mirror of
https://github.com/vincentmli/bpfire.git
synced 2026-04-09 18:45:54 +02:00
4e9a2b5732
The state of some code especially in general-functions.pl is in such a bad shape and faulty. This is a first step that replaces some of the network functions with those who have been tested and work for undefined inputs. The old functions have been left in place as stubs and must be removed at some time.
167 lines
8.9 KiB
Plaintext
167 lines
8.9 KiB
Plaintext
###############################################################################
|
|
# #
|
|
# IPFire.org - A linux based firewall #
|
|
# Copyright (C) 2007-2013 IPFire Team <info@ipfire.org> #
|
|
# #
|
|
# This program is free software: you can redistribute it and/or modify #
|
|
# it under the terms of the GNU General Public License as published by #
|
|
# the Free Software Foundation, either version 3 of the License, or #
|
|
# (at your option) any later version. #
|
|
# #
|
|
# This program is distributed in the hope that it will be useful, #
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of #
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
|
|
# GNU General Public License for more details. #
|
|
# #
|
|
# You should have received a copy of the GNU General Public License #
|
|
# along with this program. If not, see <http://www.gnu.org/licenses/>. #
|
|
# #
|
|
###############################################################################
|
|
|
|
###############################################################################
|
|
# Definitions
|
|
###############################################################################
|
|
|
|
include Config
|
|
|
|
VER = ipfire
|
|
|
|
THISAPP = configroot
|
|
DIR_APP = $(DIR_SRC)/$(THISAPP)
|
|
TARGET = $(DIR_INFO)/$(THISAPP)
|
|
|
|
###############################################################################
|
|
# Top-level Rules
|
|
###############################################################################
|
|
|
|
install : $(TARGET)
|
|
|
|
check :
|
|
|
|
download :
|
|
|
|
md5 :
|
|
|
|
###############################################################################
|
|
# Installation Details
|
|
###############################################################################
|
|
|
|
$(TARGET) :
|
|
@$(PREBUILD)
|
|
|
|
# Create all directories
|
|
for i in addon-lang auth backup ca certs connscheduler crls ddns dhcp dhcpc dns dnsforward \
|
|
ethernet extrahd/bin fwlogs fwhosts firewall isdn key langs logging mac main \
|
|
menu.d modem net-traffic net-traffic/templates nfs optionsfw \
|
|
ovpn patches pakfire portfw ppp private proxy/advanced/cre \
|
|
proxy/calamaris/bin qos/bin red remote sensors snort time tripwire/report \
|
|
updatexlrator/bin updatexlrator/autocheck urlfilter/autoupdate urlfilter/bin upnp vpn \
|
|
wakeonlan wireless ; do \
|
|
mkdir -p $(CONFIG_ROOT)/$$i; \
|
|
done
|
|
|
|
# Touch empty files
|
|
for i in auth/users backup/include.user backup/exclude.user \
|
|
certs/index.txt ddns/config ddns/noipsettings ddns/settings ddns/ipcache dhcp/settings \
|
|
