#!/bin/sh BERING_VERSION=1.0 BERING_RELEASE=rc3 BERING_BASE_URL=http://leaf.sourceforge.net/devel/jnilo/bering/$BERING_RELEASE KERNEL_VERSION=2.4 KERNEL_RELEASE=18 KERNEL=linux-$KERNEL_VERSION.$KERNEL_RELEASE IPSEC_VERSION=1.97 IPVS_PATCH=linux-2.4.12-ipvs-0.8.2.patch.gz IPVS_PATCH_URL=http://www.linuxvirtualserver.org/software/kernel-2.4/$IPVS_PATCH UPX=/tmp/upx WGET=wget test $NO_DOWNLOAD && WGET=echo IPVS_PATCH=linux-2.4.12-ipvs-0.8.2.patch.gz IPVS_PATCH_URL=http://www.linuxvirtualserver.org/software/kernel-2.4/$IPVS_PATCH PGP_ERROR_MESSAGE="Have you already added the proper signature to your gpg keyring? If not, head on over to pgp.mit.edu or your favorite pgp key server and do so. The key ID is probably on the line before this warning message. You'll need to prefix it with 0x when searching pgp.mit.edu." KERNEL_URL=http://www.us.kernel.org/pub/linux/kernel/v$KERNEL_VERSION/$KERNEL.tar.bz2 echo "Fetching kernel." $WGET $KERNEL_URL echo "Fetching kernel signature." $WGET $KERNEL_URL.sign echo "Verifying kernel signature." if ! gpg --verify $KERNEL.tar.bz2.sign; then echo "Warning: Invalid kernel signature." echo $PGP_ERROR_MESSAGE exit -1 fi echo "Fetching default kernel configuration." $WGET $BERING_BASE_URL/Bering_1.0-rc3.config echo "Fetching freeswan version $IPSEC_VERSION." $WGET ftp://ftp.xs4all.nl/pub/crypto/freeswan/old/freeswan-$IPSEC_VERSION.tar.gz echo "Fetching freeswan signature." $WGET ftp://ftp.xs4all.nl/pub/crypto/freeswan/old/freeswan-$IPSEC_VERSION.tar.gz.sig echo "Verifying freeswan signature." if ! gpg --verify freeswan-$IPSEC_VERSION.tar.gz.sig; then echo "Warning: Invalid freeswan signature." echo $PGP_ERROR_MESSAGE exit -1 fi echo "Extracting kernel." tar xjf $KERNEL.tar.bz2 mv linux $KERNEL KERNEL_DIR=`pwd`/$KERNEL echo "Installing default configuration." cp Bering_1.0-rc3.config $KERNEL/.config echo "Extracting freeswan patch." tar xzf freeswan-$IPSEC_VERSION.tar.gz echo "Fetching and applying newnet13 patch." $WGET -q $BERING_BASE_URL/patches/kernel/newnat13-and-helpers-2.4.18.gz cd $KERNEL gunzip -c < ../newnat13-and-helpers-2.4.18.gz | patch -p1 cd .. echo "Fetching and applying unclean1 patch." $WGET -q $BERING_BASE_URL/patches/kernel/unclean1.patch cd $KERNEL cat ../unclean1.patch | patch -p1 cd .. echo "Fetching and applying htb2 patch." $WGET -q $BERING_BASE_URL/patches/kernel/htb2_2.4.17.diff cd $KERNEL cat ../htb2_2.4.17.diff | patch -p1 cd .. echo "Fetching and applying bridge-nf patch." $WGET -q $BERING_BASE_URL/patches/kernel/bridge-nf-0.0.7-against-2.4.18.diff cd $KERNEL cat ../bridge-nf-0.0.7-against-2.4.18.diff | patch -p1 cd .. echo "Fetching and applying openssl-mppe patch." $WGET -q $BERING_BASE_URL/patches/kernel/linux-2.4.16-openssl-0.9.6b-mppe-patch.gz cd $KERNEL gunzip -c < ../linux-2.4.16-openssl-0.9.6b-mppe-patch.gz | patch -p1 cd .. echo "Fetching and applying grsecurity patch." $WGET -q $BERING_BASE_URL/patches/kernel/grsecurity-1.9.4-2.4.18.patch.gz cd $KERNEL gunzip -c < ../grsecurity-1.9.4-2.4.18.patch.gz | patch -p1 cd .. echo "Fetching and applying ipvs patch." $WGET -q $IPVS_PATCH_URL cd $KERNEL gunzip -c < ../$IPVS_PATCH cd .. echo "Building the kernel and modules." cd $KERNEL #make menuconfig && make dep && make bzImage && make modules echo "Compressing the kernel." #$UPX -9 -v -o ../Bering_${BERING_VERSION}-${BERING_RELEASE}.upx arch/i386/boot/bzImage