Subversion Repositories ALCASAR

Rev

Rev 2990 | Rev 3079 | Go to most recent revision | Show entire file | Ignore whitespace | Details | Blame | Last modification | View Log

Rev 2990 Rev 3078
Line 1... Line 1...
1
By Rexy
1
By Rexy
2
 
2
 
3
ALCASAR need the following programs that don't be included as RPM in Mageia :
3
ALCASAR need the following programs that don't be included as RPM in Mageia :
4
  - coovachilli (the captive portal)
4
  - coovachilli (the captive portal)
5
  - havp (http antivirus proxy)
-
 
6
  - ipt_netflow kernel module (netflow log system)
5
  - ipt_netflow kernel module (netflow log system)
7
  - wkhtmltopdf (html to pdf renderer)
6
  - wkhtmltopdf (html to pdf renderer)
8
  - nfdump (collector & processor for netflow data)
7
  - nfdump (collector & processor for netflow data)
-
 
8
  - havp (http antivirus proxy) used before ALCASAR V3.5
9
 
9
 
10
This howto explains how to build RPM of these programs in order to keep the distribution clean
10
This howto explains how to build RPM of these programs in order to keep the distribution clean
11
The compilation options are set in /etc/rpm/macro.d/*
11
The compilation options are set in /etc/rpm/macro.d/*
12
The .spec & RPM can be test with the tool "rpmlint"
12
The .spec & RPM can be test with the tool "rpmlint"
13
 
13
 
Line 42... Line 42...
42
 
42
 
43
****  For ipt_netflow  ****
43
****  For ipt_netflow  ****
44
- Must be complied on a system which runs the target kernel. So install manually the targeted kernel and the same version of kernel-userspace-headers and reboot (ipt_NETFLOW will not load during this reboot) 
44
- Must be complied on a system which runs the target kernel. So install manually the targeted kernel and the same version of kernel-userspace-headers and reboot (ipt_NETFLOW will not load during this reboot) 
45
- install the RPMs "kernel-server-devel" (choose the targeted kernel), "lib64iptables-devel"
45
- install the RPMs "kernel-server-devel" (choose the targeted kernel), "lib64iptables-devel"
46
- download, uncompress and test the compilation of the last version of ipt-netflow (./configure --disable-dkms --disable-snmp-agent, make all install). The module is compiled in the same directory. The libs are copied in the /lib64/iptables (libip6t_NETFLOW.so & libipt_NETFLOW.so)
46
- download, uncompress and test the compilation of the last version of ipt-netflow (./configure --disable-dkms --disable-snmp-agent, make all install). The module is compiled in the same directory. The libs are copied in the /lib64/iptables (libip6t_NETFLOW.so & libipt_NETFLOW.so)
47
- test the module : go to the directory of sources and try to load it (modprobe ipt_NETFLOW), look at "journalctrl -f" to verify. Run "alcasar-iptables.sh" to reload netfilter rules (no errors should appear). Run "alcasar-daemon.sh" to verify that all is ok.
47
- test the module : go to the directory of sources and try to load it (insmod ./ipt_NETFLOW.ko), look at "journalctrl -f" to verify. Run "alcasar-iptables.sh" to reload netfilter rules (no errors should appear). Run "alcasar-daemon.sh" to verify that all is ok.
48
- if all is ok, copy the tarball in rpmbuild/SOURCES.
48
- if all is ok, copy the tarball in rpmbuild/SOURCES.
49
- Copy and adapt the .spec in rpmbuild/SPECS (change the versions of kernel and rpm).
49
- Copy and adapt the .spec in rpmbuild/SPECS (change the versions of kernel and rpm).
50
- Run "rpmbuild -bb ****.spec"
50
- Run "rpmbuild -bb ****.spec"
51
- install the fresh rpm (urpmi) and load ALCASAR iptables rules (alcasar-iptables.sh). Great job ;-) 
51
- install the fresh rpm (urpmi) and load ALCASAR iptables rules (alcasar-iptables.sh). Great job ;-) 
52
 
52