153024Sguido#!/bin/sh 253024Sguido# 353024SguidoPATH=/sbin:/usr/sbin:/bin:/usr/bin; export PATH 4145510Sdarrenrargv0=`basename $0` 553024Sguido 6145510Sdarrenros=`uname -s` 7145510Sdarrenrrev=`uname -r` 8145510Sdarrenrmaj=`expr $rev : '\([0-9]*\)\.'` 9145510Sdarrenrmin=`expr $rev : '[0-9]*\.\([0-9]*\)'` 10145510Sdarrenrsub=`expr $rev : '[0-9]*\.[0-9]*\.\([0-9]*\)'` 11145510Sdarrenr 1253024Sguido# try to bomb out fast if anything fails.... 1353024Sguidoset -e 14145510Sdarrenr 15145510Sdarrenrfullrev=`printf '%02d%02d%02d' $maj $min $sub` 1653024Sguidodir=`pwd` 1753024Sguidokarch=`uname -m` 1853024Sguidoarchdir="/sys/arch/$karch" 1992686Sdarrenripfdir=/sys/netinet 2092686Sdarrenrif [ -d /sys/contrib/ipfilter ] ; then 2192686Sdarrenr ipfdir=/sys/contrib/ipfilter/netinet 2292686Sdarrenrfi 23145510Sdarrenrif [ -d /sys/dist/ipf ] ; then 24145510Sdarrenr ipfdir=/sys/dist/ipf/netinet 25145510Sdarrenrfi 2653024Sguidoconfdir="$archdir/conf" 27145510Sdarrenrif [ -f /dev/ipnat ] ; then 28145510Sdarrenr major=`ls -l /dev/ipnat | sed -e 's/.* \([0-9]*\),.*/\1/'` 29145510Sdarrenr echo "Major number for IP Filter is $major" 30145510Sdarrenrelse 31145510Sdarrenr major=x 32145510Sdarrenrfi 3353024Sguido 34153877Sguidoif [ ! -f ip_rules.c -o ! -f ip_rules.h ] ; then 35172771Sdarrenr echo "Trying to build ip_rules.c and ip_rules.h" 36172771Sdarrenr make ip_rules.c 37172771Sdarrenr if [ ! -f ip_rules.c -o ! -f ip_rules.h ] ; then 38172771Sdarrenr echo "Please do a build of ipfilter and then run the following" 39172771Sdarrenr echo "command to build extra files:" 40172771Sdarrenr echo 41172771Sdarrenr echo "make ip_rules.c" 42172771Sdarrenr exit 1 43172771Sdarrenr fi 44153877Sguidofi 45153877Sguido 4653024Sguidoecho -n "Installing " 47145510Sdarrenrfor j in auth frag nat proxy scan state sync pool htable lookup rules; do 48145510Sdarrenr for i in ip_$j.[ch]; do 49145510Sdarrenr if [ -f "$i" ] ; then 50145510Sdarrenr echo -n " $i" 51145510Sdarrenr cp $i $ipfdir 52145510Sdarrenr chmod 644 $ipfdir/$i 53145510Sdarrenr fi 54145510Sdarrenr done 55145510Sdarrenrdone 56145510Sdarrenr 57145510Sdarrenrcase $os in 58145510SdarrenrSunOS) 59145510Sdarrenr case `uname -r` in 60145510Sdarrenr 5.*) 61145510Sdarrenr filc=ip_fil_solaris.c 62145510Sdarrenr ;; 63145510Sdarrenr 4.*) 64145510Sdarrenr filc=ip_fil_sunos.c 65145510Sdarrenr ;; 66145510Sdarrenr esac 67145510Sdarrenr ;; 68145510Sdarrenr*BSD) 69145510Sdarrenr filc=ip_fil_`echo $os | tr A-Z a-z`.c 70145510Sdarrenr case $os in 71145510Sdarrenr FreeBSD) 72145510Sdarrenr cp mlfk_ipl.c $ipfdir/ 73145510Sdarrenr ;; 74145510Sdarrenr *) 75145510Sdarrenr ;; 76145510Sdarrenr esac 77145510Sdarrenr ;; 78145510Sdarrenresac 79145510Sdarrenr 80145510Sdarrenrif [ -f $ipfdir/$filc ] ; then 81145510Sdarrenr echo -n "$filc -> $ipfdir/$filc " 82145510Sdarrenr cp $filc $ipfdir/$filc 83145510Sdarrenr chmod 644 $ipfdir/$filc 84145510Sdarrenrfi 85145510Sdarrenrif [ -f $ipfdir/ip_fil.c ] ; then 86145510Sdarrenr echo -n "$filc -> $ipfdir/ip_fil.c " 87145510Sdarrenr cp $filc $ipfdir/ip_fil.c 88145510Sdarrenr chmod 644 $ipfdir/ip_fil.c 89145510Sdarrenrfi 90145510Sdarrenr 91145510Sdarrenrfor i in ip_fil.h fil.c ip_log.c ip_compat.h ipl.h ip_*_pxy.c; do 92145510Sdarrenr echo -n " $i" 9392686Sdarrenr cp $i $ipfdir 9492686Sdarrenr chmod 644 $ipfdir/$i 9553024Sguidodone 9653024Sguidoecho "" 97110917Sdarrenrecho -n "Installing into /usr/include/netinet" 98145510Sdarrenrfor j in auth compat fil frag nat proxy scan state sync pool htable lookup; do 99110917Sdarrenr i=ip_$j.h 100110917Sdarrenr if [ -f "$i" ] ; then 101110917Sdarrenr echo -n " $i" 102110917Sdarrenr cp $i /usr/include/netinet/$i 103110917Sdarrenr chmod 644 /usr/include/netinet/$i 104110917Sdarrenr fi 105110917Sdarrenrdone 106110917Sdarrenrfor j in ipl.h; do 107110917Sdarrenr if [ -f "$j" ] ; then 108110917Sdarrenr echo -n " $j" 109110917Sdarrenr cp $j /usr/include/netinet/$j 110110917Sdarrenr chmod 644 /usr/include/netinet/$j 111110917Sdarrenr fi 112110917Sdarrenrdone 113110917Sdarrenrecho 114110917Sdarrenr 11553024Sguidoif [ -f /sys/netinet/ip_fil_compat.h ] ; then 11653024Sguido echo "Linking /sys/netinet/ip_compat.h to /sys/netinet/ip_fil_compat.h" 11753024Sguido rm /sys/netinet/ip_fil_compat.h 11853024Sguido ln -s /sys/netinet/ip_compat.h /sys/netinet/ip_fil_compat.h 11953024Sguidofi 120145510Sdarrenr 121145510Sdarrenrif [ $major != x ] ; then 122145510Sdarrenr if [ ! -e /dev/ipsync ] ; then 123145510Sdarrenr echo "Creating /dev/ipsync" 124145510Sdarrenr mknod /dev/ipsync c $major 4 125145510Sdarrenr fi 126145510Sdarrenr 127145510Sdarrenr if [ ! -e /dev/ipsync ] ; then 128145510Sdarrenr echo "Creating /dev/ipscan" 129145510Sdarrenr mknod /dev/ipsync c $major 5 130145510Sdarrenr fi 131145510Sdarrenr 132145510Sdarrenr if [ ! -e /dev/iplookup ] ; then 133145510Sdarrenr echo "Creating /dev/iplookup" 134145510Sdarrenr mknod /dev/iplookup c $major 6 135145510Sdarrenr fi 136145510Sdarrenrfi 137145510Sdarrenr 138145510Sdarrenrset +e 139145510Sdarrenros=`uname -s` 140145510Sdarrenrif [ $os = FreeBSD -a -f /sys/conf/files ] ; then 141145510Sdarrenr cd /sys/conf 142145510Sdarrenr if [ -f options ] ; then 143145510Sdarrenr if [ ! -f options.preipf4 ] ; then 144145510Sdarrenr mv options options.preipf4 145145510Sdarrenr cp -p options.preipf4 options 146145510Sdarrenr fi 147145510Sdarrenr for i in SCAN SYNC LOOKUP COMPILED; do 148145510Sdarrenr grep IPFILTER_$i options >/dev/null 