dhcp/fixleases dhcp/advoptions dhcp/dhcpd.conf.local dns/settings dnsforward/config ethernet/aliases ethernet/settings ethernet/known_nics ethernet/scanned_nics \
|
|
ethernet/wireless extrahd/scan extrahd/devices extrahd/partitions extrahd/settings firewall/settings firewall/config firewall/input firewall/outgoing \
|
|
fwhosts/customnetworks fwhosts/customhosts fwhosts/customgroups fwhosts/customservicegrp fwlogs/ipsettings fwlogs/portsettings \
|
|
isdn/settings mac/settings main/disable_nf_sip main/hosts main/routing main/settings net-traffic/settings optionsfw/settings \
|
|
ovpn/ccd.conf ovpn/ccdroute ovpn/ccdroute2 pakfire/settings portfw/config ppp/settings-1 ppp/settings-2 ppp/settings-3 ppp/settings-4 \
|
|
ppp/settings-5 ppp/settings proxy/settings proxy/squid.conf proxy/advanced/settings proxy/advanced/cre/enable remote/settings qos/settings qos/classes qos/subclasses qos/level7config qos/portconfig \
|
|
qos/tosconfig snort/settings tripwire/settings upnp/settings vpn/config vpn/settings vpn/ipsec.conf \
|
|
vpn/ipsec.secrets vpn/caconfig wakeonlan/clients.conf wireless/config wireless/settings; do \
|
|
touch $(CONFIG_ROOT)/$$i; \
|
|
done
|
|
|
|
# Copy initial configfiles
|
|
cp $(DIR_SRC)/config/cfgroot/header.pl $(CONFIG_ROOT)/
|
|
cp $(DIR_SRC)/config/cfgroot/general-functions.pl $(CONFIG_ROOT)/
|
|
cp $(DIR_SRC)/config/cfgroot/network-functions.pl $(CONFIG_ROOT)/
|
|
cp $(DIR_SRC)/config/cfgroot/lang.pl $(CONFIG_ROOT)/
|
|
cp $(DIR_SRC)/config/cfgroot/countries.pl $(CONFIG_ROOT)/
|
|
cp $(DIR_SRC)/config/cfgroot/graphs.pl $(CONFIG_ROOT)/
|
|
cp $(DIR_SRC)/config/cfgroot/modem-lib.pl $(CONFIG_ROOT)/
|
|
cp $(DIR_SRC)/config/cfgroot/advoptions-list $(CONFIG_ROOT)/dhcp/advoptions-list
|
|
cp $(DIR_SRC)/config/cfgroot/connscheduler-lib.pl $(CONFIG_ROOT)/connscheduler/lib.pl
|
|
cp $(DIR_SRC)/config/cfgroot/connscheduler.conf $(CONFIG_ROOT)/connscheduler
|
|
cp $(DIR_SRC)/config/extrahd/* $(CONFIG_ROOT)/extrahd/bin/
|
|
cp $(DIR_SRC)/config/cfgroot/sensors-settings $(CONFIG_ROOT)/sensors/settings
|
|
cp $(DIR_SRC)/config/menu/* $(CONFIG_ROOT)/menu.d/
|
|
cp $(DIR_SRC)/config/cfgroot/modem-defaults $(CONFIG_ROOT)/modem/defaults
|
|
cp $(DIR_SRC)/config/cfgroot/modem-settings $(CONFIG_ROOT)/modem/settings
|
|
cp $(DIR_SRC)/config/cfgroot/net-traffic-lib.pl $(CONFIG_ROOT)/net-traffic/net-traffic-lib.pl
|
|
cp $(DIR_SRC)/config/cfgroot/net-traffic-admin.pl $(CONFIG_ROOT)/net-traffic/net-traffic-admin.pl
|
|
cp $(DIR_SRC)/config/cfgroot/nfs-server $(CONFIG_ROOT)/nfs/nfs-server
|
|
cp $(DIR_SRC)/config/cfgroot/proxy-acl $(CONFIG_ROOT)/proxy/acl-1.4
|
|
cp $(DIR_SRC)/config/qos/* $(CONFIG_ROOT)/qos/bin/
|
|
cp $(DIR_SRC)/config/cfgroot/ssh-settings $(CONFIG_ROOT)/remote/settings
|
|
cp $(DIR_SRC)/config/cfgroot/time-settings $(CONFIG_ROOT)/time/settings
|
|
cp $(DIR_SRC)/config/cfgroot/logging-settings $(CONFIG_ROOT)/logging/settings
|
|
cp $(DIR_SRC)/config/cfgroot/useragents $(CONFIG_ROOT)/proxy/advanced
|
|
cp $(DIR_SRC)/config/cfgroot/ethernet-vlans $(CONFIG_ROOT)/ethernet/vlans
|
|
cp $(DIR_SRC)/langs/list $(CONFIG_ROOT)/langs/
|
|
