summaryrefslogtreecommitdiffstats
path: root/mdk-stage1
ModeNameSize
-rw-r--r--.cvsignore161logstatsplain
-rw-r--r--Makefile6800logstatsplain
-rw-r--r--Makefile.common1543logstatsplain
-rw-r--r--Makefile.mkinitrd_helper723logstatsplain
-rw-r--r--adsl.c4594logstatsplain
-rw-r--r--adsl.h780logstatsplain
-rw-r--r--automatic.c4228logstatsplain
-rw-r--r--automatic.h1051logstatsplain
d---------bzlib380logstatsplain
-rw-r--r--cdrom.c5140logstatsplain
-rw-r--r--cdrom.h580logstatsplain
-rw-r--r--config-stage1.h1223logstatsplain
-rw-r--r--dhcp.c17441logstatsplain
-rw-r--r--dhcp.h810logstatsplain
d---------dietlibc1100logstatsplain
-rw-r--r--disk.c10044logstatsplain
-rw-r--r--disk.h556logstatsplain
-rw-r--r--dns.c4402logstatsplain
-rw-r--r--dns.h634logstatsplain
d---------doc238logstatsplain
-rw-r--r--frontend-common.c1009logstatsplain
-rw-r--r--frontend.h1620logstatsplain
d---------init-data256logstatsplain
-rw-r--r--init-libc-headers.h1023logstatsplain
-rw-r--r--init.c10124logstatsplain
d---------insmod-busybox371logstatsplain
d---------insmod-modutils212logstatsplain
-rw-r--r--insmod.h502logstatsplain
d---------linux-2.272logstatsplain
-rw-r--r--log.c1556logstatsplain
-rw-r--r--log.h738logstatsplain
-rw-r--r--lomount.c3195logstatsplain
-rw-r--r--lomount.h488logstatsplain
d---------mar241logstatsplain
-rw-r--r--minilibc.c4176logstatsplain
-rw-r--r--minilibc.h4825logstatsplain
d---------mkinitrd_helper81logstatsplain
-rw-r--r--modules.c10201logstatsplain
-rw-r--r--modules.h894logstatsplain
-rw-r--r--modules_descr.h2287logstatsplain
-rw-r--r--mount.c5227logstatsplain
-rw-r--r--mount.h705logstatsplain
-rw-r--r--mount_rpcgen.h6175logstatsplain
-rw-r--r--network.c21231logstatsplain
-rw-r--r--network.h1335logstatsplain
-rw-r--r--newt-frontend.c9251logstatsplain
d---------newt619logstatsplain
-rw-r--r--nfsmount.c7099logstatsplain
-rw-r--r--nfsmount.h11140logstatsplain
d---------pci-resource119logstatsplain
d---------pcmcia_743logstatsplain
d---------ppp946logstatsplain
-rw-r--r--probing.c18051logstatsplain
-rw-r--r--probing.h1072logstatsplain
-rw-r--r--rescue-gui.c5556logstatsplain
d---------rp-pppoe410logstatsplain
d---------slang2495logstatsplain
d---------stage1-data149logstatsplain
-rw-r--r--stage1.c11161logstatsplain
-rw-r--r--stage1.h1705logstatsplain
-rw-r--r--stdio-frontend.c7244logstatsplain
-rw-r--r--tools.c9448logstatsplain
-rw-r--r--tools.h1257logstatsplain
-rw-r--r--url.c10147logstatsplain
-rw-r--r--url.h1247logstatsplain
d---------usb-resource119logstatsplain
generated by cgit v1.2.1 (git 2.21.0) at 2025-03-01 16:28:21 +0000
ot;); output($ifcfg, join('', qq(DEVICE=$device BOOTPROTO=static IPADDR=$server_ip NETMASK=$netmask NETWORK=$lan_address.0 BROADCAST=$lan_address.255 ONBOOT=yes ), if_($conf && $conf->{MII_NOT_SUPPORTED}, "MII_NOT_SUPPORTED=$conf->{MII_NOT_SUPPORTED}\n") )); } #- install and setup the RPM packages my %rpm2file = ('dhcp-server' => '/usr/sbin/dhcpd', squid => '/usr/sbin/squid', bind => '/usr/sbin/named', shorewall => '/sbin/shorewall', 'caching-nameserver' => '/var/named/named.local'); #- first: try to install all in one step my @needed_to_install = grep { !-e $rpm2file{$_} } keys %rpm2file; @needed_to_install and $in->do_pkgs->install(@needed_to_install) if !$::testing; #- second: try one by one if failure detected if (!$::testing && any { !