265 lines
6.5 KiB
Bash
265 lines
6.5 KiB
Bash
#!/bin/sh
|
|
#
|
|
PATH=/sbin:/usr/sbin:/bin:/usr/bin; export PATH
|
|
argv0=`basename $0`
|
|
|
|
os=`uname -s`
|
|
rev=`uname -r`
|
|
maj=`expr $rev : '\([0-9]*\)\.'`
|
|
min=`expr $rev : '[0-9]*\.\([0-9]*\)'`
|
|
sub=`expr $rev : '[0-9]*\.[0-9]*\.\([0-9]*\)'`
|
|
|
|
# try to bomb out fast if anything fails....
|
|
set -e
|
|
|
|
fullrev=`printf '%02d%02d%02d' $maj $min $sub`
|
|
dir=`pwd`
|
|
karch=`uname -m`
|
|
archdir="/sys/arch/$karch"
|
|
ipfdir=/sys/netinet
|
|
if [ -d /sys/contrib/ipfilter ] ; then
|
|
ipfdir=/sys/contrib/ipfilter/netinet
|
|
fi
|
|
if [ -d /sys/dist/ipf ] ; then
|
|
ipfdir=/sys/dist/ipf/netinet
|
|
fi
|
|
confdir="$archdir/conf"
|
|
if [ -f /dev/ipnat ] ; then
|
|
major=`ls -l /dev/ipnat | sed -e 's/.* \([0-9]*\),.*/\1/'`
|
|
echo "Major number for IP Filter is $major"
|
|
else
|
|
major=x
|
|
fi
|
|
|
|
if [ ! -f ip_rules.c -o ! -f ip_rules.h ] ; then
|
|
echo "Trying to build ip_rules.c and ip_rules.h"
|
|
make ip_rules.c
|
|
if [ ! -f ip_rules.c -o ! -f ip_rules.h ] ; then
|
|
echo "Please do a build of ipfilter and then run the following"
|
|
echo "command to build extra files:"
|
|
echo
|
|
echo "make ip_rules.c"
|
|
exit 1
|
|
fi
|
|
fi
|
|
|
|
echo -n "Installing "
|
|
for j in auth frag nat proxy scan state sync pool htable lookup rules; do
|
|
for i in ip_$j.[ch]; do
|
|
if [ -f "$i" ] ; then
|
|
echo -n " $i"
|
|
cp $i $ipfdir
|
|
chmod 644 $ipfdir/$i
|
|
fi
|
|
done
|
|
done
|
|
|
|
case $os in
|
|
SunOS)
|
|
case `uname -r` in
|
|
5.*)
|
|
filc=ip_fil_solaris.c
|
|
;;
|
|
4.*)
|
|
filc=ip_fil_sunos.c
|
|
;;
|
|
esac
|
|
;;
|
|
*BSD)
|
|
filc=ip_fil_`echo $os | tr A-Z a-z`.c
|
|
case $os in
|
|
FreeBSD)
|
|
cp mlfk_ipl.c $ipfdir/
|
|
;;
|
|
*)
|
|
;;
|
|
esac
|
|
;;
|
|
esac
|
|
|
|
if [ -f $ipfdir/$filc ] ; then
|
|
echo -n "$filc -> $ipfdir/$filc "
|
|
cp $filc $ipfdir/$filc
|
|
chmod 644 $ipfdir/$filc
|
|
fi
|
|
if [ -f $ipfdir/ip_fil.c ] ; then
|
|
echo -n "$filc -> $ipfdir/ip_fil.c "
|
|
cp $filc $ipfdir/ip_fil.c
|
|
chmod 644 $ipfdir/ip_fil.c
|
|
fi
|
|
|
|
for i in ip_fil.h fil.c ip_log.c ip_compat.h ipl.h ip_*_pxy.c; do
|
|
echo -n " $i"
|
|
cp $i $ipfdir
|
|
chmod 644 $ipfdir/$i
|
|
done
|
|
echo ""
|
|
echo -n "Installing into /usr/include/netinet"
|
|
for j in auth compat fil frag nat proxy scan state sync pool htable lookup; do
|
|
i=ip_$j.h
|
|
if [ -f "$i" ] ; then
|
|
echo -n " $i"
|
|
cp $i /usr/include/netinet/$i
|
|
