Index: /branches/releng-9.0/nanobsd/cfg/nanobsd.wleiden =================================================================== --- /branches/releng-9.0/nanobsd/cfg/nanobsd.wleiden (revision 10610) +++ /branches/releng-9.0/nanobsd/cfg/nanobsd.wleiden (revision 10612) @@ -28,35 +28,36 @@ NANO_PACKAGE_DIR=$NANO_CONF_DIR/../pkg/All +# Wireless Leiden ports from $WL_PORTSDIR are copied OVER $PORTSDIR PORTSDIR='/usr/ports' WL_PORTSDIR="$NANO_CONF_DIR/../ports/" + # Dirty quirk to allow comments in part below -PACKAGE_LIST=`cat < +# +# $FreeBSD$ +# + +PORTNAME= maradns +PORTVERSION= 2.0.05 +CATEGORIES= dns +MASTER_SITES= http://www.maradns.org/download/2.0/${PORTVERSION}/ \ + SF/${PORTNAME}/MaraDNS/${PORTVERSION}/ + +MAINTAINER= info@rickvanderzwet.nl +COMMENT= DNS server with focus on security and simplicity + +LICENSE= BSD +LICENSE_FILE= ${WRKSRC}/COPYING + +CONFLICTS= maradns-1.? + +OPTIONS= IPV6 "Enable IPv6 Support" Off +.include + +.if defined(WITH_IPV6) +CONFIGURE_ARGS+= --ipv6 +.endif + +LATEST_LINK= maradns2 + +USE_RC_SUBR= ${PORTNAME} deadwood zoneserver +USERS= bind +GROUPS= bind + +MAN1= deadwood.1 askmara.1 fetchzone.1 getzone.1 +MAN5= csv1.5 csv2.5 csv2_txt.5 mararc.5 +MAN8= duende.8 maradns.8 zoneserver.8 + +post-extract: + ${MV} ${WRKSRC}/doc/en/man/Deadwood.1 ${WRKSRC}/doc/en/man/deadwood.1 + # The internal deadwood release seems to differ all the time, but the + # patches needs to stay more and less the same + ${LN} -s ${WRKSRC}/deadwood* ${WRKSRC}/deadwood + +do-install: + ${INSTALL_PROGRAM} ${WRKSRC}/deadwood-*/src/Deadwood ${PREFIX}/sbin/deadwood + ${INSTALL_PROGRAM} ${WRKSRC}/server/maradns ${PREFIX}/sbin/maradns + ${INSTALL_PROGRAM} ${WRKSRC}/tcp/fetchzone ${PREFIX}/bin/fetchzone + ${INSTALL_PROGRAM} ${WRKSRC}/tcp/getzone ${PREFIX}/bin/getzone + ${INSTALL_PROGRAM} ${WRKSRC}/tcp/zoneserver ${PREFIX}/sbin/zoneserver + ${INSTALL_PROGRAM} ${WRKSRC}/tools/askmara ${PREFIX}/bin/askmara + ${INSTALL_PROGRAM} ${WRKSRC}/tools/duende ${PREFIX}/bin/duende + + ${INSTALL_DATA} ${WRKSRC}/doc/en/examples/example_full_mararc ${PREFIX}/etc/mararc.sample + ${INSTALL_DATA} ${WRKSRC}/deadwood-*/doc/dwood3rc ${PREFIX}/etc/dwood3rc.sample + + ${MKDIR} ${PREFIX}/etc/maradns ${PREFIX}/etc/deadwood + +.if !defined(NOPORTEXAMPLES) + ${MKDIR} ${EXAMPLESDIR} + (cd ${WRKSRC}/doc/en/examples/ && ${COPYTREE_SHARE} example_\* ${EXAMPLESDIR}) +.endif +.if !defined(NO_INSTALL_MANPAGES) + ${INSTALL_MAN} ${WRKSRC}/doc/en/man/*.1 ${PREFIX}/man/man1/ + ${INSTALL_MAN} ${WRKSRC}/doc/en/man/*.5 ${PREFIX}/man/man5/ + ${INSTALL_MAN} ${WRKSRC}/doc/en/man/*.8 ${PREFIX}/man/man8/ +.endif +.if !defined(NOPORTDOCS) + ${MKDIR} ${DOCSDIR} + (cd ${WRKSRC}/doc/en/ && ${COPYTREE_SHARE} "misc text tutorial webpage" ${DOCSDIR}) + (cd ${WRKSRC}/doc/en/ && ${COPYTREE_SHARE} \*.txt ${DOCSDIR}) +.endif +#(cd ${WRKSRC}/doc/en/ && ${COPYTREE_SHARE} misc text tutorial webpage ${DOCSDIR}) + +PORTDOCS= misc text tutorial webpage *.txt +PORTEXAMPLES= example_* + +.include Index: /branches/releng-9.0/nanobsd/ports/dns/maradns2/distinfo =================================================================== --- /branches/releng-9.0/nanobsd/ports/dns/maradns2/distinfo (revision 10612) +++ /branches/releng-9.0/nanobsd/ports/dns/maradns2/distinfo (revision 10612) @@ -0,0 +1,2 @@ +SHA256 (maradns-2.0.05.tar.gz) = 5649b11169d20dbbe640110639343dd68eeae718475407200213bbaa52d400ba +SIZE (maradns-2.0.05.tar.gz) = 1525709 Index: /branches/releng-9.0/nanobsd/ports/dns/maradns2/files/deadwood.in =================================================================== --- /branches/releng-9.0/nanobsd/ports/dns/maradns2/files/deadwood.in (revision 10612) +++ /branches/releng-9.0/nanobsd/ports/dns/maradns2/files/deadwood.in (revision 10612) @@ -0,0 +1,25 @@ +#!