include $(TOPDIR)/rules.mk
PKG_NAME:=django
-PKG_VERSION:=4.2.5
+PKG_VERSION:=5.0
PKG_RELEASE:=1
PYPI_NAME:=Django
-PKG_HASH:=5e5c1c9548ffb7796b4a8a4782e9a2e5a3df3615259fc1bfd3ebc73b646146c1
+PKG_HASH:=7d29e14dfbc19cb6a95a4bd669edbde11f5d4c6a71fdaa42c2d40b6846e807f7
PKG_MAINTAINER:=Alexandru Ardelean <ardeleanalex@gmail.com>, Peter Stadler <peter.stadler@student.uibk.ac.at>
PKG_LICENSE:=BSD-3-Clause
--- /dev/null
+#!/bin/sh
+
+[ "$1" = "python3-django" ] || exit 0
+
+GOT_VER=$(/usr/bin/django-admin version)
+[ "$GOT_VER" = "$2" ] || {
+ echo "Incorrect version: expected '$2' ; obtained '$GOT_VER'"
+ exit 1
+}
+
+python3 - << EOF
+import sys
+import django
+
+if (django.__version__) != "$GOT_VER":
+ print("Wrong version: " + django.__version__)
+ sys.exit(1)
+
+sys.exit(0)
+EOF
+
$(1)/usr/include \
$(1)/usr/lib \
$(1)/usr/bin \
+ $(1)/usr/lib/pkgconfig \
$(2)/bin
$(CP) \
$(PKG_INSTALL_DIR)/usr/include/* \
$(SED) \
's,LIBINST_DIR="/usr/lib",LIBINST_DIR="$(STAGING_DIR)/usr/lib",g' \
$(2)/bin/xmlrpc-c-config
+ $(INSTALL_DATA) \
+ $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/*.pc \
+ $(1)/usr/lib/pkgconfig/
endef
define Package/xmlrpc-c-libxml2/install
PKG_NAME:=banip
PKG_VERSION:=0.9.3
-PKG_RELEASE:=1
+PKG_RELEASE:=3
PKG_LICENSE:=GPL-3.0-or-later
PKG_MAINTAINER:=Dirk Brenken <dev@brenken.org>
* Install banIP (_opkg install banip_) - the banIP service is disabled by default
* Install the LuCI companion package 'luci-app-banip' (opkg install luci-app-banip)
* It's strongly recommended to use the LuCI frontend to easily configure all aspects of banIP, the application is located in LuCI under the 'Services' menu
+* If you're using a complex network setup, e.g. special tunnel interfaces, than untick the 'Auto Detection' option under the 'General Settings' tab and set the required options manually
+* Start the service with '/etc/init.d/banip start' and check everything is working by running '/etc/init.d/banip status' and also check the 'Firewall Log' and 'Processing Log' tabs
* If you're going to configure banIP via CLI, edit the config file '/etc/config/banip' and enable the service (set ban\_enabled to '1'), then add pre-configured feeds via 'ban\_feed' (see the feed list above) and add/change other options to your needs (see the options reference below)
-* Start the service with '/etc/init.d/banip start' and check everything is working by running '/etc/init.d/banip status'
## banIP CLI interface
* All important banIP functions are accessible via CLI.