chmod 644 /usr/include/netinet/$i
|
|
fi
|
|
done
|
|
for j in ipl.h; do
|
|
if [ -f "$j" ] ; then
|
|
echo -n " $j"
|
|
cp $j /usr/include/netinet/$j
|
|
chmod 644 /usr/include/netinet/$j
|
|
fi
|
|
done
|
|
echo
|
|
|
|
if [ -f /sys/netinet/ip_fil_compat.h ] ; then
|
|
echo "Linking /sys/netinet/ip_compat.h to /sys/netinet/ip_fil_compat.h"
|
|
rm /sys/netinet/ip_fil_compat.h
|
|
ln -s /sys/netinet/ip_compat.h /sys/netinet/ip_fil_compat.h
|
|
fi
|
|
|
|
if [ $major != x ] ; then
|
|
if [ ! -e /dev/ipsync ] ; then
|
|
echo "Creating /dev/ipsync"
|
|
mknod /dev/ipsync c $major 4
|
|
fi
|
|
|
|
if [ ! -e /dev/ipsync ] ; then
|
|
echo "Creating /dev/ipscan"
|
|
mknod /dev/ipsync c $major 5
|
|
fi
|
|
|
|
if [ ! -e /dev/iplookup ] ; then
|
|
echo "Creating /dev/iplookup"
|
|
mknod /dev/iplookup c $major 6
|
|
fi
|
|
fi
|
|
|
|
set +e
|
|
os=`uname -s`
|
|
if [ $os = FreeBSD -a -f /sys/conf/files ] ; then
|
|
cd /sys/conf
|
|
if [ -f options ] ; then
|
|
if [ ! -f options.preipf4 ] ; then
|
|
mv options options.preipf4
|
|
cp -p options.preipf4 options
|
|
fi
|
|
for i in SCAN SYNC LOOKUP COMPILED; do
|
|
grep IPFILTER_$i options >/dev/null 2>&1
|
|
if [ $? -ne 0 ] ; then
|
|
echo >> options
|
|
echo "# extra option for IP Filter" >> options
|
|
echo "IPFILTER_$i opt_ipfilter.h" >> options
|
|
fi
|
|
done
|
|
fi
|
|
if [ ! -f files.preipf4 ] ; then
|
|
mv files files.preipf4
|
|
cp -p files.preipf4 files
|
|
fi
|
|
for i in htable pool lookup; do
|
|
grep ip_$i.c files >/dev/null 2>&1
|
|
if [ $? -ne 0 ] ; then
|
|
echo "contrib/ipfilter/netinet/ip_$i.c optional ipfilter inet ipfilter_lookup" >> files
|
|
fi
|
|
done
|
|
grep ip_sync.c files >/dev/null 2>&1
|
|
if [ $? -ne 0 ] ; then
|
|
echo 'contrib/ipfilter/netinet/ip_sync.c optional ipfilter inet ipfilter_sync' >> files
|
|
fi
|
|
grep ip_scan.c files >/dev/null 2>&1
|
|
if [ $? -ne 0 ] ; then
|
|
echo 'contrib/ipfilter/netinet/ip_scan.c optional ipfilter inet ipfilter_scan' >> files
|
|
fi
|
|
grep ip_rules.c files >/dev/null 2>&1
|
|
if [ $? -ne 0 ] ; then
|
|
echo 'contrib/ipfilter/netinet/ip_rules.c optional ipfilter inet ipfilter_compiled' >> files
|
|
fi
|
|
fi
|
|
if [ $os = NetBSD -a -f /sys/conf/files ] ; then
|
|
cd /sys/conf
|
|
if [ ! -f files.preipf4 ] ; then
|
|
mv files files.preipf4
|
|
cp -p files.preipf4 files
|
|
fi
|
|
if [ $fullrev -ge 010600 -a $fullrev -lt 020000 ] ; then
|
|
for i in htable pool lookup; do
|
|
grep ip_$i.c files >/dev/null 2>&1
|
|
if [ $? -ne 0 ] ; then