/bin/sh +# +# $FreeBSD$ +# + +# PROVIDE: deadwood +# REQUIRE: SERVERS +# BEFORE: DAEMON +# KEYWORD: shutdown +# + +. /etc/rc.subr + +: ${deadwood_enable="NO"} +: ${deadwood_conf="%%PREFIX%%/etc/dwood3rc"} + +name="deadwood" +rcvar=deadwood_enable +command="%%PREFIX%%/bin/duende" +pidfile="/var/run/${name}.pid" +command_args="--pid=$pidfile %%PREFIX%%/sbin/deadwood -f ${deadwood_conf}" + +load_rc_config $name + +run_rc_command "$1" Index: /branches/releng-9.0/nanobsd/ports/dns/maradns2/files/maradns.in =================================================================== --- /branches/releng-9.0/nanobsd/ports/dns/maradns2/files/maradns.in (revision 10612) +++ /branches/releng-9.0/nanobsd/ports/dns/maradns2/files/maradns.in (revision 10612) @@ -0,0 +1,25 @@ +#!/bin/sh +# +# $FreeBSD: ports/dns/maradns/files/maradns.in,v 1.5 2012/01/14 08:55:38 dougb Exp $ +# + +# PROVIDE: maradns +# REQUIRE: SERVERS +# BEFORE: DAEMON +# KEYWORD: shutdown +# + +. /etc/rc.subr + +: ${maradns_enable="NO"} +: ${maradns_conf="%%PREFIX%%/etc/mararc"} + +name="maradns" +rcvar=maradns_enable +command="%%PREFIX%%/bin/duende" +pidfile="/var/run/${name}.pid" +command_args="--pid=$pidfile %%PREFIX%%/sbin/maradns -f ${maradns_conf}" + +load_rc_config $name + +run_rc_command "$1" Index: /branches/releng-9.0/nanobsd/ports/dns/maradns2/files/patch-change-default-uid =================================================================== --- /branches/releng-9.0/nanobsd/ports/dns/maradns2/files/patch-change-default-uid (revision 10612) +++ /branches/releng-9.0/nanobsd/ports/dns/maradns2/files/patch-change-default-uid (revision 10612) @@ -0,0 +1,102 @@ +--- MaraDns.h.orig 2012-02-10 22:16:39.000000000 +0100 ++++ MaraDns.h 2012-02-10 22:17:25.000000000 +0100 +@@ -77,16 +77,16 @@ + line to point to Bash + */ + +-#define MARADNS_DEFAULT_UID 99 ++#define MARADNS_DEFAULT_UID 53 + + /* The default GID (Group ID) that MaraDNS has; see the default UID notes + above. Again: CHANGE THE MARARC MAN PAGE IF YOU CHANGE THIS VALUE */ +-#define MARADNS_DEFAULT_GID 99 ++#define MARADNS_DEFAULT_GID 53 + + /* The UID that the Duende logging process uses. CHANGE THE DUENDE MAN + PAGE IF YOU CHANGE THIS VALUE (same general process as changing the + mararc man page; the source file for the duende man page is duende.ej) */ +-#define DUENDE_LOGGER_UID 66 ++#define DUENDE_LOGGER_UID 65534 + + /* The directory that Duende runs in. This directory has to exist for + Duende to be able to run. Again, IF YOU CHANGE THIS, CHANGE THE +--- doc/en/examples/example_full_mararc.orig 2011-02-06 03:21:42.000000000 +0100 ++++ doc/en/examples/example_full_mararc 2012-02-11 02:13:22.000000000 +0100 +@@ -14,11 +14,11 @@ + # "10.1.2.3,10.1.2.4,127.0.0.1" + ipv4_bind_addresses = "127.0.0.1" + # The directory with all of the zone files +-chroot_dir = "/etc/maradns" ++chroot_dir = "/usr/local/etc/maradns" + # The numeric UID MaraDNS will run as +-maradns_uid = 99 ++maradns_uid = 65534 + # The (optional) numeric GID MaraDNS will run as +-# maradns_gid = 99 ++# maradns_gid = 65534 + + # Normally, MaraDNS has some MaraDNS-specific features, such as DDIP + # synthesizing, a special DNS query ("erre-con-erre-cigarro.maradns.org." +--- doc/en/man/deadwood.1.orig 2012-02-10 22:20:19.000000000 +0100 ++++ doc/en/man/deadwood.1 2012-02-10 22:22:17.000000000 +0100 +@@ -178,15 +178,14 @@ + \fBmaradns_uid\fR + .PP + The user-id Deadwood runs as. This can be any number +-between 10 and 65535; the default value is 99 (nobody on +-RedHat-derived Linux distributions). This value is not +-used on Windows systems. ++between 10 and 65535; the default value is 65534 (nobody). ++This value is not used on Windows systems. + .PP + .in -3 + \fBmaradns_gid\fR + .PP + The group-id Deadwood runs as. This can be any +-number between 10 and 65535; the default value is 99. This ++number between 10 and 65535; the default value is 65534 (nobody). This + value is not used on Windows systems. + .PP + .in -3 +--- doc/en/man/mararc.5.orig 2012-02-10 22:20:28.000000000 +0100 ++++ doc/en/man/mararc.5 2012-02-10 22:21:03.000000000 +0100 +@@ -592,7 +592,7 @@ + damage a potential attacker can cause should there be a security + problem with MaraDNS. This is the UID maradns becomes. + .PP +-The default UID is 99. ++The default UID is 65534. + .PP + .in -3 + \fBmaradns_gid\fR +@@ -601,7 +601,7 @@ + .PP + This accepts a single numerical value: The GID to run MaraDNS as. + .PP +-The default GID is 99. ++The default GID is 65534. + .PP + .in -3 + \fBmax_ar_chain\fR +--- deadwood/doc/dwood3rc.orig 2011-11-01 17:25:23.000000000 +0100 ++++ deadwood/doc/dwood3rc 2012-02-11 02:15:16.000000000 +0100 +@@ -6,7 +6,7 @@ + # The following line is disabled by being commented out + #bind_address="::1" # We have optional IPv6 support + +-chroot_dir = "/etc/deadwood" # Directory we run program from (not used in Win32) ++chroot_dir = "/usr/local/etc/deadwood" # Directory we run program from (not used in Win32) + + # The following upstream DNS servers are Google's newly-announced (as of + # December, 2009) public DNS servers. For more information, see +@@ -37,8 +37,8 @@ + maxprocs = 8 # Maximum number of pending requests + handle_overload = 1 # Send SERVER FAIL when overloaded + +-maradns_uid = 99 # UID Deadwood runs as +-maradns_gid = 99 # GID Deadwood runs as ++maradns_uid = 65534 # UID Deadwood runs as ++maradns_gid = 65534 # GID Deadwood runs as + + maximum_cache_elements = 60000 + Index: /branches/releng-9.0/nanobsd/ports/dns/maradns2/files/patch-configure =================================================================== --- /branches/releng-9.0/nanobsd/ports/dns/maradns2/files/patch-configure (revision 10612) +++ /branches/releng-9.0/nanobsd/ports/dns/maradns2/files/patch-configure (revision 10612) @@ -0,0 +1,14 @@ +--- configure.orig 2012-02-10 22:32:58.000000000 +0100 ++++ configure 2012-02-10 22:34:11.000000000 +0100 +@@ -92,6 +92,11 @@ + echo It looks like you are using Cygwin\; this should compile fine + echo by typing in \'make\'. + EXITCODE=0 ++elif echo $UNAME | grep -i FreeBSD > /dev/null ; then ++ cat $BUILDDIR/Makefile.noflock >> Makefile ++ echo It looks like you are using FreeBSD\; this should compile fine ++ echo by typing in \'make\'. ++ EXITCODE=0 + # This is a a template for adding support to a new OS for MaraDNS. + # Some points: If you port MaraDNS, make sure the underlying OS has + # /dev/urandom support or have the default mararc have a Index: /branches/releng-9.0/nanobsd/ports/dns/maradns2/files/patch-tools_duende.c =================================================================== --- /branches/releng-9.0/nanobsd/ports/dns/maradns2/files/patch-tools_duende.c (revision 10612) +++ /branches/releng-9.0/nanobsd/ports/dns/maradns2/files/patch-tools_duende.c (revision 10612) @@ -0,0 +1,32 @@ +--- tools/duende.c.orig 2011-11-12 09:25:42.000000000 +0100 ++++ tools/duende.c 2012-02-11 01:32:42.000000000 +0100 +@@ -35,6 +35,7 @@ + #include + #include + #include ++#include + #include + #include + #include +@@ -66,9 +67,20 @@ + /* We can't use our signal handlers because fgets is blocking */ + signal(SIGTERM,SIG_DFL); + signal(SIGHUP,SIG_DFL); ++ ++ /* Prefix MaraDNS syslog messages with ident of "maradns:" ++ instead of "/usr/local/sbin/maradns:" */ ++ char *needle, *ident; ++ needle = strrchr(name,'/'); ++ /* needle found and not at the end of string */ ++ if (needle && *(needle + 1) != '\0') { ++ ident = needle + 1; ++ } else { ++ ident = name; ++ } + + /* Open up the sys log */ +- openlog(name,0,LOG_DAEMON); ++ openlog(ident,0,LOG_DAEMON); + + /* Drop all privileges */ + if(chdir(DUENDE_CHROOT_DIR) != 0) { Index: /branches/releng-9.0/nanobsd/ports/dns/maradns2/files/zoneserver.in =================================================================== --- /branches/releng-9.0/nanobsd/ports/dns/maradns2/files/zoneserver.in (revision 10612) +++ /branches/releng-9.0/nanobsd/ports/dns/maradns2/files/zoneserver.in (revision 10612) @@ -0,0 +1,25 @@ +#!