# (s)hellcheck exceptions
# shellcheck disable=all
-# set initial defaults
+# environment
#
export LC_ALL=C
export PATH="/usr/sbin:/usr/bin:/sbin:/bin"
+# initial defaults
+#
ban_basedir="/tmp"
ban_backupdir="/tmp/banIP-backup"
ban_reportdir="/tmp/banIP-report"
ban_lock="/var/run/banip.lock"
ban_logreadfile="/var/log/messages"
ban_logreadcmd=""
-ban_logcmd="$(command -v logger)"
-ban_ubuscmd="$(command -v ubus)"
-ban_nftcmd="$(command -v nft)"
-ban_fw4cmd="$(command -v fw4)"
-ban_awkcmd="$(command -v awk)"
-ban_grepcmd="$(command -v grep)"
-ban_sedcmd="$(command -v sed)"
-ban_catcmd="$(command -v cat)"
-ban_zcatcmd="$(command -v zcat)"
-ban_lookupcmd="$(command -v nslookup)"
-ban_jsoncmd="$(command -v jsonfilter)"
-ban_mailcmd="$(command -v msmtp)"
ban_mailsender="no-reply@banIP"
ban_mailreceiver=""
ban_mailtopic="banIP notification"
ban_debug="$(uci_get banip global ban_debug)"
ban_cores="$(uci_get banip global ban_cores)"
fi
- ban_packages="$(${ban_ubuscmd} -S call rpc-sys packagelist '{ "all": true }' 2>/dev/null)"
+ ban_packages="$("${ban_ubuscmd}" -S call rpc-sys packagelist '{ "all": true }' 2>/dev/null)"
ban_memory="$("${ban_awkcmd}" '/^MemAvailable/{printf "%s",int($2/1000)}' "/proc/meminfo" 2>/dev/null)"
ban_ver="$(printf "%s" "${ban_packages}" | "${ban_jsoncmd}" -ql1 -e '@.packages.banip')"
ban_sysver="$("${ban_ubuscmd}" -S call system board 2>/dev/null | "${ban_jsoncmd}" -ql1 -e '@.model' -e '@.release.description' |
fi
}
+# command selector
+#
+f_cmd() {
+ local cmd pri_cmd="${1}" sec_cmd="${2}"
+
+ cmd="$(command -v "${pri_cmd}" 2>/dev/null)"
+ if [ ! -x "${cmd}" ]; then
+ if [ -n "${sec_cmd}" ]; then
+ [ "${sec_cmd}" = "true" ] && return
+ cmd="$(command -v "${sec_cmd}" 2>/dev/null)"
+ fi
+ [ -x "${cmd}" ] && printf "%s" "${cmd}" || f_log "emerg" "command '${pri_cmd:-"-"}'/'${sec_cmd:-"-"}' not found"
+ else
+ printf "%s" "${cmd}"
+ fi
+}
+
# create directories
#
f_mkdir() {
ppid="$("${ban_catcmd}" "${ban_pidfile}" 2>/dev/null)"
if [ -n "${ppid}" ]; then
- pids="$(pgrep -P "${ppid}" 2>/dev/null)"
+ pids="$("${ban_pgrepcmd}" -P "${ppid}" 2>/dev/null)"
for pid in ${pids}; do
- pids="${pids} $(pgrep -P "${pid}" 2>/dev/null)"
+ pids="${pids} $("${ban_pgrepcmd}" -P "${pid}" 2>/dev/null)"
done
for pid in ${pids}; do
kill -INT "${pid}" >/dev/null 2>&1
printf "%s %s %s\n" "${class}" "banIP-${ban_ver}[${$}]" "${log_msg}"
fi
fi
- if [ "${class}" = "err" ]; then
- "${ban_nftcmd}" delete table inet banIP >/dev/null 2>&1
- if [ "${ban_enabled}" = "1" ]; then
- f_genstatus "error"
- [ "${ban_mailnotification}" = "1" ] && [ -n "${ban_mailreceiver}" ] && [ -x "${ban_mailcmd}" ] && f_mail
- else
- f_genstatus "disabled"
+ if [ "${class}" = "err" ] || [ "${class}" = "emerg" ]; then
+ if [ "${class}" = "err" ]; then
+ "${ban_nftcmd}" delete table inet banIP >/dev/null 2>&1
+ if [ "$(uci_get banip global ban_enabled)" = "1" ]; then
+ f_genstatus "error"
+ [ "${ban_mailnotification}" = "1" ] && [ -n "${ban_mailreceiver}" ] && [ -x "${ban_mailcmd}" ] && f_mail
+ else
+ f_genstatus "disabled"
+ fi
fi
f_rmdir "${ban_tmpdir}"
f_rmpid
# get nft/monitor actuals
#
f_actual() {
