webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-09 18:45:54 +02:00
Code Issues Packages Projects Releases Wiki Activity

IPTables Update fuer den neuen Kernel.

Browse Source 
git-svn-id: http://svn.ipfire.org/svn/ipfire/trunk@437 ea5c0bd1-69bd-2848-81d8-4f18e57aeed8
This commit is contained in:
ms
2007-03-04 17:55:55 +00:00
parent 8906905349
commit dd46a3c51a
8 changed files with 255 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
config/grub/grub.conf
View File

@@ -5,31 +5,31 @@ background = ffffff
gfxmenu /grub/message
title IPFire (1024x768)
root (hd0,0)
kernel /vmlinuz root=ROOT panic=10 vga=791 splash=silent ro
kernel /vmlinuz-ipfire root=ROOT panic=10 vga=791 splash=silent ro
initrd /initrd.splash
savedefault 0
title IPFire (VESA)
root (hd0,0)
kernel /vmlinuz root=ROOT panic=10 ro
kernel /vmlinuz-ipfire root=ROOT panic=10 ro
initrd /initrd.splash
savedefault 1
title IPFire SMP (1024x768)
root (hd0,0)
kernel /vmlinuz-smp root=ROOT panic=10 acpi=off vga=791 splash=silent ro
kernel /vmlinuz-ipfire-smp root=ROOT panic=10 acpi=off vga=791 splash=silent ro
initrd /initrd.splash
savedefault 2
title IPFire SMP (VESA)
root (hd0,0)
kernel /vmlinuz-smp root=ROOT panic=10 acpi=off ro
kernel /vmlinuz-ipfire-smp root=ROOT panic=10 acpi=off ro
initrd /initrd.splash
savedefault 3
title IPFire SMP-HT (Intel Pentium 4) (1024x768)
root (hd0,0)
kernel /vmlinuz-smp root=ROOT panic=10 acpi=ht vga=791 splash=silent ro
kernel /vmlinuz-ipfire-smp root=ROOT panic=10 acpi=ht vga=791 splash=silent ro
initrd /initrd.splash
savedefault 4
title IPFire SMP-HT (Intel Pentium 4) (VESA)
root (hd0,0)
kernel /vmlinuz-smp root=ROOT panic=10 acpi=ht ro
kernel /vmlinuz-ipfire-smp root=ROOT panic=10 acpi=ht ro
initrd /initrd.splash
savedefault 5

12
config/grub/scsigrub.conf
View File

@@ -5,31 +5,31 @@ background = ffffff
gfxmenu /grub/message
title IPFire (1024x768)
root (hd0,0)
kernel /vmlinuz root=ROOT panic=10 init=/linuxrc vga=791 splash=silent rw
kernel /vmlinuz-ipfire root=ROOT panic=10 init=/linuxrc vga=791 splash=silent rw
initrd /ipfirerd.img
savedefault 0
title IPFire (VESA)
root (hd0,0)
kernel /vmlinuz root=ROOT panic=10 init=/linuxrc rw
kernel /vmlinuz-ipfire root=ROOT panic=10 init=/linuxrc rw
initrd /ipfirerd.img
savedefault 1
title IPFire SMP (1024x768)
root (hd0,0)
kernel /vmlinuz-smp root=ROOT panic=10 init=/linuxrc acpi=off vga=791 splash=silent rw
kernel /vmlinuz-ipfire-smp root=ROOT panic=10 init=/linuxrc acpi=off vga=791 splash=silent rw
initrd /ipfirerd-smp.img
savedefault 2
title IPFire SMP (VESA)
root (hd0,0)
kernel /vmlinuz-smp root=ROOT panic=10 init=/linuxrc acpi=off rw
kernel /vmlinuz-ipfire-smp root=ROOT panic=10 init=/linuxrc acpi=off rw
initrd /ipfirerd-smp.img
savedefault 3
title IPFire SMP (Intel Pentium 4) (1024x768)
root (hd0,0)
kernel /vmlinuz-smp root=ROOT panic=10 init=/linuxrc acpi=ht vga=791 splash=silent rw
kernel /vmlinuz-ipfire-smp root=ROOT panic=10 init=/linuxrc acpi=ht vga=791 splash=silent rw
initrd /ipfirerd-smp.img
savedefault 4
title IPFire SMP (Intel Pentium 4) (VESA)
root (hd0,0)
kernel /vmlinuz-smp root=ROOT panic=10 init=/linuxrc acpi=ht rw
kernel /vmlinuz-ipfire-smp root=ROOT panic=10 init=/linuxrc acpi=ht rw
initrd /ipfirerd-smp.img
savedefault 5