/bin/sh +# +# $FreeBSD: ports/dns/maradns/files/zoneserver.in,v 1.5 2012/01/14 08:55:38 dougb Exp $ +# + +# PROVIDE: zoneserver +# REQUIRE: SERVERS +# BEFORE: DAEMON +# KEYWORD: shutdown +# + +. /etc/rc.subr + +: ${zoneserver_enable="NO"} +: ${maradns_conf="%%PREFIX%%/etc/mararc"} + +name="zoneserver" +rcvar=zoneserver_enable +command="%%PREFIX%%/bin/duende" +command_args="%%PREFIX%%/sbin/zoneserver -f ${maradns_conf}" +pidfile="/var/run/${name}.pid" + +load_rc_config $name + +run_rc_command "$1" Index: /branches/releng-9.0/nanobsd/ports/dns/maradns2/pkg-descr =================================================================== --- /branches/releng-9.0/nanobsd/ports/dns/maradns2/pkg-descr (revision 10612) +++ /branches/releng-9.0/nanobsd/ports/dns/maradns2/pkg-descr (revision 10612) @@ -0,0 +1,24 @@ +MaraDNS is a package that implements the Domain Name Service (DNS), an +essential internet service. MaraDNS has the following advantages: + +o Secure. MaraDNS has a security history as good as or better than any other DNS + server. For example, MaraDNS has always randomized, using a secure random + number generator, the Query ID and source port of DNS queries; and was never + vulnerable to the "new" cache poisoning attack. + +o Supported. MaraDNS has a long history of being maintained and updated. + Actively developed since 2001, MaraDNS continues to be fully supported: The + most recent release was done on August 4, 2009. Deadwood, the code that will + become part of MaraDNS 2.0, is frequently updated. + +o Easy to use. A basic recursive configuration needs only a single three-line + configuration file. A basic authoritative configuration needs only a four-line + configuration file and a one-line zone file. MaraDNS is fully documented, with + both easy-to-follow tutorials and a complete and up-to-date reference manual. + +o Small. MaraDNS is well suited for embedded applications and other environments + where the server must use the absolute minimum number of resources possible. + MaraDNS' binary is smaller than that of any other currently maintained + recursive DNS server. + +WWW: http://www.maradns.org/ Index: /branches/releng-9.0/nanobsd/ports/dns/maradns2/pkg-plist =================================================================== --- /branches/releng-9.0/nanobsd/ports/dns/maradns2/pkg-plist (revision 10612) +++ /branches/releng-9.0/nanobsd/ports/dns/maradns2/pkg-plist (revision 10612) @@ -0,0 +1,13 @@ +bin/askmara +bin/duende +bin/fetchzone +bin/getzone +etc/mararc.sample +etc/dwood3rc.sample +sbin/deadwood +sbin/maradns +sbin/zoneserver +@exec mkdir -p %D/etc/maradns +@dirrmtry etc/maradns +@exec mkdir -p %D/etc/deadwood +@dirrmtry etc/deadwood Index: /branches/releng-9.0/nanobsd/ports/net/lvrouted/Makefile =================================================================== --- /branches/releng-9.0/nanobsd/ports/net/lvrouted/Makefile (revision 10612) +++ /branches/releng-9.0/nanobsd/ports/net/lvrouted/Makefile (revision 10612) @@ -0,0 +1,32 @@ +# New ports collection makefile for: lrvrouted +# Date created: 2009-07-12 +# Whom: Rick van der Zwet +# +# $FreeBSD: $ +# + +PORTNAME= lvrouted +PORTVERSION= 9413 +CATEGORIES= net +MASTER_SITES= http://webfolder.wirelessleiden.nl/lvrouted/ \ + http://rickvanderzwet.nl/mirror/lvrouted/ + +MAINTAINER= info@rickvanderzwet.nl +COMMENT= Lvrouted is a very simple shortest-path routing daemon + +GNU_CONFIGURE= yes +USE_AUTOTOOLS= autoconf autoheader + +BUILD_DEPENDS+= ocamlopt:${PORTSDIR}/lang/ocaml-nox11 \ + ocamlfind:${PORTSDIR}/devel/ocaml-findlib + +USE_RC_SUBR= lvrouted + +post-install: +.if !defined(NOPORTDOCS) + ${MKDIR} ${DOCSDIR} + ${INSTALL_MAN} ${WRKSRC}/docs/lvrouted.ps ${DOCSDIR} + ${INSTALL_MAN} ${WRKSRC}/docs/lvrouted.html ${DOCSDIR} +.endif + +.include Index: /branches/releng-9.0/nanobsd/ports/net/lvrouted/distinfo =================================================================== --- /branches/releng-9.0/nanobsd/ports/net/lvrouted/distinfo (revision 10612) +++ /branches/releng-9.0/nanobsd/ports/net/lvrouted/distinfo (revision 10612) @@ -0,0 +1,2 @@ +SHA256 (lvrouted-9413.tar.gz) = c924e9c3778719cb257c288a3f6c50bee87b7e580a502a06ca87d27fb487ce52 +SIZE (lvrouted-9413.tar.gz) = 61095 Index: /branches/releng-9.0/nanobsd/ports/net/lvrouted/files/lvrouted.in =================================================================== --- /branches/releng-9.0/nanobsd/ports/net/lvrouted/files/lvrouted.in (revision 10612) +++ /branches/releng-9.0/nanobsd/ports/net/lvrouted/files/lvrouted.in (revision 10612) @@ -0,0 +1,40 @@ +#!/bin/sh +# +# PROVIDE: lvrouted +# REQUIRE: netif routing +# KEYWORD: nojail + +lvrouted_enable=${lvrouted_enable:-"NO"} +lvrouted_flags=${lvrouted_flags:-} + +. /etc/rc.subr + +name="lvrouted" +rcvar=`set_rcvar` +load_rc_config $name + +command="%%PREFIX%%/sbin/${name}" + +pid_file="/var/run/${name}.pid" + +start_precmd="lvrouted_flush_routes" + +# XXX: Needs to be a flag to disable +# XXX: lvrouted should mark their added routed protocol specific (see: man 8 route) +# lvrouted requires no route to exists before start as it is not able to alter +# old routes, so make it flush all dynamic generated routes +lvrouted_flush_routes() { + + # XXX: Does the looping bug still exists? + # Keep looping till we whiped _all_ dynamic generated routes + while true; do + netstat -nr -f inet | awk '{if ($3 ~ /.*D.*/) { exit 1} }' + if [ $? -eq 0 ]; then + break + fi + echo "WARNING: Flushing all existing DYNAMIC routes" 1>&2 + netstat -nr -f inet | awk '{if ($3 ~ /.*D.*/) {print $1} }' | xargs -n 1 route delete + done +} + +run_rc_command "$1" Index: /branches/releng-9.0/nanobsd/ports/net/lvrouted/pkg-descr =================================================================== --- /branches/releng-9.0/nanobsd/ports/net/lvrouted/pkg-descr (revision 10612) +++ /branches/releng-9.0/nanobsd/ports/net/lvrouted/pkg-descr (revision 10612) @@ -0,0 +1,14 @@ +Lvrouted is a very simple shortest-path routing daemon, featuring: + + - UDP based. no firmware-confusing multi- or broadcasts + - no per-node configuration + - spanning tree, so no count-to-infinity + - some specific wireless hacks, such as keeping an eye on the interface + association status for clients and the list of associated stations for + masters + - the ability to sign packets for some measure of security against malicious + packets + - sequence number against replay attacks. yes I know this is not + bulletproof. + +WWW: http://svn.wirelessleiden.nl/svn/node-config/other/lvrouted/ Index: /branches/releng-9.0/nanobsd/ports/net/lvrouted/pkg-plist =================================================================== --- /branches/releng-9.0/nanobsd/ports/net/lvrouted/pkg-plist (revision 10612) +++ /branches/releng-9.0/nanobsd/ports/net/lvrouted/pkg-plist (revision 10612) @@ -0,0 +1,4 @@ +sbin/lvrouted +%%PORTDOCS%%%%DOCSDIR%%/lvrouted.html +%%PORTDOCS%%%%DOCSDIR%%/lvrouted.ps +%%PORTDOCS%%@dirrm %%DOCSDIR%% Index: /branches/releng-9.0/nanobsd/ports/net/tproxy/Makefile =================================================================== --- /branches/releng-9.0/nanobsd/ports/net/tproxy/Makefile (revision 10612) +++ /branches/releng-9.0/nanobsd/ports/net/tproxy/Makefile (revision 10612) @@ -0,0 +1,26 @@ +# New ports collection makefile for: tproxy +# Date created: 2009-07-13 +# Whom: Rick van der Zwet +# +# $FreeBSD: $ +# + +PORTNAME= tproxy +PORTVERSION= 2 +CATEGORIES= net +MASTER_SITES= ${MASTER_SITE_SOURCEFORGE} +MASTER_SITE_SUBDIR= ${PORTNAME} + +MAINTAINER= info@rickvanderzwet.nl +COMMENT= tpoxy user-space single-port