add etables, finetune squid package, more busybox finetuning

package/Config.in

@@ -236,6 +236,7 @@ menu "Firewall / Routing / Bridging"
 source "package/arpd/Config.in"
 source "package/bridge-utils/Config.in"
 source "package/cutter/Config.in"
+source "package/ebtables/Config.in"
 source "package/ether-wake/Config.in"
 source "package/iproute2/Config.in"
 source "package/ipset/Config.in"

package/Makefile

@@ -83,6 +83,7 @@ package-$(ADK_PACKAGE_DSNIFF) += dsniff
 package-$(ADK_PACKAGE_E2FSPROGS) += e2fsprogs
 package-$(ADK_PACKAGE_LIBUUID) += e2fsprogs
 package-$(ADK_PACKAGE_LIBBLKID) += e2fsprogs
+package-$(ADK_PACKAGE_EBTABLES) += ebtables
 package-$(ADK_PACKAGE_ELINKS) += elinks
 package-$(ADK_PACKAGE_ESOUND) += esound
 package-$(ADK_PACKAGE_ETHER_WAKE) += ether-wake

package/base-files/extra/etc/profile

@@ -1,12 +1,12 @@
 export PATH=/bin:/sbin:/usr/bin:/usr/sbin
+export TERM=vt220
 if [[ $(id -u) = 0 ]]; then
 	export PS1='# '
 else
 	export PS1='$ '
+	export HOME=/tmp
 fi
-export HOME=/tmp
 cat /etc/banner 2>&-
-[ -x /usr/bin/less ] || alias less=more
+[ -x /usr/bin/vim ] && alias vi=vim || alias vim=vi
-[ -x /usr/bin/vim ] || alias vim=vi
 [ -x /usr/bin/arp ] || arp() { cat /proc/net/arp; }
 [ -x /usr/bin/ldd ] || ldd() { LD_TRACE_LOADED_OBJECTS=1 "$@"; }

package/base-files/extra/sbin/update

@@ -7,9 +7,8 @@ if [ $who -ne 0 ]; then
 fi
 
 cd /
-
+umount -f /etc
 mount -o remount,rw /
-umount /etc
 
 check_exit() {
 	if [ $? -ne 0 ];then
@@ -19,17 +18,17 @@ check_exit() {
 }
 
 extract_from_file() {
-        tar -xzvf $1
+        cat $1 | gunzip -c | tar -xvf -
 	check_exit
 }
 
 extract_from_ssh() {
-        ssh $1 "cat $2" | tar -xzvf -
+        ssh $1 "cat $2" | gunzip -c | tar -xvf -
 	check_exit
 }
 
 extract_from_http() {
-        wget -O - $1 | tar -xzvf -
+        wget -O - $1 | gunzip -c | tar -xvf -
 	check_exit
 }
                 
@@ -60,7 +59,7 @@ case $1 in
 esac
 
 sync
-mount --bind /etc /tmp/.cfgfs/root
+mount -o bind /etc /tmp/.cfgfs/root
 
 echo "Check with cfgfs status if you need to merge and save any changes in /etc."
 echo "You should reboot now."

package/busybox/config/Config.in

@@ -65,7 +65,7 @@ config BUSYBOX_SHOW_USAGE
 
 config BUSYBOX_FEATURE_VERBOSE_USAGE
 	bool "Show verbose applet usage messages"
-	default n
+	default y
 	select BUSYBOX_SHOW_USAGE
 	help
 	  All BusyBox applets will show more verbose help messages when
@@ -155,7 +155,7 @@ config BUSYBOX_FEATURE_CLEAN_UP
 
 config BUSYBOX_FEATURE_PIDFILE
 	bool "Support writing pidfiles"
-	default n
+	default y
 	help
 	  This option makes some applets (e.g. crond, syslogd, inetd) write
 	  a pidfile in /var/run. Some applications rely on them.

package/busybox/config/archival/Config.in

@@ -7,19 +7,19 @@ menu "Archival Utilities"
 
 config BUSYBOX_FEATURE_SEAMLESS_LZMA
 	bool "Make tar, rpm, modprobe etc understand .lzma data"
-	default n
+	default y
 	help
 	  Make tar, rpm, modprobe etc understand .lzma data.
 
 config BUSYBOX_FEATURE_SEAMLESS_BZ2
 	bool "Make tar, rpm, modprobe etc understand .bz2 data"
-	default n
+	default y
 	help
 	  Make tar, rpm, modprobe etc understand .bz2 data.
 
 config BUSYBOX_FEATURE_SEAMLESS_GZ
 	bool "Make tar, rpm, modprobe etc understand .gz data"
-	default n
+	default y
 	help
 	  Make tar, rpm, modprobe etc understand .gz data.
 