- local nft monitor ppid pid
+ local nft monitor ppid pids pid
if "${ban_nftcmd}" -t list set inet banIP allowlistv4MAC >/dev/null 2>&1; then
nft="$(f_char "1")"
ppid="$("${ban_catcmd}" "${ban_pidfile}" 2>/dev/null)"
if [ -n "${ppid}" ]; then
- pid="$(pgrep -oP "${ppid}" 2>/dev/null)"
- fi
- if pgrep -f "${ban_logreadcmd##*/}" -P "${pid}" >/dev/null 2>&1; then
- monitor="$(f_char "1")"
+ pids="$("${ban_pgrepcmd}" -P "${ppid}" 2>/dev/null)"
+ for pid in ${pids}; do
+ if "${ban_pgrepcmd}" -f "${ban_logreadcmd##*/}" -P "${pid}" >/dev/null 2>&1; then
+ monitor="$(f_char "1")"
+ break
+ else
+ monitor="$(f_char "0")"
+ fi
+ done
else
monitor="$(f_char "0")"
fi
if { [ "${ban_fetchcmd}" = "uclient-fetch" ] && printf "%s" "${ban_packages}" | "${ban_grepcmd}" -q '"libustream-'; } ||
{ [ "${ban_fetchcmd}" = "wget" ] && printf "%s" "${ban_packages}" | "${ban_grepcmd}" -q '"wget-ssl'; } ||
[ "${ban_fetchcmd}" = "curl" ] || [ "${ban_fetchcmd}" = "aria2c" ]; then
- ban_fetchcmd="$(command -v "${ban_fetchcmd}")"
- else
- ban_fetchcmd=""
+ ban_fetchcmd="$(f_cmd "${ban_fetchcmd}" "true")"
fi
if [ "${ban_autodetect}" = "1" ] && [ ! -x "${ban_fetchcmd}" ]; then
# get wan interfaces
#
f_getif() {
- local iface update="0"
+ local iface iface_del update="0"
if [ "${ban_autodetect}" = "1" ]; then
- if [ -z "${ban_ifv4}" ]; then
- network_flush_cache
- network_find_wan iface
- if [ -n "${iface}" ] && "${ban_ubuscmd}" -t 10 wait_for network.interface."${iface}" >/dev/null 2>&1; then
- ban_protov4="1"
- ban_ifv4="${iface}"
- uci_set banip global ban_protov4 "1"
- uci_add_list banip global ban_ifv4 "${iface}"
- f_log "info" "add IPv4 interface '${iface}' to config"
- fi
+ network_flush_cache
+ network_find_wan iface
+ if [ -n "${iface}" ] && [ "${iface}" != "$(f_trim "${ban_ifv4}")" ] && "${ban_ubuscmd}" -t 10 wait_for network.interface."${iface}" >/dev/null 2>&1; then
+ for iface_del in ${ban_ifv4}; do
+ uci_remove_list banip global ban_ifv4 "${iface_del}"
+ f_log "info" "remove IPv4 interface '${iface_del}' from config"
+ done
+ ban_protov4="1"
+ ban_ifv4="${iface}"
+ uci_set banip global ban_protov4 "1"
+ uci_add_list banip global ban_ifv4 "${iface}"
+ f_log "info" "add IPv4 interface '${iface}' to config"
fi
- if [ -z "${ban_ifv6}" ]; then
- network_flush_cache
- network_find_wan6 iface
- if [ -n "${iface}" ] && "${ban_ubuscmd}" -t 10 wait_for network.interface."${iface}" >/dev/null 2>&1; then
- ban_protov6="1"
- ban_ifv6="${iface}"
- uci_set banip global ban_protov6 "1"
- uci_add_list banip global ban_ifv6 "${iface}"
- f_log "info" "add IPv6 interface '${iface}' to config"
- fi
+ network_find_wan6 iface
+ if [ -n "${iface}" ] && [ "${iface}" != "$(f_trim "${ban_ifv6}")" ] && "${ban_ubuscmd}" -t 10 wait_for network.interface."${iface}" >/dev/null 2>&1; then
+ for iface_del in ${ban_ifv6}; do
+ uci_remove_list banip global ban_ifv6 "${iface_del}"
+ f_log "info" "remove IPv6 interface '${iface_del}' from config"
+ done
+ ban_protov6="1"
+ ban_ifv6="${iface}"
+ uci_set banip global ban_protov6 "1"
+ uci_add_list banip global ban_ifv6 "${iface}"