4
config/kernel/kernel.config.i586
View File

@@ -1,7 +1,7 @@
#
# Automatically generated make config: don't edit
# Linux kernel version: 2.6.16.42-ipfire
# Sat Mar 3 20:27:00 2007
# Sun Mar 4 14:59:47 2007
#
CONFIG_X86_32=y
CONFIG_SEMAPHORE_SLEEPERS=y
@@ -476,6 +476,8 @@ CONFIG_IP_NF_RAW=m
CONFIG_IP_NF_ARPTABLES=m
CONFIG_IP_NF_ARPFILTER=m
CONFIG_IP_NF_ARP_MANGLE=m
CONFIG_IP_NF_NAT_MMS=m
CONFIG_IP_NF_MMS=m
CONFIG_IP_NF_NAT_SIP=m
CONFIG_IP_NF_SIP=m

4
config/kernel/kernel.config.i586.smp
View File

@@ -1,7 +1,7 @@
#
# Automatically generated make config: don't edit
# Linux kernel version: 2.6.16.42-ipfire
# Sat Mar 3 20:27:11 2007
# Sun Mar 4 14:59:47 2007
#
CONFIG_X86_32=y
CONFIG_SEMAPHORE_SLEEPERS=y
@@ -482,6 +482,8 @@ CONFIG_IP_NF_RAW=m
CONFIG_IP_NF_ARPTABLES=m
CONFIG_IP_NF_ARPFILTER=m
CONFIG_IP_NF_ARP_MANGLE=m
CONFIG_IP_NF_NAT_MMS=m
CONFIG_IP_NF_MMS=m
CONFIG_IP_NF_NAT_SIP=m
CONFIG_IP_NF_SIP=m