cp $(DIR_SRC)/config/firewall/convert-xtaccess /usr/sbin/convert-xtaccess
|
|
cp $(DIR_SRC)/config/firewall/convert-outgoingfw /usr/sbin/convert-outgoingfw
|
|
cp $(DIR_SRC)/config/firewall/convert-dmz /usr/sbin/convert-dmz
|
|
cp $(DIR_SRC)/config/firewall/convert-portfw /usr/sbin/convert-portfw
|
|
cp $(DIR_SRC)/config/firewall/p2protocols $(CONFIG_ROOT)/firewall/p2protocols
|
|
cp $(DIR_SRC)/config/firewall/firewall-policy /usr/sbin/firewall-policy
|
|
cp $(DIR_SRC)/config/fwhosts/icmp-types $(CONFIG_ROOT)/fwhosts/icmp-types
|
|
cp $(DIR_SRC)/config/fwhosts/customservices $(CONFIG_ROOT)/fwhosts/customservices
|
|
cp $(DIR_SRC)/config/fwhosts/customservices $(CONFIG_ROOT)/fwhosts/customservices.default
|
|
# Oneliner configfiles
|
|
echo "ENABLED=off" > $(CONFIG_ROOT)/vpn/settings
|
|
echo "VPN_DELAYED_START=0" >>$(CONFIG_ROOT)/vpn/settings
|
|
echo "01" > $(CONFIG_ROOT)/certs/serial
|
|
echo "nameserver 1.2.3.4" > $(CONFIG_ROOT)/ppp/fake-resolv.conf
|
|
echo "DROPNEWNOTSYN=on" >> $(CONFIG_ROOT)/optionsfw/settings
|
|
echo "DROPINPUT=on" >> $(CONFIG_ROOT)/optionsfw/settings
|
|
echo "DROPFORWARD=on" >> $(CONFIG_ROOT)/optionsfw/settings
|
|
echo "FWPOLICY=DROP" >> $(CONFIG_ROOT)/optionsfw/settings
|
|
echo "FWPOLICY1=DROP" >> $(CONFIG_ROOT)/optionsfw/settings
|
|
echo "FWPOLICY2=DROP" >> $(CONFIG_ROOT)/optionsfw/settings
|
|
echo "DROPPORTSCAN=on" >> $(CONFIG_ROOT)/optionsfw/settings
|
|
echo "DROPOUTGOING=on" >> $(CONFIG_ROOT)/optionsfw/settings
|
|
echo "DROPSAMBA=off" >> $(CONFIG_ROOT)/optionsfw/settings
|
|
echo "DROPPROXY=off" >> $(CONFIG_ROOT)/optionsfw/settings
|
|
echo "SHOWREMARK=on" >> $(CONFIG_ROOT)/optionsfw/settings
|
|
echo "SHOWCOLORS=on" >> $(CONFIG_ROOT)/optionsfw/settings
|
|
echo "SHOWTABLES=off" >> $(CONFIG_ROOT)/optionsfw/settings
|
|
echo "SHOWDROPDOWN=off" >> $(CONFIG_ROOT)/optionsfw/settings
|
|
echo "DROPWIRELESSINPUT=on" >> $(CONFIG_ROOT)/optionsfw/settings
|
|
echo "DROPWIRELESSFORWARD=on" >> $(CONFIG_ROOT)/optionsfw/settings
|
|
echo "POLICY=MODE2" >> $(CONFIG_ROOT)/firewall/settings
|
|
echo "POLICY1=MODE2" >> $(CONFIG_ROOT)/firewall/settings
|
|
|
|
# set converters executable
|
|
chmod 755 /usr/sbin/convert-*
|
|
|
|
# Modify variables in header.pl
|
|
sed -i -e "s+CONFIG_ROOT+$(CONFIG_ROOT)+g" \
|
|
-e "s+VERSION+$(VERSION)+g" \
|
|
$(CONFIG_ROOT)/header.pl
|
|
|
|
# Modify variables in general-functions.pl
|
|
sed -i -e "s+CONFIG_ROOT+$(CONFIG_ROOT)+g" \
|
|
-e "s+VERSION+$(VERSION)+g" \
|
|
$(CONFIG_ROOT)/general-functions.pl
|
|
|
|
# Modify CONFIG_ROOT in lang.pl
|
|
sed -i -e "s+CONFIG_ROOT+$(CONFIG_ROOT)+g" \
|
|
$(CONFIG_ROOT)/lang.pl
|
|
|
|
# Language files
|
|
cp $(DIR_SRC)/langs/*/cgi-bin/*.pl $(CONFIG_ROOT)/langs/
|
|
|
|
# Configroot permissions
|
|
chown -R nobody:nobody $(CONFIG_ROOT)
|
|
chown root:root $(CONFIG_ROOT)
|
|
for i in backup/ header.pl general-functions.pl graphs.pl lang.pl addon-lang/ langs/ red/ ; do \
|
|
chown -R root:root $(CONFIG_ROOT)/$$i; \
|
|
done
|
|
chown -Rv root:root $(CONFIG_ROOT)/*/bin
|
|
chown root:nobody $(CONFIG_ROOT)/dhcpc
|
|
|
|
@$(POSTBUILD)
|