+ f_log "info" "add IPv6 interface '${iface}' to config"
fi
fi
if [ -n "$(uci -q changes "banip")" ]; then
update="1"
uci_commit "banip"
else
- ban_ifv4="${ban_ifv4%%?}"
- ban_ifv6="${ban_ifv6%%?}"
for iface in ${ban_ifv4} ${ban_ifv6}; do
if ! "${ban_ubuscmd}" -t 10 wait_for network.interface."${iface}" >/dev/null 2>&1; then
f_log "err" "no wan interface '${iface}'"
fi
done
fi
+ ban_ifv4="$(f_trim "${ban_ifv4}")"
+ ban_ifv6="$(f_trim "${ban_ifv6}")"
[ -z "${ban_ifv4}" ] && [ -z "${ban_ifv6}" ] && f_log "err" "no wan interfaces"
f_log "debug" "f_getif ::: auto/update: ${ban_autodetect}/${update}, interfaces (4/6): ${ban_ifv4}/${ban_ifv6}, protocols (4/6): ${ban_protov4}/${ban_protov6}"
# get wan devices
#
f_getdev() {
- local dev iface update="0" cnt="0" cnt_max="30"
+ local dev dev_del iface update="0"
if [ "${ban_autodetect}" = "1" ]; then
- while [ "${cnt}" -lt "${cnt_max}" ] && [ -z "${ban_dev}" ]; do
- network_flush_cache
- for iface in ${ban_ifv4} ${ban_ifv6}; do
- network_get_device dev "${iface}"
- if [ -n "${dev}" ] && ! printf " %s " "${ban_dev}" | "${ban_grepcmd}" -q " ${dev} "; then
+ network_flush_cache
+ dev_del="${ban_dev}"
+ for iface in ${ban_ifv4} ${ban_ifv6}; do
+ network_get_device dev "${iface}"
+ if [ -n "${dev}" ]; then
+ dev_del="${dev_del/${dev} / }"
+ if ! printf " %s " "${ban_dev}" | "${ban_grepcmd}" -q " ${dev} "; then
ban_dev="${ban_dev}${dev} "
uci_add_list banip global ban_dev "${dev}"
f_log "info" "add device '${dev}' to config"
fi
- done
- cnt="$((cnt + 1))"
- sleep 1
+ fi
+ done
+ for dev in ${dev_del}; do
+ ban_dev="${ban_dev/${dev} / }"
+ uci_remove_list banip global ban_dev "${dev}"
+ f_log "info" "remove device '${dev}' from config"
done
fi
if [ -n "$(uci -q changes "banip")" ]; then
update="1"
uci_commit "banip"
fi
- ban_dev="${ban_dev%%?}"
+ ban_dev="$(f_trim "${ban_dev}")"
[ -z "${ban_dev}" ] && f_log "err" "no wan devices"
- f_log "debug" "f_getdev ::: auto/update: ${ban_autodetect}/${update}, wan_devices: ${ban_dev}, cnt: ${cnt}"
+ f_log "debug" "f_getdev ::: auto/update: ${ban_autodetect}/${update}, wan_devices: ${ban_dev}"
}
# get local uplink
update="1"
fi
done
- ban_uplink="${ban_uplink%%?}"
+ ban_uplink="$(f_trim "${ban_uplink}")"
elif [ "${ban_autoallowlist}" = "1" ] && [ "${ban_autoallowuplink}" = "disable" ]; then
"${ban_sedcmd}" -i "/# uplink added on /d" "${ban_allowlist}"
update="1"
} >"${tmp_del}"
if [ -n "${del_set}" ]; then
- del_set="${del_set%%??}"
+ del_set="$(f_trim "${del_set}")"
feed_log="$("${ban_nftcmd}" -f "${tmp_del}" 2>&1)"
feed_rc="${?}"
fi
. "/lib/functions/network.sh"
. "/usr/share/libubox/jshn.sh"
else
- rm -rf "${ban_lock}"
- exit 1
+ f_log "emerg" "system libraries not found"
fi
-# check banIP availability
+# initial system calls
#
-f_system
+ban_awkcmd="$(f_cmd gawk awk)"
+ban_catcmd="$(f_cmd cat)"
+ban_fw4cmd="$(f_cmd fw4)"
+ban_grepcmd="$(f_cmd grep)"
+ban_jsoncmd="$(f_cmd jsonfilter)"
+ban_logcmd="$(f_cmd logger)"
+ban_lookupcmd="$(f_cmd nslookup)"
+ban_mailcmd="$(f_cmd msmtp true)"
+ban_nftcmd="$(f_cmd nft)"
+ban_pgrepcmd="$(f_cmd pgrep)"
+ban_sedcmd="$(f_cmd sed)"
+ban_ubuscmd="$(f_cmd ubus)"