|
|
echo "file netinet/ip_$i.c ipfilter & ipfilter_lookup" >> files
|
|
fi
|
|
done
|
|
grep ip_sync.c files >/dev/null 2>&1
|
|
if [ $? -ne 0 ] ; then
|
|
echo 'file netinet/ip_sync.c ipfilter & ipfilter_sync' >> files
|
|
fi
|
|
grep ip_scan.c files >/dev/null 2>&1
|
|
if [ $? -ne 0 ] ; then
|
|
echo 'file netinet/ip_scan.c ipfilter & ipfilter_scan' >> files
|
|
fi
|
|
grep ip_rules.c files >/dev/null 2>&1
|
|
if [ $? -ne 0 ] ; then
|
|
echo 'file netinet/ip_rules.c ipfilter & ipfilter_compiled' >> files
|
|
fi
|
|
fi
|
|
fi
|
|
if [ $os = OpenBSD -a -f /sys/conf/files ] ; then
|
|
cd /sys/conf
|
|
if [ ! -f files.preipf4 ] ; then
|
|
mv files files.preipf4
|
|
cp -p files.preipf4 files
|
|
fi
|
|
if [ $fullrev -ge 030400 ] ; then
|
|
for i in htable pool lookup; do
|
|
grep ip_$i.c files >/dev/null 2>&1
|
|
if [ $? -ne 0 ] ; then
|
|
echo "file netinet/ip_$i.c ipfilter & ipfilter_lookup" >> files
|
|
fi
|
|
done
|
|
grep ip_sync.c files >/dev/null 2>&1
|
|
if [ $? -ne 0 ] ; then
|
|
echo 'file netinet/ip_sync.c ipfilter & ipfilter_sync' >> files
|
|
fi
|
|
grep ip_scan.c files >/dev/null 2>&1
|
|
if [ $? -ne 0 ] ; then
|
|
echo 'file netinet/ip_scan.c ipfilter & ipfilter_scan' >> files
|
|
fi
|
|
grep ip_rules.c files >/dev/null 2>&1
|
|
if [ $? -ne 0 ] ; then
|
|
echo 'file netinet/ip_rules.c ipfilter & ipfilter_compiled' >> files
|
|
fi
|
|
fi
|
|
fi
|
|
|
|
if [ -f /usr/src/sys/modules/ipfilter/Makefile -a \
|
|
! -f /usr/src/sys/modules/ipfilter/Makefile.orig ] ; then
|
|
cat | (cd /usr/src/sys/modules/ipfilter; patch) <<__EOF__
|
|
*** Makefile.orig Mon Mar 28 09:10:11 2005
|
|
--- Makefile Mon Mar 28 09:12:51 2005
|
|
***************
|
|
*** 5,13 ****
|
|
KMOD= ipl
|
|
SRCS= mlfk_ipl.c ip_nat.c ip_frag.c ip_state.c ip_proxy.c ip_auth.c \\
|
|
! ip_log.c ip_fil.c fil.c
|
|
|
|
.if !defined(NOINET6)
|
|
CFLAGS+= -DUSE_INET6
|
|
.endif
|
|
CFLAGS+= -I$${.CURDIR}/../../contrib/ipfilter
|
|
! CFLAGS+= -DIPFILTER=1 -DIPFILTER_LKM -DIPFILTER_LOG -DPFIL_HOOKS
|
|
--- 5,15 ----
|
|
KMOD= ipl
|
|
SRCS= mlfk_ipl.c ip_nat.c ip_frag.c ip_state.c ip_proxy.c ip_auth.c \\
|
|
! ip_log.c ip_fil.c fil.c ip_lookup.c ip_pool.c ip_htable.c \\
|
|
! ip_sync.c ip_scan.c ip_rules.c
|
|
|
|
.if !defined(NOINET6)
|
|
CFLAGS+= -DUSE_INET6
|
|
.endif
|
|
CFLAGS+= -I$${.CURDIR}/../../contrib/ipfilter
|
|
! CFLAGS+= -DIPFILTER=1 -DIPFILTER_LKM -DIPFILTER_LOG -DPFIL_HOOKS \\
|
|
! -DIPFILTER_LOOKUP -DIPFILTER_COMPILED
|
|
__EOF__
|
|
fi
|
|
exit 0
|