25
lfs/iptables
View File

@@ -26,11 +26,11 @@
include Config
VER = 1.3.5
VER = 1.3.7
THISAPP = iptables-$(VER)
DL_FILE = $(THISAPP).tar.bz2
DL_FROM = http://ftp.netfilter.org/pub/iptables
DL_FROM = $(URL_IPFIRE)
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
@@ -38,20 +38,17 @@ TARGET = $(DIR_INFO)/$(THISAPP)
# Top-level Rules
###############################################################################
objects = $(DL_FILE) \
iptables-1.3.0-imq1.diff \
netfilter-layer7-v2.6.tar.gz \
netfilter-layer7-v2.9.tar.gz \
libnfnetlink-0.0.25.tar.bz2 \
libnetfilter_queue-0.0.13.tar.bz2
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
iptables-1.3.0-imq1.diff = $(URL_IPFIRE)/iptables-1.3.0-imq1.diff
netfilter-layer7-v2.6.tar.gz = $(URL_IPFIRE)/netfilter-layer7-v2.6.tar.gz
netfilter-layer7-v2.9.tar.gz = $(URL_IPFIRE)/netfilter-layer7-v2.9.tar.gz
libnfnetlink-0.0.25.tar.bz2 = $(URL_IPFIRE)/libnfnetlink-0.0.25.tar.bz2
libnetfilter_queue-0.0.13.tar.bz2 = $(URL_IPFIRE)/libnetfilter_queue-0.0.13.tar.bz2
$(DL_FILE)_MD5 = 00fb916fa8040ca992a5ace56d905ea5
iptables-1.3.0-imq1.diff_MD5 = 9adae8be9562775a176fc1b275b3cb29
netfilter-layer7-v2.6.tar.gz_MD5 = 58135cd1aafaf4ae2fa478159206f064
$(DL_FILE)_MD5 = dd965bdacbb86ce2a6498829fddda6b7
netfilter-layer7-v2.9.tar.gz_MD5 = ebf9043a5352ebe6dbd721989ef83dee
libnfnetlink-0.0.25.tar.bz2_MD5 = fc915a2e66d282e524af6ef939042d7d
libnetfilter_queue-0.0.13.tar.bz2_MD5 = 660cbfd3dc8c10bf9b1803cd2b688256
@@ -83,13 +80,13 @@ $(subst %,%_MD5,$(objects)) :
$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
@$(PREBUILD)
# iptables-fixed.tar.gz is made in the linux kernel build process
@rm -rf $(DIR_APP) $(DIR_SRC)/libnfnetlink-0.0.25 $(DIR_SRC)/netfilter-layer7-v2.6 $(DIR_SRC)/libnetfilter_queue-0.0.13
@rm -rf $(DIR_APP) $(DIR_SRC)/libnfnetlink-0.0.25 $(DIR_SRC)/netfilter-layer7* $(DIR_SRC)/libnetfilter_queue-0.0.13
@cd $(DIR_SRC) && tar zxf $(DIR_DL)/iptables-fixed.tar.gz
@cd $(DIR_SRC) && tar zxf $(DIR_DL)/netfilter-layer7-v2.6.tar.gz
cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/netfilter-layer7-v2.6/iptables-layer7-2.6.patch
cd $(DIR_SRC) && tar zxf $(DIR_DL)/netfilter-layer7-v2.9.tar.gz
cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/netfilter-layer7-v2.9/iptables-layer7-2.9.patch
cd $(DIR_APP) && patch -Np1 < $(DIR_DL)/iptables-1.3.0-imq1.diff
cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/iptables-1.3.6-imq.diff
chmod +x $(DIR_APP)/extensions/.IMQ-test* $(DIR_APP)/extensions/.layer7-test*
# hack to disable IPv6 compilation as the configuration variable does not work when ip6.h is present
@@ -107,5 +104,5 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
cd $(DIR_SRC)/libnetfilter_queue-0.0.13 && make
cd $(DIR_SRC)/libnetfilter_queue-0.0.13 && make install
@rm -rf $(DIR_APP) $(DIR_SRC)/libnfnetlink-0.0.25 $(DIR_SRC)/netfilter-layer7-v2.6 $(DIR_SRC)/libnetfilter_queue-0.0.13
@rm -rf $(DIR_APP) $(DIR_SRC)/libnfnetlink-0.0.25 $(DIR_SRC)/netfilter-layer7* $(DIR_SRC)/libnetfilter_queue-0.0.13
@$(POSTBUILD)

6
lfs/linux
View File

@@ -50,14 +50,14 @@ endif
objects =$(DL_FILE) \
mISDN-CVS-2007-01-26.tar.bz2 \
squashfs3.2-r2.tar.gz \
iptables-1.3.5.tar.bz2 \
iptables-1.3.7.tar.bz2 \
patch-o-matic-ng-20061210.tar.bz2 \
netfilter-layer7-v2.9.tar.gz \
patch-2.6.16-nath323-1.3.bz2
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
patch-o-matic-ng-20061210.tar.bz2 = $(URL_IPFIRE)/patch-o-matic-ng-20061210.tar.bz2
iptables-1.3.5.tar.bz2 = $(URL_IPFIRE)/iptables-1.3.5.tar.bz2
iptables-1.3.7.tar.bz2 = $(URL_IPFIRE)/iptables-1.3.7.tar.bz2
netfilter-layer7-v2.9.tar.gz = $(URL_IPFIRE)/netfilter-layer7-v2.9.tar.gz
patch-2.6.16-nath323-1.3.bz2 = $(URL_IPFIRE)/patch-2.6.16-nath323-1.3.bz2
squashfs3.2-r2.tar.gz = $(URL_IPFIRE)/squashfs3.2-r2.tar.gz
@@ -65,7 +65,7 @@ mISDN-CVS-2007-01-26.tar.bz2 = $(URL_IPFIRE)/mISDN-CVS-2007-01-26.tar.bz2
$(DL_FILE)_MD5 = 87e998bb87839b962702815dd5aecc73
patch-o-matic-ng-20061210.tar.bz2_MD5 = 76edac76301b45f89e467b41c8cf4393
iptables-1.3.5.tar.bz2_MD5 = 00fb916fa8040ca992a5ace56d905ea5
iptables-1.3.7.tar.bz2_MD5 = dd965bdacbb86ce2a6498829fddda6b7
netfilter-layer7-v2.9.tar.gz_MD5 = ebf9043a5352ebe6dbd721989ef83dee
patch-2.6.16-nath323-1.3.bz2_MD5 = f926409ff703a307baf54b57ab75d138
squashfs3.2-r2.tar.gz_MD5 = bf360b92eba9e6d5610196ce2e02fcd1