@@ -163,7 +163,7 @@ config BUSYBOX_GUNZIP
 
 config BUSYBOX_GZIP
 	bool "gzip"
-	default n
+	default y
 	help
 	  gzip is used to compress files.
 	  It's probably the most widely used UNIX compression program.
@@ -276,7 +276,7 @@ config BUSYBOX_FEATURE_TAR_LONG_OPTIONS
 
 config BUSYBOX_FEATURE_TAR_UNAME_GNAME
 	bool "Enable use of user and group names"
-	default n
+	default p
 	depends on BUSYBOX_TAR
 	help
 	  Enables use of user and group names in tar. This affects contents

package/busybox/config/init/Config.in

@@ -21,7 +21,7 @@ config BUSYBOX_FEATURE_USE_INITTAB
 
 config BUSYBOX_FEATURE_KILL_REMOVED
 	bool "Support killing processes that have been removed from inittab"
-	default y
+	default n
 	depends on BUSYBOX_FEATURE_USE_INITTAB
 	help
 	  When respawn entries are removed from inittab and a SIGHUP is
@@ -41,7 +41,7 @@ config BUSYBOX_FEATURE_KILL_DELAY
 
 config BUSYBOX_FEATURE_INIT_SCTTY
 	bool "Run commands with leading dash with controlling tty"
-	default n
+	default y
 	depends on BUSYBOX_INIT
 	help
 	  If this option is enabled, init will try to give a controlling
@@ -56,7 +56,7 @@ config BUSYBOX_FEATURE_INIT_SCTTY
 
 config BUSYBOX_FEATURE_INIT_SYSLOG
 	bool "Enable init to write to syslog"
-	default n
+	default y
 	depends on BUSYBOX_INIT
 
 config BUSYBOX_FEATURE_EXTRA_QUIET

package/busybox/config/networking/Config.in

@@ -60,7 +60,7 @@ config BUSYBOX_ARPING
 
 config BUSYBOX_BRCTL
 	bool "brctl"
-	depends on !ADK_PACKAGE_BRCTL
+	depends on !ADK_PACKAGE_BRIDGE_UTILS
 	default n
 	help
 	  Manage ethernet bridges.

package/ebtables/Config.in

@@ -0,0 +1,6 @@
+config ADK_PACKAGE_EBTABLES
+	prompt "ebtables.......................... Ethernet bridging firewall tool"
+	tristate
+	default n
+	help
+	  http://ebtables.sourceforge.net/

package/ebtables/Makefile

@@ -0,0 +1,28 @@
+# This file is part of the OpenADK project. OpenADK is copyrighted
+# material, please see the LICENCE file in the top-level directory.
+
+include ${TOPDIR}/rules.mk
+
+PKG_NAME:=		iptables
+PKG_VERSION:=		2.0.9
+PKG_RELEASE:=		1
+PKG_MD5SUM:=		44f13990132c20299c1994cd6f425140
+PKG_DESCR:=		ethernet bridging firewall tool
+PKG_SECTION:=		net
+PKG_URL:=		http://ebtables.sourceforge.net
+PKG_SITES:=		${MASTER_SITE_SOURCEFORGE:=ebtables/}
+
+DISTFILES:=		${PKG_NAME}-v${PKG_VERSION}-1.tar.gz
+
+include ${TOPDIR}/mk/package.mk
+
+$(eval $(call PKG_template,EBTABLES,${PKG_NAME},${PKG_VERSION}-${PKG_RELEASE},${PKG_DEPENDS},${PKG_DESCR},${PKG_SECTION}))
+
+CONFIGURE_STYLE:=	gnu
+BUILD_STYLE:=		auto
+INSTALL_STYLE:=		auto
+
+post-install:
+	${INSTALL_DIR} ${IDIR_EBTABLES}/usr/sbin
+
+include ${TOPDIR}/mk/pkg-bottom.mk

package/squid/Config.in

@@ -4,6 +4,7 @@ config ADK_PACKAGE_SQUID
 	tristate
 	default n
 	select ADK_PACKAGE_LIBOPENSSL
+	select ADK_PACKAGE_LIBPTHREAD
 	help
 	  Squid is a high-performance proxy caching server for web clients, 
 	  supporting FTP, gopher, and HTTP data objects. Unlike traditional 