unidirectional tcp proxy + +USE_RC_SUBR= tproxy + +post-extract: + ${MV} ${WRKDIR}/${PORTNAME} ${WRKSRC} + +do-install: + ${INSTALL_PROGRAM} ${WRKSRC}/tproxy ${PREFIX}/bin + +.include + Index: /branches/releng-9.0/nanobsd/ports/net/tproxy/distinfo =================================================================== --- /branches/releng-9.0/nanobsd/ports/net/tproxy/distinfo (revision 10612) +++ /branches/releng-9.0/nanobsd/ports/net/tproxy/distinfo (revision 10612) @@ -0,0 +1,3 @@ +MD5 (tproxy-2.tar.gz) = 6ab0cb46e1eed1ecebd7a0781dfe2a6a +SHA256 (tproxy-2.tar.gz) = 8c59a20a93eda6b57e2a4abd5645e69c13247ebfed45561778e78e16eca7d551 +SIZE (tproxy-2.tar.gz) = 12584 Index: /branches/releng-9.0/nanobsd/ports/net/tproxy/files/tproxy.in =================================================================== --- /branches/releng-9.0/nanobsd/ports/net/tproxy/files/tproxy.in (revision 10612) +++ /branches/releng-9.0/nanobsd/ports/net/tproxy/files/tproxy.in (revision 10612) @@ -0,0 +1,28 @@ +#!/bin/sh +# +# $FreeBSD: $ +# + +# PROVIDE: tproxy +# REQUIRE: NETWORKING SERVERS +# BEFORE: DAEMON +# KEYWORD: shutdown + +# +# Add the following line to /etc/rc.conf to enable tproxy: +# +# tproxy_enable="YES" +# + +. %%RC_SUBR%% + +name=tproxy +rcvar=`set_rcvar` + +command=%%PREFIX%%/bin/${name} + +tproxy_enable=${tproxy_enable:-"NO"} +tproxy_flags=${tproxy_flags:-""} + +load_rc_config $name +run_rc_command "$1" Index: /branches/releng-9.0/nanobsd/ports/net/tproxy/pkg-descr =================================================================== --- /branches/releng-9.0/nanobsd/ports/net/tproxy/pkg-descr (revision 10612) +++ /branches/releng-9.0/nanobsd/ports/net/tproxy/pkg-descr (revision 10612) @@ -0,0 +1,4 @@ +user-space single-port unidirectional tcp proxy which handles out-of-band data, +and telnet-through firewall tunnelling. + +WWW: http://sourceforge.net/projects/tproxy/ Index: /branches/releng-9.0/nanobsd/ports/net/tproxy/pkg-plist =================================================================== --- /branches/releng-9.0/nanobsd/ports/net/tproxy/pkg-plist (revision 10612) +++ /branches/releng-9.0/nanobsd/ports/net/tproxy/pkg-plist (revision 10612) @@ -0,0 +1,1 @@ +bin/tproxy Index: /branches/releng-9.0/nanobsd/ports/net/transproxy/Makefile =================================================================== --- /branches/releng-9.0/nanobsd/ports/net/transproxy/Makefile (revision 10612) +++ /branches/releng-9.0/nanobsd/ports/net/transproxy/Makefile (revision 10612) @@ -0,0 +1,25 @@ +# New ports collection makefile for: transproxy +# Date created: 2009-07-15 +# Whom: Rick van der Zwet +# +# $FreeBSD: $ +# + +PORTNAME= transproxy +PORTVERSION= 1.6 +CATEGORIES= net +MASTER_SITES= ${MASTER_SITE_SOURCEFORGE} +MASTER_SITE_SUBDIR= ${PORTNAME} +EXTRACT_SUFX= .tgz + +MAINTAINER= info@rickvanderzwet.nl +COMMENT= Transproxy is used to transparently proxy HTTP requests + +USE_RC_SUBR= transproxy + +MAN8= tproxy.8 + +post-install: + @${CAT} ${PKGDIR}/pkg-message + +.include Index: /branches/releng-9.0/nanobsd/ports/net/transproxy/distinfo =================================================================== --- /branches/releng-9.0/nanobsd/ports/net/transproxy/distinfo (revision 10612) +++ /branches/releng-9.0/nanobsd/ports/net/transproxy/distinfo (revision 10612) @@ -0,0 +1,3 @@ +MD5 (transproxy-1.6.tgz) = 02cc1160a9db9c49a40491f890083044 +SHA256 (transproxy-1.6.tgz) = 7bc4ce5ab01648dcaca25555eb4d4c3a67aed6bbb42e1432aaa4e9b20b75dab3 +SIZE (transproxy-1.6.tgz) = 23592 Index: /branches/releng-9.0/nanobsd/ports/net/transproxy/files/transproxy.in =================================================================== --- /branches/releng-9.0/nanobsd/ports/net/transproxy/files/transproxy.in (revision 10612) +++ /branches/releng-9.0/nanobsd/ports/net/transproxy/files/transproxy.in (revision 10612) @@ -0,0 +1,47 @@ +#!