4
src/initscripts/init.d/checkfs
View File

@@ -30,8 +30,8 @@
case "${1}" in
start)
if [ ! -f /.autofsck ]; then
boot_mesg -n "No /.autofsck found, will not perform" ${INFO}
if [ -f /fastboot ]; then
boot_mesg -n "/fastboot found, will not perform" ${INFO}
boot_mesg " file system checks as requested."
echo_ok
exit 0

221
src/patches/iptables-1.3.6-imq.diff Normal file
View File

@@ -0,0 +1,221 @@
--- iptables-1.3.6.orig/extensions.orig/.IMQ-test6 Thu Jan 1 01:00:00 1970
+++ iptables-1.3.6/extensions/.IMQ-test6 Mon Jun 16 10:12:47 2003
@@ -0,0 +1,3 @@
+#!/bin/sh
+# True if IMQ target patch is applied.
+[ -f $KERNEL_DIR/net/ipv6/netfilter/ip6t_IMQ.c ] && echo IMQ
--- iptables-1.3.6.orig/extensions.orig/libip6t_IMQ.c Thu Jan 1 01:00:00 1970
+++ iptables-1.3.6/extensions/libip6t_IMQ.c Mon Jun 16 10:12:47 2003
@@ -0,0 +1,101 @@
+/* Shared library add-on to iptables to add IMQ target support. */
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include <getopt.h>
+
+#include <ip6tables.h>
+#include <linux/netfilter_ipv6/ip6_tables.h>
+#include <linux/netfilter_ipv6/ip6t_IMQ.h>
+
+/* Function which prints out usage message. */
+static void
+help(void)
+{
+ printf(
+"IMQ target v%s options:\n"
+" --todev <N> enqueue to imq<N>, defaults to 0\n",
+IPTABLES_VERSION);
+}
+
+static struct option opts[] = {
+ { "todev", 1, 0, '1' },
+ { 0 }
+};
+
+/* Initialize the target. */
+static void
+init(struct ip6t_entry_target *t, unsigned int *nfcache)
+{
+ struct ip6t_imq_info *mr = (struct ip6t_imq_info*)t->data;
+
+ mr->todev = 0;
+ *nfcache |= NFC_UNKNOWN;
+}
+
+/* Function which parses command options; returns true if it
+ ate an option */
+static int
+parse(int c, char **argv, int invert, unsigned int *flags,
+ const struct ip6t_entry *entry,
+ struct ip6t_entry_target **target)
+{
+ struct ip6t_imq_info *mr = (struct ip6t_imq_info*)(*target)->data;
+
+ switch(c) {
+ case '1':
+ if (check_inverse(optarg, &invert, NULL, 0))
+ exit_error(PARAMETER_PROBLEM,
+ "Unexpected `!' after --todev");
+ mr->todev=atoi(optarg);
+ break;
+ default:
+ return 0;
+ }
+ return 1;
+}
+
+static void
+final_check(unsigned int flags)
+{
+}
+
+/* Prints out the targinfo. */
+static void
+print(const struct ip6t_ip6 *ip,
+ const struct ip6t_entry_target *target,
+ int numeric)
+{
+ struct ip6t_imq_info *mr = (struct ip6t_imq_info*)target->data;
+
+ printf("IMQ: todev %u ", mr->todev);
+}
+
+/* Saves the union ipt_targinfo in parsable form to stdout. */
+static void
+save(const struct ip6t_ip6 *ip, const struct ip6t_entry_target *target)
+{
+ struct ip6t_imq_info *mr = (struct ip6t_imq_info*)target->data;
+
+ printf("--todev %u", mr->todev);
+}
+
+static struct ip6tables_target imq = {
+ .next = NULL,
+ .name = "IMQ",
+ .version = IPTABLES_VERSION,
+ .size = IP6T_ALIGN(sizeof(struct ip6t_imq_info)),
+ .userspacesize = IP6T_ALIGN(sizeof(struct ip6t_imq_info)),
+ .help = &help,