package/squid/Makefile

@@ -5,7 +5,7 @@ include ${TOPDIR}/rules.mk
 
 PKG_NAME:=		squid
 PKG_VERSION:=		3.0.STABLE20
-PKG_RELEASE:=		1
+PKG_RELEASE:=		2
 PKG_MD5SUM:=		b69577cfc5cfb6808ec426e3a933220d
 PKG_DESCR:=		squid web and cache proxy
 PKG_SECTION:=		net
@@ -113,12 +113,9 @@ CONFIGURE_ARGS+=	--datadir=/usr/share/squid \
 			--enable-x-accelerator-vary \
 			--with-pthreads \
 			--with-dl \
-			--enable-icmp \
 			--enable-kill-parent-hack \
 			--enable-arp-acl \
 			--enable-ssl \
-			--disable-htcp \
-			--disable-esi \
 			--enable-err-languages=English \
 			--enable-default-err-language=English \
 			--enable-linux-netfilter \
@@ -128,6 +125,9 @@ CONFIGURE_ARGS+=	--datadir=/usr/share/squid \
 			--enable-cache-digests \
 			--enable-referer-log \
 			--enable-delay-pools \
+			--disable-snmp \
+			--disable-esi \
+			--disable-htcp \
 			--disable-wccp \
 			--disable-wccpv2 \
 			--enable-useragent-log \
@@ -149,8 +149,8 @@ endif
 
 post-install: ${INSTALL_MODS_y} ${INSTALL_MODS_m}
 	${INSTALL_DIR} ${IDIR_SQUID}/etc/squid
-	${INSTALL_DATA} ${WRKINST}/etc/squid/mime.conf \
+	${INSTALL_DATA} ${WRKINST}/etc/squid/mime.conf ${IDIR_SQUID}/etc/squid/
-			${WRKINST}/etc/squid/squid.conf ${IDIR_SQUID}/etc/squid/
+	${INSTALL_DATA} ./files/squid.conf ${IDIR_SQUID}/etc/squid/
 	${INSTALL_DIR} ${IDIR_SQUID}/usr/share/squid
 	${CP} ${WRKINST}/usr/share/squid/* ${IDIR_SQUID}/usr/share/squid/
 	${INSTALL_DIR} ${IDIR_SQUID}/usr/sbin ${IDIR_SQUID}/usr/lib/squid

package/squid/files/squid.conf

@@ -0,0 +1,27 @@
+visible_hostname linux
+http_port 3128
+# acl
+acl manager proto cache_object
+acl localhost src 127.0.0.1/32
+acl to_localhost dst 127.0.0.0/8 0.0.0.0/32
+acl localnet src 10.0.0.0/8	# RFC1918 possible internal network
+acl localnet src 172.16.0.0/12	# RFC1918 possible internal network
+acl localnet src 192.168.0.0/16	# RFC1918 possible internal network
+acl SSL_ports port 443
+acl Safe_ports port 80		# http
+acl Safe_ports port 21		# ftp
+acl Safe_ports port 443		# https
+acl Safe_ports port 70		# gopher
+acl Safe_ports port 210		# wais
+acl Safe_ports port 1025-65535	# unregistered ports
+acl Safe_ports port 280		# http-mgmt
+acl Safe_ports port 488		# gss-http
+acl Safe_ports port 591		# filemaker
+acl Safe_ports port 777		# multiling http
+acl CONNECT method CONNECT
+http_access allow manager localhost
+http_access deny manager
+http_access deny !Safe_ports
+http_access deny CONNECT !SSL_ports
+http_access allow localnet
+http_access deny all

target/alix1c/Makefile

@@ -13,7 +13,7 @@ kernel-install:
 ifeq ($(FS),ext2-cf)
 imageinstall: $(BIN_DIR)/$(ROOTFSTARBALL)
 	@echo
-	@echo "The RootFS tarball is: $(BIN_DIR)/$(ROOTFSTARBALL),"
+	@echo "The RootFS tarball is: $(BIN_DIR)/$(ROOTFSTARBALL)"
 	@echo "To install everything to CompactFlash use scripts/install.sh"
 	@echo 'Login as user root with password linux123 via ssh or console'
 endif

target/alix2d/Makefile

@@ -13,7 +13,7 @@ kernel-install:
 ifeq ($(FS),ext2-cf)
 imageinstall: $(BIN_DIR)/$(ROOTFSTARBALL)
 	@echo
-	@echo "The RootFS tarball is: $(BIN_DIR)/$(ROOTFSTARBALL),"
+	@echo "The RootFS tarball is: $(BIN_DIR)/$(ROOTFSTARBALL)"
 	@echo "To install everything to CompactFlash use scripts/install.sh"
 	@echo 'Login as user root with password linux123 via ssh or console'
 endif