/modules/KVER-ipfire-pae/kernel/drivers/cpufreq/powernow-k7.ko +#lib/modules/KVER-ipfire-pae/kernel/drivers/cpufreq/powernow-k8.ko +#lib/modules/KVER-ipfire-pae/kernel/drivers/cpufreq/speedstep-ich.ko +#lib/modules/KVER-ipfire-pae/kernel/drivers/cpufreq/speedstep-lib.ko +#lib/modules/KVER-ipfire-pae/kernel/drivers/cpufreq/speedstep-smi.ko #lib/modules/KVER-ipfire-pae/kernel/drivers/crypto #lib/modules/KVER-ipfire-pae/kernel/drivers/crypto/geode-aes.ko #lib/modules/KVER-ipfire-pae/kernel/drivers/crypto/padlock-aes.ko diff --git a/config/xen-image/README b/config/xen-image/README index 3813572e0..574812166 100644 --- a/config/xen-image/README +++ b/config/xen-image/README @@ -18,3 +18,7 @@ other usefull commands from the Dom0: - shutdown the fire: "xm shutdown ipfire-xen" - reset the fire: "xm destroy ipfire-xen" - look what is going on: "xm top" or "xm list" + +This script can also build a Citrix XenCenter xva image. +- run "XEN_IMG_TYPE=xva sh xen-image-maker.sh" to build an xva image. +- import the vm with "xe vm-import file=ipfire.xfa" diff --git a/config/xen-image/ipfire.cfg b/config/xen-image/ipfire.cfg index 594c82a5f..38bfdff5e 100644 --- a/config/xen-image/ipfire.cfg +++ b/config/xen-image/ipfire.cfg @@ -17,8 +17,8 @@ vif = [ disk = [ - 'file:/mnt/test/ipfire-boot.img,xvda1,w', - 'file:/mnt/test/ipfire-swap.img,xvda2,w', - 'file:/mnt/test/ipfire-root.img,xvda3,w', - 'file:/mnt/test/ipfire-var.img,xvda4,w' + 'file:./ipfire-boot.img,xvda1,w', + 'file:./ipfire-swap.img,xvda2,w', + 'file:./ipfire-root.img,xvda3,w', + 'file:./ipfire-var.img,xvda4,w' ] #### Change path diff --git a/config/xen-image/xen-image-maker.sh b/config/xen-image/xen-image-maker.sh index 1a2a004b4..4f632805e 100644 --- a/config/xen-image/xen-image-maker.sh +++ b/config/xen-image/xen-image-maker.sh @@ -28,23 +28,12 @@ KVER=xxxKVERxxx KERN_PACK=xxxKERN_PACKxxx KRNDOWN=http://mirror0.ipfire.org/pakfire2/$VERSION/paks CONSOLE=hvc0 -############################################################################### -# If you really want to use outdated legacy kernel uncomment this lines. ##### -# Not recommended!!! ########################################################## -###################### -#KERN_TYPE=xen -#KVER=2.6.32.61 -#KERN_PACK=29 -#KRNDOWN=http://mirror0.ipfire.org/pakfire2/2.15/paks -#CONSOLE=xvc0 -############################################################################### SIZEboot=64 SIZEswap=512 SIZEroot=1024 SIZEvar=1024 -# ct'server does not support ext4 so change this to ext3. -FSTYPE=ext4 +FSTYPE=ext3 ############################################################################## @@ -62,6 +51,25 @@ IMGvar=./$SNAME-var.img KERNEL=linux-$KERN_TYPE-$KVER-$KERN_PACK.ipfire +if [ "$XEN_IMG_TYPE" == "xva" ]; then + # download xva.py if it not exist. + if [ ! -e xva.py ]; then + wget http://source.ipfire.org/source-2.x/xva.py + fi + # XenCenter use other devicenames and + # xvdd seems to be reserved (converter bug?). + P1=xvda + P2=xvdb + P3=xvdc + P4=xvde +else + # old style xen image partition names + P1=xvda1 + P2=xvda2 + P3=xvda3 + P4=xvda4 +fi + rm -rf $TMPDIR && mkdir -p $MNThdd && mkdir -p $ISODIR echo -------------------------------------------------------- echo - Download $SOURCEISO ... @@ -108,7 +116,8 @@ mount -o loop $IMGboot $MNThdd/boot mount -o loop $IMGvar $MNThdd/var # Install IPFire without kernel modules -tar -C $MNThdd/ -xvf $ISODIR/$SNAME-$VERSION.tlz --lzma \ +xz -d < $ISODIR/$SNAME-$VERSION.tlz > $TMPDIR/$SNAME-$VERSION.tar +tar -C $MNThdd/ -xvf $TMPDIR/$SNAME-$VERSION.tar \ --exclude=lib/modules* --exclude=boot* --numeric-owner #Install Kernel @@ -121,7 +130,7 @@ mkdir $MNThdd/boot/grub echo "timeout 10" > $MNThdd/boot/grub/grub.conf echo "default 0" >> $MNThdd/boot/grub/grub.conf echo "title IPFire ($KERN_TYPE-kernel)" >> $MNThdd/boot/grub/grub.conf -echo " kernel /vmlinuz-$KVER-ipfire-$KERN_TYPE root=/dev/xvda3 rootdelay=10 panic=10 console=$CONSOLE ro" \ +echo " kernel /vmlinuz-$KVER-ipfire-$KERN_TYPE root=/dev/$P3 rootdelay=10 panic=10 console=$CONSOLE ro" \ >> $MNThdd/boot/grub/grub.conf echo " initrd /ipfirerd-$KVER-$KERN_TYPE.img" >> $MNThdd/boot/grub/grub.conf echo "# savedefault 0" >> $MNThdd/boot/grub/grub.conf @@ -129,16 +138,16 @@ echo "# savedefault 0" >> $MNThdd/boot/grub/grub.conf ln -s grub.conf $MNThdd/boot/grub/menu.lst #create the meta-info of linux-kernel package -echo "" > $MNThdd/opt/pakfire/db/meta/linux-$KERN_TYPE -echo "Name: linux-$KERN_TYPE" >> $MNThdd/opt/pakfire/db/meta/linux-$KERN_TYPE -echo "ProgVersion: $KVER" >> $MNThdd/opt/pakfire/db/meta/linux-$KERN_TYPE -echo "Release: $KERN_PACK" >> $MNThdd/opt/pakfire/db/meta/linux-$KERN_TYPE -echo "" >> $MNThdd/opt/pakfire/db/meta/linux-$KERN_TYPE -echo "" > $MNThdd/opt/pakfire/db/installed/linux-$KERN_TYPE -echo "Name: linux-$KERN_TYPE" >> $MNThdd/opt/pakfire/db/installed/linux-$KERN_TYPE -echo "ProgVersion: $KVER" >> $MNThdd/opt/pakfire/db/installed/linux-$KERN_TYPE -echo "Release: $KERN_PACK" >> $MNThdd/opt/pakfire/db/installed/linux-$KERN_TYPE -echo "" >> $MNThdd/opt/pakfire/db/installed/linux-$KERN_TYPE +echo "" > $MNThdd/opt/pakfire/db/meta/meta-linux-$KERN_TYPE +echo "Name: linux-$KERN_TYPE" >> $MNThdd/opt/pakfire/db/meta/meta-linux-$KERN_TYPE +echo "ProgVersion: $KVER" >> $MNThdd/opt/pakfire/db/meta/meta-linux-$KERN_TYPE +echo "Release: $KERN_PACK" >> $MNThdd/opt/pakfire/db/meta/meta-linux-$KERN_TYPE +echo "" >> $MNThdd/opt/pakfire/db/meta/meta-linux-$KERN_TYPE +echo "" > $MNThdd/opt/pakfire/db/installed/meta-linux-$KERN_TYPE +echo "Name: linux-$KERN_TYPE" >> $MNThdd/opt/pakfire/db/installed/meta-linux-$KERN_TYPE +echo "ProgVersion: $KVER" >> $MNThdd/opt/pakfire/db/installed/meta-linux-$KERN_TYPE +echo "Release: $KERN_PACK" >> $MNThdd/opt/pakfire/db/installed/meta-linux-$KERN_TYPE +echo "" >> $MNThdd/opt/pakfire/db/installed/meta-linux-$KERN_TYPE #Set default configuration echo "LANGUAGE=en" >> $MNThdd/var/ipfire/main/settings @@ -150,10 +159,10 @@ mount --bind /proc $MNThdd/proc mount --bind /dev $MNThdd/dev mount --bind /sys $MNThdd/sys chroot $MNThdd /usr/bin/perl -e "require '/var/ipfire/lang.pl'; &Lang::BuildCacheLang" -sed -i -e "s|DEVICE1|/dev/xvda1|g" $MNThdd/etc/fstab -sed -i -e "s|DEVICE2|/dev/xvda2|g" $MNThdd/etc/fstab -sed -i -e "s|DEVICE3|/dev/xvda3|g" $MNThdd/etc/fstab -sed -i -e "s|DEVICE4|/dev/xvda4|g" $MNThdd/etc/fstab +sed -i -e "s|DEVICE1|/dev/$P1|g" $MNThdd/etc/fstab +sed -i -e "s|DEVICE2|/dev/$P2|g" $MNThdd/etc/fstab +sed -i -e "s|DEVICE3|/dev/$P3|g" $MNThdd/etc/fstab +sed -i -e "s|DEVICE4|/dev/$P4|g" $MNThdd/etc/fstab sed -i -e "s|FSTYPE|$FSTYPE|g" $MNThdd/etc/fstab @@ -192,6 +201,11 @@ umount $MNThdd umount $ISODIR rm -rf ./ipfire-tmp + +if [ "$XEN_IMG_TYPE" == "xva" ]; then + python xva.py --sparse -c $SNAME.cfg -f $SNAME.xva + rm -f $SNAME*.img +fi echo -------------------------------------------------------- echo - Done. echo --------------------------------------------------------