+ .init = &init,
+ .parse = &parse,
+ .final_check = &final_check,
+ .print = &print,
+ .save = &save,
+ .extra_opts = opts
+};
+
+static __attribute__((constructor)) void _init(void)
+{
+ register_target6(&imq);
+}
--- iptables-1.3.6.orig/extensions.orig/.IMQ-test Thu Jan 1 01:00:00 1970
+++ iptables-1.3.6/extensions/.IMQ-test Mon Jun 16 10:12:47 2003
@@ -0,0 +1,3 @@
+#!/bin/sh
+# True if IMQ target patch is applied.
+[ -f $KERNEL_DIR/net/ipv4/netfilter/ipt_IMQ.c ] && echo IMQ
--- iptables-1.3.6.orig/extensions.orig/libipt_IMQ.c Thu Jan 1 01:00:00 1970
+++ iptables-1.3.6/extensions/libipt_IMQ.c Mon Jun 16 10:12:47 2003
@@ -0,0 +1,101 @@
+/* Shared library add-on to iptables to add IMQ target support. */
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include <getopt.h>
+
+#include <iptables.h>
+#include <linux/netfilter_ipv4/ip_tables.h>
+#include <linux/netfilter_ipv4/ipt_IMQ.h>
+
+/* Function which prints out usage message. */
+static void
+help(void)
+{
+ printf(
+"IMQ target v%s options:\n"
+" --todev <N> enqueue to imq<N>, defaults to 0\n",
+IPTABLES_VERSION);
+}
+
+static struct option opts[] = {
+ { "todev", 1, 0, '1' },
+ { 0 }
+};
+
+/* Initialize the target. */
+static void
+init(struct ipt_entry_target *t, unsigned int *nfcache)
+{
+ struct ipt_imq_info *mr = (struct ipt_imq_info*)t->data;
+
+ mr->todev = 0;
+ *nfcache |= NFC_UNKNOWN;
+}
+
+/* Function which parses command options; returns true if it
+ ate an option */
+static int
+parse(int c, char **argv, int invert, unsigned int *flags,
+ const struct ipt_entry *entry,
+ struct ipt_entry_target **target)
+{
+ struct ipt_imq_info *mr = (struct ipt_imq_info*)(*target)->data;
+
+ switch(c) {
+ case '1':
+ if (check_inverse(optarg, &invert, NULL, 0))
+ exit_error(PARAMETER_PROBLEM,
+ "Unexpected `!' after --todev");
+ mr->todev=atoi(optarg);
+ break;
+ default:
+ return 0;
+ }
+ return 1;
+}
+
+static void
+final_check(unsigned int flags)
+{
+}
+
+/* Prints out the targinfo. */
+static void
+print(const struct ipt_ip *ip,
+ const struct ipt_entry_target *target,
+ int numeric)
+{
+ struct ipt_imq_info *mr = (struct ipt_imq_info*)target->data;
+
+ printf("IMQ: todev %u ", mr->todev);
+}
+
+/* Saves the union ipt_targinfo in parsable form to stdout. */
+static void
+save(const struct ipt_ip *ip, const struct ipt_entry_target *target)
+{
+ struct ipt_imq_info *mr = (struct ipt_imq_info*)target->data;
+
+ printf("--todev %u", mr->todev);
+}
+
+static struct iptables_target imq = {
+ .next = NULL,
+ .name = "IMQ",
+ .version = IPTABLES_VERSION,
+ .size = IPT_ALIGN(sizeof(struct ipt_imq_info)),
+ .userspacesize = IPT_ALIGN(sizeof(struct ipt_imq_info)),
+ .help = &help,
+ .init = &init,
+ .parse = &parse,
+ .final_check = &final_check,
+ .print = &print,
+ .save = &save,
+ .extra_opts = opts
+};
+
+static __attribute__((constructor)) void _init(void)
+{
+ register_target(&imq);
+}