-e $rpm2file{$_} } keys %rpm2file) { foreach (keys %rpm2file) { -e $rpm2file{$_} or $in->do_pkgs->install($_); -e $rpm2file{$_} or fatal_quit(N("Problems installing package %s", $_)); } } put_in_hash($shorewall ||= {}, { disabled => 0, net_interface => $card_netconnect, loc_interface => [ grep { $_ ne $card_netconnect } @cards ], masquerade => { subnet => "$lan_address.0/$netmask" }, }); #- be sure that FORWARD_IPV4 is enabled in /etc/sysconfig/network log::explanations("Enabling IPV4 forwarding"); substInFile { s/^FORWARD_IPV4.*\n//; $_ .= "FORWARD_IPV4=true\n" if eof } $sysconf_network if !$::testing; #- setup the DHCP server if ($reconf_dhcp_server_intf && !$::testing) { log::explanations("Configuring a DHCP server on $lan_address.0"); renamef($dhcpd_conf, "$dhcpd_conf.old"); output($dhcpd_conf, qq(subnet $lan_address.0 netmask $netmask { # default gateway option routers $server_ip; option subnet-mask $netmask; option domain-name "$internal_domain_name"; option domain-name-servers $nameserver_ip; range dynamic-bootp $lan_address.$start_range $lan_address.$end_range; default-lease-time $default_lease; max-lease-time $max_lease; } )); } my $update_dhcp = '/usr/sbin/update_dhcp.pl'; -e $update_dhcp and system($update_dhcp); #- put the interface for the dhcp server in the sysconfig-dhcp config, for the /etc/init.d script of dhcpd log::explanations("Update network interfaces list for dhcpd server"); substInFile { s/^INTERFACES\n//; $_ .= qq(INTERFACES="$device"\n) if eof } $sysconf_dhcpd if !$::testing; #- setup the transparent SQUID Proxy Cache server log::explanations("Configuring a Transparent Squid Proxy Cache server on $lan_address.0"); renamef($squid_conf, "$squid_conf.old"); output($squid_conf, qq( http_port $squid_port hierarchy_stoplist cgi-bin ? acl QUERY urlpath_regex cgi-bin \\? no_cache deny QUERY cache_dir diskd /var/spool/squid $squid_cache_size 16 256 cache_store_log none auth_param basic children 5 auth_param basic realm Squid proxy-caching web server auth_param basic credentialsttl 2 hours refresh_pattern ^ftp: 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern . 0 20% 4320 half_closed_clients off acl all src 0.0.0.0/0.0.0.0 acl manager proto cache_object acl localhost src 127.0.0.1/255.255.255.255 acl to_localhost dst 127.0.0.0/8 acl SSL_ports port 443 563 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 563 # https, snews acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl CONNECT method CONNECT http_access allow manager localhost http_access deny manager http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access deny to_localhost acl mynetwork src $lan_address.0/$netmask http_access allow mynetwork http_access allow localhost http_reply_access allow all icp_access allow all visible_hostname $squid_visible_hostname httpd_accel_host virtual httpd_accel_with_proxy on httpd_accel_uses_host_header on append_domain .$internal_domain_name err_html_text $squid_admin_mail deny_info ERR_CUSTOM_ACCESS_DENIED all memory_pools off coredump_dir /var/spool/squid ie_refresh on )) if !$::testing; #- Set up /etc/cups/cupsd.conf to make the broadcasting of the printer info #- working correctly: #- #- 1. ServerName <server's IP address> # because clients do necessarily #- # know the server's name #- #- 2. BrowseAddress <server's Broadcast IP> # broadcast printer info into #- # the local network. #- #- 3. BrowseOrder Deny,Allow #- BrowseDeny All #- BrowseAllow <IP mask for local net> # Only accept broadcast signals #- # coming from local network #- #- 4. <Location /> #- Order Deny,Allow #- Deny From All #- Allow From <IP mask for local net> # Allow only machines of local #- </Location> # network to access the server #- #- These steps are only done when the CUPS package is installed. #- Modify the root location block in /etc/cups/cupsd.conf if (-f $cups_conf && !