Files -- (Confessions of a lurker..)

Bob Gustafson bobgus@mcs.com
Fri, 9 Jun 2000 19:25:18 -0500 

Michel Pereira wrote on Wed, 7 Jun 2000 14:18:53 +1000

>Hello, I'm upgrading my kernel from 2.2 to 2.4, and I wan't to get
>netfilter work... But what files I need to update or install ???
>
>t++

I was in the same boat a week or so ago.  In fact, far worse.

(Confessions of a lurker)

I had a RH 6.1 system which had been up for about 90 days.  I was reluctant
to break it.  But, with encouragement from this list and others, I worked
out a process for keeping up with the Kernel patches...

My system is a PII 400Mhz, 120MB, 9+GB

The 2.4.0 kernel code I'm using is from
http://www.kernel.org/pub/linux/kernel/v2.4/linux-2.4.0-test1.tar.bz2

There is a patch 'ac11' which is available from
http://www.kernel.org/pub/linux/kernel/people/alan/2.4.0test/patch-2.4.0test1-ac
11.bz2

Note that the .ac11 part of the file name is not readily visible on the
(Netscape) window. Check the file dates to get the latest and then position
your cursor over the file name to read the entire name at the bottom margin
of the (Netscape) window. There may be later files by the time you read
this, so check for ac12 - ac13, etc.  Also, Linus will be getting back from
vacation in a week or so and the accumulated patches may be incorporated
into a 2.4.0-test2 file. Just keep in mind that these file names have a
limited lifetime.

Once you have these two files in the directory
/usr/src

If you execute the script (NOTE - THIS SCRIPT DELETES STUFF
DO NOT USE UNTIL YOU READ AND UNDERSTAND WHAT IT DOES):

You may wish to copy out your .config file first by

cp /usr/src/linux/.config /usr/src


[root@hoho0 src]# more mk.sh
rm -rf linux
rm -rf linux-2.4.0-test1
bzcat /usr/src/redhat/SOURCES/linux-2.4.0-test1.tar.bz2 | tar xf -
mv linux linux-2.4.0-test1
ln -s linux-2.4.0-test1 linux
cd linux
bzcat ../patch-2.4.0test1-ac11.bz2 | patch -p1
cp ../.config .
[root@hoho0 src]#

./mk.sh

This will delete your old files and unpack the new files and do the patch.

Once you have the files done, then, with the file
/usr/src/do.sh as given below:

[root@hoho0 src]# more do.sh
# Assumes that .config exists in /usr/src directory
cp .config ../.config
make clean
make mrproper
cp ../.config .
make xconfig # Make any changes necessary here
make mrproper 2>&1 | tee mrpro.out
cp ../.config .
make xconfig # just click on save and exit
make dep 2>&1 | tee dep.out
make clean 2>&1 | tee clean.out
make bzImage 2>&1 | tee bzimage.out
make modules 2>&1 | tee modules.out
make modules_install 2>&1 | tee modules_install.out
[root@hoho0 src]#

do a cd into the linux directory
cd linux

and then execute the do.sh script as: (NOTE that you need to have X running
and execute the script from an xterm - so that xconfig will work)


../do.sh

It will copy your current .config file from the /usr/src directory (it was
copied there wasn't it?) and then will execute xconfig twice (there seemed
to be a quirk which was solved for me by this procedure - maybe my
imagination).

Once the script has executed, you will have several *.out files (see below)

[root@hoho0 linux]# ls -lt *.out
-rw-rw-r--   1 root     root          600 Jun  8 23:28 modules_install.out
-rw-rw-r--   1 root     root        62790 Jun  8 23:28 modules.out
-rw-rw-r--   1 root     root        91114 Jun  8 23:24 bzimage.out
-rw-rw-r--   1 root     root         2424 Jun  8 23:15 clean.out
-rw-rw-r--   1 root     root        93955 Jun  8 23:15 dep.out
-rw-rw-r--   1 root     root         5312 Jun  8 23:14 mrpro.out
[root@hoho0 linux]#

The files, dates and times should be in this order.  Check the ends of the
files by doing a tail on each one

[root@hoho0 linux]# tail *.out

Look for Errors.  If there are none, and the files generally look OK, then
continue..

Go to the /boot directory

Where you have placed the script move.sh

[root@hoho0 linux]# cd /boot
[root@hoho0 /boot]# more move.sh
rm System.map
rm vmlinux
rm vmlinuz
# rm initrd-2.4.0-test1.img
cp /usr/src/linux/arch/i386/boot/bzImage vmlinuz-2.4.0-test1
cp /usr/src/linux/vmlinux vmlinux-2.4.0-test1
cp /usr/src/linux/System.map System.map-2.4.0-test1
ln -s vmlinuz-2.4.0-test1 vmlinuz
ln -s vmlinux-2.4.0-test1 vmlinux
ln -s System.map-2.4.0-test1 System.map
/sbin/mkinitrd -v -f initrd-2.4.0-test1 2.4.0-test1
/sbin/lilo
[root@hoho0 /boot]#

Again, carefully check this script to make sure that it is appropriate for
you. Then execute it (perhaps even by hand - line by line - cautiously)

[root@hoho0 /boot]# ./move.sh

Once this is done, you can shutdown and reboot

[root@hoho0 /boot]# shutdown -r now

Once the system comes back up successfully (sometimes it takes me two
reboots - going into the maintenance mode and then exiting to reboot
gracefully).

Then you can log in, start X, open an xterm and do su to go to root.

At this point, I rebuild iptables and reinstall and then give the command

[root@hoho0 src]# ./ipt.sh

Where the ipt.sh file (below) has been placed in the /usr/src directory

[root@hoho0 src]# more ipt.sh
# Rusty's quicky packet filtering
## Create chain which blocks new connections, except if from inside

#iptables -N block
iptables -A block -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A block -m state --state NEW -i ! ppp0 -j ACCEPT
iptables -A block -j LOG --log-level info
iptables -A block -j DROP

## Jump to that chain from INPUT and FORWARD chains
iptables -A INPUT -j block
iptables -A FORWARD -j block

# implement Masquerade
iptables -t nat -F
iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE
[root@hoho0 src]#

Then I rebuild the pppd package and reinstall pppd (may not be necessary)
and then start up the pppd daemon

[root@hoho0 src]# /usr/sbin/pppd call isp

And then adjust the routing

[root@hoho0 src]# /etc/ppp/peers/route.sh

And, presto, you have a brand new working system...

Good luck.