/bin/sh +# +# $FreeBSD: $ +# + +# PROVIDE: transproxy +# REQUIRE: NETWORKING SERVERS ipfw +# BEFORE: DAEMON +# KEYWORD: shutdown + +# +# Add the following line to /etc/rc.conf to enable transproxy: +# +# transproxy_enable="YES" +# + +. /etc/rc.subr + +name=transproxy +rcvar=`set_rcvar` +start_precmd=${name}_precmd +stop_postcmd=${name}_postcmd + +command=%%PREFIX%%/sbin/tproxy + +transproxy_port=${transproxy_port:-8081} +transproxy_log=${transproxy_log:-"/var/log/transproxy.log"} +transproxy_proxyhost=${transproxy_proxyhost:-"proxy"} +transproxy_proxyport=${transproxy_proxyport:-3128} +transproxy_enable=${transproxy_enable:-"NO"} +transproxy_flags="-s $transproxy_port -l $transproxy_log $transproxy_proxyhost $transproxy_proxyport $transproxy_flags" + +transproxy_precmd () +{ + +} + + +transproxy_postcmd () +{ + ipfw delete 10010 10000 10001 >/dev/null + +} + + +load_rc_config $name +run_rc_command "$1" Index: /branches/releng-9.0/nanobsd/ports/net/transproxy/pkg-descr =================================================================== --- /branches/releng-9.0/nanobsd/ports/net/transproxy/pkg-descr (revision 10612) +++ /branches/releng-9.0/nanobsd/ports/net/transproxy/pkg-descr (revision 10612) @@ -0,0 +1,5 @@ +Transproxy is used in conjunction with the FreeBSD (ipfw and ipnat) or Linux +transparent proxy feature (ipfwadm, ipchains and iptables), to transparently +proxy HTTP requests. + +WWW: http://sourceforge.net/projects/transproxy/ Index: /branches/releng-9.0/nanobsd/ports/net/transproxy/pkg-message =================================================================== --- /branches/releng-9.0/nanobsd/ports/net/transproxy/pkg-message (revision 10612) +++ /branches/releng-9.0/nanobsd/ports/net/transproxy/pkg-message (revision 10612) @@ -0,0 +1,12 @@ +Remember to setup ipfw correctly. + +Sample below, uses following options: + Localip 172.19.152.65/26 + Localnet 172.16.0.0/12 + Transparant proxy enabled for all NOT localnet destinations 80 + transproxy running at port 8081 + + +ipfw add 10000 allow tcp from any to localhost 80 +ipfw add 10001 allow tcp from any to me 80 +ipfw add 10010 fwd 172.19.152.65,8081 tcp from any to no 172.16.0.0/12 80 Index: /branches/releng-9.0/nanobsd/ports/net/transproxy/pkg-plist =================================================================== --- /branches/releng-9.0/nanobsd/ports/net/transproxy/pkg-plist (revision 10612) +++ /branches/releng-9.0/nanobsd/ports/net/transproxy/pkg-plist (revision 10612) @@ -0,0 +1,3 @@ +sbin/tproxy +sbin/tproxyrun +sbin/tproxywatch Index: /branches/releng-9.0/nanobsd/tools/image =================================================================== --- /branches/releng-9.0/nanobsd/tools/image (revision 10610) +++ /branches/releng-9.0/nanobsd/tools/image (revision 10612) @@ -22,4 +22,6 @@ # rebuild - Rebuild NanoBSD (aka force rebuilding all) # deploy on [and reboot] - Deploy the image on node and reboot if needed +# ports update - Update the packages from ports +# ports force rebuild - Forcefully rebuilding all required packages EOF } @@ -110,5 +112,4 @@ } - # # Argument parsing @@ -150,4 +151,26 @@ fi deploy_image +elif [ "$1" = "ports" ]; then + if [ "$2" = "update" ]; then + # Fetch the latest details and provide listing of packages to be updated + portsnap fetch update || exit 1 + + # HACK: install our own ports _inside_ the normal ports dir + cp -fR $WL_PORTSDIR/* $PORTSDIR + + # Make sure portmaster is present to update all ports + portmaster --version 1>/dev/null 2>/dev/null || make -C /usr/ports/ports-mgmt/portmaster BATCH=yes install clean || exit 1 + + # Update via portmaster + portmaster --no-confirm --update-if-newer -y -d -G `echo $PKG_MAKE_ARGS | xargs -n1 echo -m ` $PACKAGE_LIST || exit 1 + + . ${BASEDIR}/package-build.sh + elif [ "$2" = "force" -a "$3" = "rebuild" ]; then + export FORCE_REBUILD=1 + . ${BASEDIR}/package-build.sh + else + shift 1 + echo "Arguments Error - '$*'"; exit 128 + fi else echo "Argument Error - '$1'"; exit 128 Index: /branches/releng-9.0/nanobsd/tools/package-build.sh =================================================================== --- /branches/releng-9.0/nanobsd/tools/package-build.sh (revision 10610) +++ /branches/releng-9.0/nanobsd/tools/package-build.sh (revision 10612) @@ -1,20 +1,28 @@ #!