$::testing) { log::explanations("Updating CUPS configuration accordingly"); substInFile { s/^ServerName[^:].*\n//; $_ .= "ServerName $server_ip\n" if eof; s/^BrowseAddress.*\n//; $_ .= "BrowseAddress $lan_address.255\n" if eof; s/^BrowseOrder.*\n//; $_ .= "BrowseOrder Deny,Allow\n" if eof; s/^BrowseDeny.*\n//; $_ .= "BrowseDeny All\n" if eof; s/^BrowseAllow.*\n//; $_ .= "BrowseAllow $lan_address.*\n" if eof; } $cups_conf; my @cups_conf_content = cat_($cups_conf); my @root_location; my $root_location_start; my $root_location_end; # Cut out the root location block so that it can be treated seperately # without affecting the rest of the file if (any { m|^\s*<Location\s+/\s*>| } @cups_conf_content) { $root_location_start = -1; $root_location_end = -1; # Go through all the lines, bail out when start and end line found for (my $i = 0; $i < @cups_conf_content && $root_location_end == -1; $i++) { if ($cups_conf_content[$i] =~ m|^\s*<\s*Location\s+/\s*>|) { $root_location_start = $i; } elsif ($cups_conf_content[$i] =~ m|^\s*<\s*/Location\s*>| && $root_location_start != -1) { $root_location_end = $i; } } # Rip out the block and store it seperately @root_location = splice(@cups_conf_content, $root_location_start, $root_location_end - $root_location_start + 1); } else { # If there is no root location block, create one $root_location_start = @cups_conf_content; @root_location = ("<Location />\n", "</Location>\n"); } # Delete all former "Order", "Allow", and "Deny" lines from the root location block s/^\s*Order.*//, s/^\s*Allow.*//, s/^\s*Deny.*// foreach @root_location; # Add the new "Order" and "Deny" lines, add an "Allow" line for the local network splice(@root_location, -1, 0, $_) foreach "Order Deny,Allow\n", "Deny From All\n", "Allow From 127.0.0.1\n", "Allow From $lan_address.*\n"; # Put the changed root location block back into the file splice(@cups_conf_content, $root_location_start, 0, @root_location); output $cups_conf, @cups_conf_content; } #- start the daemons start_daemons(); network::shorewall::write($shorewall); print "add rules entries\n"; substInFile { s/#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE/REDIRECT\tloc\t$squid_port\ttcp\twww\t-\nACCEPT\tfw\tnet\ttcp\twww\n#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE/; } "/etc/shorewall/rules"; run_program::run('chkconfig', '--add', 'shorewall'); run_program::run('service', '>', '/dev/null', 'shorewall', 'restart') if $::isStandalone; #- bye-bye message undef $wait_configuring; $::Wizard_no_previous = 1; $::Wizard_finished = 1; $in->ask_okcancel(N("Congratulations!"), N("Everything has been configured. You may now share Internet connection with other computers on your Local Area Network, using automatic network configuration (DHCP) and a Transparent Proxy Cache server (SQUID).")); log::l("[drakgw] Installation complete, exiting"); quit_global($in, 0); sub quit_global { my ($in, $exitcode) = @_; $in->exit($exitcode); goto begin }
generated by cgit v1.2.1 (git 2.21.0) at 2025-03-01 16:28:21 +0000