| Line 3... |
Line 3... |
| 3 |
ALCASAR need the following programs that don't be included as RPM in Mageia :
|
3 |
ALCASAR need the following programs that don't be included as RPM in Mageia :
|
| 4 |
- coovachilli (the captive portal)
|
4 |
- coovachilli (the captive portal)
|
| 5 |
- ipt_netflow kernel module (netflow log system)
|
5 |
- ipt_netflow kernel module (netflow log system)
|
| 6 |
- wkhtmltopdf (html to pdf renderer)
|
6 |
- wkhtmltopdf (html to pdf renderer)
|
| 7 |
- nfdump (collector & processor for netflow data)
|
7 |
- nfdump (collector & processor for netflow data)
|
| 8 |
- havp (http antivirus proxy) used before ALCASAR V3.5
|
8 |
- havp (http antivirus proxy) used only before ALCASAR V3.5
|
| 9 |
|
9 |
|
| 10 |
This howto explains how to build RPM of these programs in order to keep the distribution clean
|
10 |
This howto explains how to build RPM of these programs in order to keep the distribution clean
|
| 11 |
The compilation options are set in /etc/rpm/macro.d/*
|
11 |
The compilation options are set in /etc/rpm/macro.d/*
|
| 12 |
The .spec & RPM can be test with the tool "rpmlint"
|
12 |
The .spec & RPM can be test with the tool "rpmlint"
|
| 13 |
|
13 |
|
| 14 |
**** Prepare the RPM creation structure ***
|
14 |
**** Prepare the RPM creation structure ***
|
| 15 |
- upadate your system : urpmi --auto-update
|
15 |
- update your system : urpmi --auto-update
|
| 16 |
- install the following RPMs : urpmi kernel-userspace-headers rpm-build gengetopt libtool
|
16 |
- install the following RPMs : urpmi kernel-userspace-headers rpm-build gengetopt libtool
|
| 17 |
- create directories structure in your home : mkdir -p ~/rpmbuild/{SRPMS,SOURCES,SPECS,tmp}
|
17 |
- create directories structure in your home : mkdir -p ~/rpmbuild/{SRPMS,SOURCES,SPECS,tmp}
|
| 18 |
- Option : find the ".rpmmacros" file on mageia wiki (https://wiki.mageia.org/en/Packagers_RPM_tutorial) and copy it in your home directory
|
18 |
- Option : find the ".rpmmacros" file on mageia wiki (https://wiki.mageia.org/en/Packagers_RPM_tutorial) and copy it in your home directory
|
| 19 |
|
19 |
|
| 20 |
**** For Coova-chilli *****
|
20 |
**** For Coova-chilli *****
|
| Line 42... |
Line 42... |
| 42 |
- rpmbuild -bb ***.spec
|
42 |
- rpmbuild -bb ***.spec
|
| 43 |
|
43 |
|
| 44 |
**** For ipt_netflow ****
|
44 |
**** For ipt_netflow ****
|
| 45 |
- Must be complied on a system which runs the target kernel. So install manually the targeted kernel and the same version of kernel-userspace-headers and reboot (ipt_NETFLOW will not load during this reboot)
|
45 |
- Must be complied on a system which runs the target kernel. So install manually the targeted kernel and the same version of kernel-userspace-headers and reboot (ipt_NETFLOW will not load during this reboot)
|
| 46 |
- install the RPMs "kernel-server-devel" (choose the targeted kernel), "lib64iptables-devel"
|
46 |
- install the RPMs "kernel-server-devel" (choose the targeted kernel), "lib64iptables-devel"
|
| 47 |
- download, uncompress and test the compilation of the last version of ipt-netflow (./configure --disable-dkms --disable-snmp-agent, make all install). The module is compiled in the same directory. The libs are copied in the /lib64/iptables (libip6t_NETFLOW.so & libipt_NETFLOW.so)
|
47 |
- download, uncompress and test the compilation of the last version of ipt-netflow (./configure --disable-dkms --disable-snmp-agent, make all install). The module is compiled in the same directory (ipt_NETFLOW.ko). The libs are copied in the /lib64/iptables (libip6t_NETFLOW.so & libipt_NETFLOW.so)
|
| 48 |
- test the module : go to the directory of sources and try to load it (insmod ./ipt_NETFLOW.ko), look at "journalctrl -f" to verify. Run "alcasar-iptables.sh" to reload netfilter rules (no errors should appear). Run "alcasar-daemon.sh" to verify that all is ok.
|
48 |
- test the module : go to the directory of sources and try to load it (insmod ./ipt_NETFLOW.ko), look at "journalctrl -f" to verify that the module is corectly loaded).
|
| - |
|
49 |
- Run "alcasar-iptables.sh" to reload netfilter rules (no errors should appear). Run "alcasar-daemon.sh" to verify that all is ok.
|
| 49 |
- if all is ok, copy the tarball in rpmbuild/SOURCES.
|
50 |
- if all is ok, copy the tarball in rpmbuild/SOURCES.
|
| 50 |
- Copy and adapt the .spec in rpmbuild/SPECS (change the versions of kernel, kernel source and rpm).
|
51 |
- Copy and adapt the .spec in rpmbuild/SPECS (change the versions of kernel, kernel source and rpm).
|
| 51 |
- Run "rpmbuild -bb ****.spec"
|
52 |
- Run "rpmbuild -bb ****.spec"
|
| 52 |
- install the fresh rpm (urpmi) and load ALCASAR iptables rules (alcasar-iptables.sh). Great job ;-)
|
53 |
- install the fresh rpm (urpmi) and load ALCASAR iptables rules (alcasar-iptables.sh). Great job ;-)
|
| 53 |
|
54 |
|