+ban_zcatcmd="$(f_cmd zcat)"
+
if [ "${ban_action}" != "stop" ]; then
[ ! -d "/etc/banip" ] && f_log "err" "no banIP config directory"
[ ! -r "/etc/config/banip" ] && f_log "err" "no banIP config"
[ "$(uci_get banip global ban_enabled)" = "0" ] && f_log "err" "banIP is disabled"
fi
+
+f_system
ban_action="${1}"
ban_starttime="$(date "+%s")"
ban_funlib="/usr/lib/banip-functions.sh"
-[ -z "$(command -v "f_system")" ] && . "${ban_funlib}"
+[ -z "${ban_ver}" ] && . "${ban_funlib}"
# load config and set banIP environment
#
-[ "${ban_action}" = "boot" ] && sleep "$(uci_get banip global ban_triggerdelay "10")"
+[ "${ban_action}" = "boot" ] && sleep "$(uci_get banip global ban_triggerdelay "20")"
f_conf
f_log "info" "start banIP processing (${ban_action})"
f_log "debug" "f_system ::: system: ${ban_sysver:-"n/a"}, version: ${ban_ver:-"n/a"}, memory: ${ban_memory:-"0"}, cpu_cores: ${ban_cores}"
[ ! -r "${ban_funlib}" ] && { [ "${action}" = "boot" ] || [ "${action}" = "start" ] || [ "${action}" = "restart" ] || [ "${action}" = "reload" ] || [ "${action}" = "stop" ] || [ "${action}" = "report" ] || [ "${action}" = "search" ] || [ "${action}" = "lookup" ] || [ "${action}" = "status" ]; } && exit 1
[ -d "${ban_lock}" ] && { [ "${action}" = "boot" ] || [ "${action}" = "start" ] || [ "${action}" = "restart" ] || [ "${action}" = "reload" ] || [ "${action}" = "lookup" ]; } && exit 1
[ ! -d "${ban_lock}" ] && { [ "${action}" = "boot" ] || [ "${action}" = "start" ] || [ "${action}" = "restart" ] || [ "${action}" = "reload" ] || [ "${action}" = "lookup" ]; } && mkdir -p "${ban_lock}"
+{ [ "${action}" = "boot" ] || [ "${action}" = "start" ] || [ "${action}" = "restart" ] || [ "${action}" = "reload" ] || [ "${action}" = "stop" ] || [ "${action}" = "report" ] || [ "${action}" = "search" ] || [ "${action}" = "lookup" ] || [ "${action}" = "status" ]; } && . "${ban_funlib}"
+[ ! -d "${ban_lock}" ] && { [ "${action}" = "boot" ] || [ "${action}" = "start" ] || [ "${action}" = "restart" ] || [ "${action}" = "reload" ] || [ "${action}" = "lookup" ]; } && exit 1
boot() {
: >"${ban_pidfile}"
}
start_service() {
- [ -z "$(command -v "f_system")" ] && . "${ban_funlib}"
if "${ban_init}" enabled; then
f_rmpid
procd_open_instance "banip-service"
}
reload_service() {
- [ -z "$(command -v "f_system")" ] && . "${ban_funlib}"
f_rmpid
rc_procd start_service "reload"
}
stop_service() {
- [ -z "$(command -v "f_system")" ] && . "${ban_funlib}"
"${ban_nftcmd}" delete table inet banIP >/dev/null 2>&1
f_genstatus "stopped"
f_rmpid
}
status_service() {
- [ -z "$(command -v "f_system")" ] && . "${ban_funlib}"
f_getstatus
}
report() {
- [ -z "$(command -v "f_system")" ] && . "${ban_funlib}"
f_report "${1:-"text"}"
}
search() {
- [ -z "$(command -v "f_system")" ] && . "${ban_funlib}"
f_search "${1}"
}
survey() {
- [ -z "$(command -v "f_system")" ] && . "${ban_funlib}"
f_survey "${1}"
}
lookup() {
local list hold cnt="1"
- [ -z "$(command -v "f_system")" ] && . "${ban_funlib}"
for list in allowlist blocklist; do
(f_lookup "${list}") &
hold="$((cnt % ban_cores))"
service_triggers() {
local iface trigger delay