/bin/sh # Install all required packages +# # XXX: Welcome to port hell, if /usr/ports has been updated, you actually want # to delete all installed packages and start over again, hence why people used # to run this stuff in jails, etc. +# +# Rick van der Zwet +# -. $(dirname $0)/package-build.inc.sh +. `dirname $0`/package-build.inc.sh -DEBUG=${DEBUG:-0} -DEP_CHECK_ONLY=${DEP_CHECK_ONLY:-0} +DEBUG=${DEBUG:-'0'} +DEP_CHECK_ONLY=${DEP_CHECK_ONLY:-'0'} # make options, for package building -LOGDIR=`mktemp -d "/tmp/$(basename $0 .sh)-$(date +%Y%m%d-%H:%M:%S).X"` +LOGDIR=`mktemp -d /tmp/$(basename $0 .sh)-$(date '+%Y%m%d-%H:%M:%S')X` p_info Log directory ${LOGDIR} p_info Make options are: -p_info $(p_list ${PKG_MAKE_ARGS}) +p_info `p_list ${PKG_MAKE_ARGS}` +# HACK: install our own ports _inside_ the normal ports dir +cp -fR $WL_PORTSDIR/* $PORTSDIR + +# Pre-req dependency fixing p_info Checking whether there are currently unmet dependencies RETVAL=0 @@ -30,5 +38,5 @@ if [ -n "${PKG_DEP_FAIL}" ]; then p_err Unmet dependencies found at $PKG, please fix manually: - p_err $(p_list ${PKG_DEP_FAIL}) + p_err `p_list ${PKG_DEP_FAIL}` RETVAL=1 fi @@ -45,4 +53,5 @@ +# Cleanup of old packages if [ -d "${NANO_PACKAGE_DIR}" ]; then p_warn "Deleted all (old) packages at ${NANO_PACKAGE_DIR}" @@ -52,8 +61,8 @@ mkdir -p ${NANO_PACKAGE_DIR} + +# Build required packages MAKE="make ${PKG_MAKE_ARGS}" - BUILD_LIST='' -# Build required packages set ${PACKAGE_LIST} while [ "$1" ]; do @@ -62,15 +71,14 @@ # Build new one - LOGFILE="$LOGDIR/build$(echo $PACKAGE | tr '/' '_').log" + LOGFILE="$LOGDIR/build_`echo $PACKAGE | tr '/' '_'`.log" echo "" p_info Packaging $PACKAGE - cd ${PACKAGE} + cd $PORTSDIR/$PACKAGE - # Check for build dependencies BUILDDEP_PKG=`${MAKE} build-depends-list | awk -F: '{print $2}'` if [ -n "${BUILDDEP_PKG}" ]; then p_info Build dependencies needed are: - p_info $(p_list ${BUILDDEP_PKG}) + p_info `p_list ${BUILDDEP_PKG}` fi @@ -79,20 +87,23 @@ if [ -n "${PKGDEP_PKGS}" ]; then p_info Package dependencies also packaged are: - p_info $(p_list ${PKGDEP_PKGS}) + p_info `p_list ${PKGDEP_PKGS}` fi # Check if package is already installed VERSION=`${MAKE} clean generate-plist check-already-installed | awk '/is already/ {print $2}'` - if [ -n "${VERSION}" ]; then + if [ -n "$FORCE_REBUILD" ]; then + p_warn "${PACKAGE} forcefullly rebuilding..." + MAKE_OPTION='deinstall reinstall' + elif [ "${VERSION}" = "An" ]; then + #XXX: Better way to detect whether a package needs updating + # An older version of lang/python26 is already installed (python26-2.6.2) + p_warn "${PACKAGE} outdated, updating..." + p_warn "re-run package-build.sh to check for unmet ones done using:" + p_warn "$0" + MAKE_OPTION='deinstall reinstall' + elif [ -n "${VERSION}" ]; then VERSION=`echo ${VERSION} | sed 's/^.*-//g'` p_info ${PACKAGE} already installed at ${VERSION} MAKE_OPTION='' - elif [ "${VERSION}" = "An" ]; then - #XXX: Better way to detect whether a package needs updating - # An older version of lang/python26 is already installed (python26-2.6.2) - p_warn ${PACKAGE} outdated, updating... - p_warn re-run package-build.sh to check for unmet ones done using: - p_warn $0 - MAKE_OPTION='deinstall reinstall' else p_info ${PACKAGE} not installed, installing... @@ -130,5 +141,5 @@ done -p_info $(echo ${BUILD_LIST} | wc -w) packages build succesfully +p_info `echo ${BUILD_LIST} | wc -w` packages build succesfully if [ ${DEBUG} -eq 0 ]; then