-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathINSTALL
64 lines (49 loc) · 4.02 KB
/
INSTALL
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
This software requires the following dependencies you may install as root like this:
# pkg install curl pkgconf
Once installed you will need to run the following as root to set up pf:
# sysrc pf_enable="YES"
pf_enable: NO -> YES
You will need to have some kind of /etc/pf.conf for pf and this program to work. If you are unfamilar with this, you may use something like the following and edit for your needs:
# Skip filtering on the loopback interface
set skip on lo0
# Default block all traffic
block all
# Allow SSH traffic
pass in proto tcp to port { 22 }
# Allow DNS, NTP, and HTTP/HTTPS traffic
pass out proto { tcp udp } to port { 22 53 80 123 443 }
# Allow ICMP echo requests
pass out inet proto icmp icmp-type { echoreq }
You will also need the following in your /boot/loader.conf:
net.pf.states_hashsize=2097152
net.pf.src_nodes_hashsize=2097152
net.pf.request_maxcount=3000000
As these values are only loaded at boot-time, you will need to reboot to apply them. From there you may navigate back to the directory for this software and run the following as root to install:
chmod +x configure
./configure
make install clean
This might take a minute to complete, but you should eventually see something like this:
# ./configure
Checking for cc...
Checking for pfctl...
Checking for curl...
Checking for pkgconf...
You may now run 'make install clean'.
# make install clean
cc -Wall -Wextra -Werror -pedantic -O2 -pipe -march=native --std=c17 -march=native -fPIC -D_FORTIFY_SOURCE=2 -fstack-protector-strong -Wformat -Wformat-security -flto -fvisibility=hidden -fno-common -Wshadow -fstrict-aliasing -Wuninitialized `pkg-config --cflags libcurl` -c retrieve.c -o retrieve.o
cc -Wall -Wextra -Werror -pedantic -O2 -pipe -march=native --std=c17 -march=native -fPIC -D_FORTIFY_SOURCE=2 -fstack-protector-strong -Wformat -Wformat-security -flto -fvisibility=hidden -fno-common -Wshadow -fstrict-aliasing -Wuninitialized -c copy.c -o copy.o
cc -Wall -Wextra -Werror -pedantic -O2 -pipe -march=native --std=c17 -march=native -fPIC -D_FORTIFY_SOURCE=2 -fstack-protector-strong -Wformat -Wformat-security -flto -fvisibility=hidden -fno-common -Wshadow -fstrict-aliasing -Wuninitialized -c parser.c -o parser.o
cc -Wall -Wextra -Werror -pedantic -O2 -pipe -march=native --std=c17 -march=native -fPIC -D_FORTIFY_SOURCE=2 -fstack-protector-strong -Wformat -Wformat-security -flto -fvisibility=hidden -fno-common -Wshadow -fstrict-aliasing -Wuninitialized -c dupe_parse.c -o dupe_parse.o
cc -Wall -Wextra -Werror -pedantic -O2 -pipe -march=native --std=c17 -march=native -fPIC -D_FORTIFY_SOURCE=2 -fstack-protector-strong -Wformat -Wformat-security -flto -fvisibility=hidden -fno-common -Wshadow -fstrict-aliasing -Wuninitialized -c table_loader.c -o table_loader.o
cc -Wall -Wextra -Werror -pedantic -O2 -pipe -march=native --std=c17 -march=native -fPIC -D_FORTIFY_SOURCE=2 -fstack-protector-strong -Wformat -Wformat-security -flto -fvisibility=hidden -fno-common -Wshadow -fstrict-aliasing -Wuninitialized -c pfcount.c -o pfcount.o
cc -Wall -Wextra -Werror -pedantic -O2 -pipe -march=native --std=c17 -march=native -fPIC -D_FORTIFY_SOURCE=2 -fstack-protector-strong -Wformat -Wformat-security -flto -fvisibility=hidden -fno-common -Wshadow -fstrict-aliasing -Wuninitialized -c main.c -o main.o
cc -Wall -Wextra -Werror -pedantic -O2 -pipe -march=native --std=c17 -march=native -fPIC -D_FORTIFY_SOURCE=2 -fstack-protector-strong -Wformat -Wformat-security -flto -fvisibility=hidden -fno-common -Wshadow -fstrict-aliasing -Wuninitialized retrieve.o copy.o parser.o dupe_parse.o table_loader.o pfcount.o main.o -o pfpb -Wl,-O1,--sort-common,--as-needed,-z,relro,-z,now,-lssl,-lcrypto,-lz -fPIE -pie -Wl,-z,noexecstack -Wl,-z,relro -Wl,-z,now `pkg-config --libs libcurl`
mkdir -p /var/pfpb/gzips
mkdir -p /var/pfpb/tables
cp -v config.txt /var/pfpb
config.txt -> /var/pfpb/config.txt
touch /tmp/original_entries.txt
install -m 755 pfpb /usr/sbin/pfpb
Retrieving default free lists. Please wait...
Install is complete.
rm -f retrieve.o copy.o parser.o dupe_parse.o table_loader.o pfcount.o main.o pfpb