2>&1 149145510Sdarrenr if [ $? -ne 0 ] ; then 150145510Sdarrenr echo >> options 151145510Sdarrenr echo "# extra option for IP Filter" >> options 152145510Sdarrenr echo "IPFILTER_$i opt_ipfilter.h" >> options 153145510Sdarrenr fi 154145510Sdarrenr done 155145510Sdarrenr fi 156145510Sdarrenr if [ ! -f files.preipf4 ] ; then 157145510Sdarrenr mv files files.preipf4 158145510Sdarrenr cp -p files.preipf4 files 159145510Sdarrenr fi 160145510Sdarrenr for i in htable pool lookup; do 161145510Sdarrenr grep ip_$i.c files >/dev/null 2>&1 162145510Sdarrenr if [ $? -ne 0 ] ; then 163145510Sdarrenr echo "contrib/ipfilter/netinet/ip_$i.c optional ipfilter inet ipfilter_lookup" >> files 164145510Sdarrenr fi 165145510Sdarrenr done 166145510Sdarrenr grep ip_sync.c files >/dev/null 2>&1 167145510Sdarrenr if [ $? -ne 0 ] ; then 168145510Sdarrenr echo 'contrib/ipfilter/netinet/ip_sync.c optional ipfilter inet ipfilter_sync' >> files 169145510Sdarrenr fi 170145510Sdarrenr grep ip_scan.c files >/dev/null 2>&1 171145510Sdarrenr if [ $? -ne 0 ] ; then 172145510Sdarrenr echo 'contrib/ipfilter/netinet/ip_scan.c optional ipfilter inet ipfilter_scan' >> files 173145510Sdarrenr fi 174145510Sdarrenr grep ip_rules.c files >/dev/null 2>&1 175145510Sdarrenr if [ $? -ne 0 ] ; then 176145510Sdarrenr echo 'contrib/ipfilter/netinet/ip_rules.c optional ipfilter inet ipfilter_compiled' >> files 177145510Sdarrenr fi 178145510Sdarrenrfi 179145510Sdarrenrif [ $os = NetBSD -a -f /sys/conf/files ] ; then 180145510Sdarrenr cd /sys/conf 181145510Sdarrenr if [ ! -f files.preipf4 ] ; then 182145510Sdarrenr mv files files.preipf4 183145510Sdarrenr cp -p files.preipf4 files 184145510Sdarrenr fi 185145510Sdarrenr if [ $fullrev -ge 010600 -a $fullrev -lt 020000 ] ; then 186145510Sdarrenr for i in htable pool lookup; do 187145510Sdarrenr grep ip_$i.c files >/dev/null 2>&1 188145510Sdarrenr if [ $? -ne 0 ] ; then 189145510Sdarrenr echo "file netinet/ip_$i.c ipfilter & ipfilter_lookup" >> files 190145510Sdarrenr fi 191145510Sdarrenr done 192145510Sdarrenr grep ip_sync.c files >/dev/null 2>&1 193145510Sdarrenr if [ $? -ne 0 ] ; then 194145510Sdarrenr echo 'file netinet/ip_sync.c ipfilter & ipfilter_sync' >> files 195145510Sdarrenr fi 196145510Sdarrenr grep ip_scan.c files >/dev/null 2>&1 197145510Sdarrenr if [ $? -ne 0 ] ; then 198145510Sdarrenr echo 'file netinet/ip_scan.c ipfilter & ipfilter_scan' >> files 199145510Sdarrenr fi 200145510Sdarrenr grep ip_rules.c files >/dev/null 2>&1 201145510Sdarrenr if [ $? -ne 0 ] ; then 202145510Sdarrenr echo 'file netinet/ip_rules.c ipfilter & ipfilter_compiled' >> files 203145510Sdarrenr fi 204145510Sdarrenr fi 205145510Sdarrenrfi 206145510Sdarrenrif [ $os = OpenBSD -a -f /sys/conf/files ] ; then 207145510Sdarrenr cd /sys/conf 208145510Sdarrenr if [ ! -f files.preipf4 ] ; then 209145510Sdarrenr mv files files.preipf4 210145510Sdarrenr cp -p files.preipf4 files 211145510Sdarrenr fi 212145510Sdarrenr if [ $fullrev -ge 030400 ] ; then 213145510Sdarrenr for i in htable pool lookup; do 214145510Sdarrenr grep ip_$i.c files >/dev/null 2>&1 215145510Sdarrenr if [ $? -ne 0 ] ; then 216145510Sdarrenr echo "file netinet/ip_$i.c ipfilter & ipfilter_lookup" >> files 217145510Sdarrenr fi 218145510Sdarrenr done 219145510Sdarrenr grep ip_sync.c files >/dev/null 2>&1 220145510Sdarrenr if [ $? -ne 0 ] ; then 221145510Sdarrenr echo 'file netinet/ip_sync.c ipfilter & ipfilter_sync' >> files 222145510Sdarrenr fi 223145510Sdarrenr grep ip_scan.c files >/dev/null 2>&1 224145510Sdarrenr if [ $? -ne 0 ] ; then 225145510Sdarrenr echo 'file netinet/ip_scan.c ipfilter & ipfilter_scan' >> files 226145510Sdarrenr fi 227145510Sdarrenr grep ip_rules.c files >/dev/null 2>&1 228145510Sdarrenr if [ $? -ne 0 ] ; then 229145510Sdarrenr echo 'file netinet/ip_rules.c ipfilter & ipfilter_compiled' >> files 230145510Sdarrenr fi 231145510Sdarrenr fi 232145510Sdarrenrfi 233145510Sdarrenr 234145510Sdarrenrif [ -f /usr/src/sys/modules/ipfilter/Makefile -a \ 235145510Sdarrenr ! -f /usr/src/sys/modules/ipfilter/Makefile.orig ] ; then 236145510Sdarrenrcat | (cd /usr/src/sys/modules/ipfilter; patch) <<__EOF__ 237145510Sdarrenr*** Makefile.orig Mon Mar 28 09:10:11 2005 238145510Sdarrenr--- Makefile Mon Mar 28 09:12:51 2005 239145510Sdarrenr*************** 240145510Sdarrenr*** 5,13 **** 241145510Sdarrenr KMOD= ipl 242145510Sdarrenr SRCS= mlfk_ipl.c ip_nat.c ip_frag.c ip_state.c ip_proxy.c ip_auth.c \\ 243145510Sdarrenr! ip_log.c ip_fil.c fil.c 244145510Sdarrenr 245145510Sdarrenr .if !defined(NOINET6) 246145510Sdarrenr CFLAGS+= -DUSE_INET6 247145510Sdarrenr .endif 248145510Sdarrenr CFLAGS+= -I$${.CURDIR}/../../contrib/ipfilter 249145510Sdarrenr! CFLAGS+= -DIPFILTER=1 -DIPFILTER_LKM -DIPFILTER_LOG -DPFIL_HOOKS 250145510Sdarrenr--- 5,15 ---- 251145510Sdarrenr KMOD= ipl 252145510Sdarrenr SRCS= mlfk_ipl.c ip_nat.c ip_frag.c ip_state.c ip_proxy.c ip_auth.c \\ 253145510Sdarrenr! ip_log.c ip_fil.c fil.c ip_lookup.c ip_pool.c ip_htable.c \\ 254145510Sdarrenr! ip_sync.c ip_scan.c ip_rules.c 255145510Sdarrenr 256145510Sdarrenr .if !defined(NOINET6) 257145510Sdarrenr CFLAGS+= -DUSE_INET6 258145510Sdarrenr .endif 259145510Sdarrenr CFLAGS+= -I$${.CURDIR}/../../contrib/ipfilter 260145510Sdarrenr! CFLAGS+= -DIPFILTER=1 -DIPFILTER_LKM -DIPFILTER_LOG -DPFIL_HOOKS \\ 261145510Sdarrenr! -DIPFILTER_LOOKUP -DIPFILTER_COMPILED 262145510Sdarrenr__EOF__ 263145510Sdarrenrfi 26453024Sguidoexit 0 265