- delay="$(uci_get banip global ban_triggerdelay "10")"
+ delay="$(uci_get banip global ban_triggerdelay "20")"
trigger="$(uci_get banip global ban_trigger)"
PROCD_RELOAD_DELAY="$((delay * 1000))"
# info preparation
#
-local banip_info report_info log_info system_info mail_text
+local banip_info report_info log_info system_info mail_text logread_cmd
-banip_info="$(/etc/init.d/banip status 2>/dev/null | awk '{NR=1;max=160;if(length($0)>max+1)while($0){if(NR==1){print substr($0,1,max)}else{print substr($0,1,max)}{$0=substr($0,max+1);NR=NR+1}}else print}')"
-report_info="$(cat ${ban_reportdir}/ban_report.txt 2>/dev/null)"
-log_info="$("${ban_logreadcmd}" -l 100 -e "banIP/" 2>/dev/null | awk '{NR=1;max=160;if(length($0)>max+1)while($0){if(NR==1){print substr($0,1,max)}else{print substr($0,1,max)}{$0=substr($0,max+1);NR=NR+1}}else print}')"
+if [ -f "${ban_logreadfile}" ]; then
+ logread_cmd="${ban_logreadcmd} -qn ${ban_loglimit} ${ban_logreadfile} 2>/dev/null | ${ban_grepcmd} -e \"banIP/\" 2>/dev/null"
+elif printf "%s" "${ban_packages}" | "${ban_grepcmd}" -q '"logd'; then
+ logread_cmd="${ban_logreadcmd} -l ${ban_loglimit} -e "banIP/" 2>/dev/null"
+fi
+
+banip_info="$(/etc/init.d/banip status 2>/dev/null | "${ban_awkcmd}" '{NR=1;max=160;if(length($0)>max+1)while($0){if(NR==1){print substr($0,1,max)}else{print substr($0,1,max)}{$0=substr($0,max+1);NR=NR+1}}else print}')"
+report_info="$("${ban_catcmd}" "${ban_reportdir}/ban_report.txt" 2>/dev/null)"
+log_info="$(${logread_cmd} | "${ban_awkcmd}" '{NR=1;max=160;if(length($0)>max+1)while($0){if(NR==1){print substr($0,1,max)}else{print substr($0,1,max)}{$0=substr($0,max+1);NR=NR+1}}else print}')"
system_info="$(
strings /etc/banner 2>/dev/null
- ubus call system board | awk 'BEGIN{FS="[{}\"]"}{if($2=="kernel"||$2=="hostname"||$2=="system"||$2=="model"||$2=="description")printf " + %-12s: %s\n",$2,$4}'
+ "${ban_ubuscmd}" call system board | "${ban_awkcmd}" 'BEGIN{FS="[{}\"]"}{if($2=="kernel"||$2=="hostname"||$2=="system"||$2=="model"||$2=="description")printf " + %-12s: %s\n",$2,$4}'
)"
# content header
PKG_NAME:=dnsdist
PKG_VERSION:=1.8.3
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
PKG_SOURCE_URL:=https://downloads.powerdns.com/releases/
$(if $(call IsEnabled,DNSDIST_DYNBLOCKS),,-DDISABLE_DYNBLOCKS) \
$(if $(call IsEnabled,DNSDIST_ECS_ACTIONS),,-DDISABLE_ECS_ACTIONS) \
$(if $(call IsEnabled,DNSDIST_HASHED),,-DDISABLE_HASHED_CREDENTIALS) \
- $(if $(call IsEnabled,DNSDIST_LUA_ADVANCED),,-DDISABLE_NON_FFI_DQ_BINDINGS -DDISABLE_POLICIES_BINDINGS -DDISABLE_DOWNSTREAM_BINDINGS -DDISABLE_DNSHEADER_BINDINGS -DDISABLE_COMBO_ADDR_BINDINGS -DDISABLE_QPS_LIMITER_BINDINGS -DDISABLE_PACKETCACHE_BINDINGS -DDISABLE_CLIENT_STATE_BINDINGS -DDISABLE_DNSPACKET_BINDINGS -DDISABLE_LUA_BINDINGS_RINGS) \
+ $(if $(call IsEnabled,DNSDIST_LUA_ADVANCED),,-DDISABLE_NON_FFI_DQ_BINDINGS -DDISABLE_DOWNSTREAM_BINDINGS -DDISABLE_DNSHEADER_BINDINGS -DDISABLE_COMBO_ADDR_BINDINGS -DDISABLE_QPS_LIMITER_BINDINGS -DDISABLE_PACKETCACHE_BINDINGS -DDISABLE_CLIENT_STATE_BINDINGS -DDISABLE_DNSPACKET_BINDINGS -DDISABLE_LUA_BINDINGS_RINGS) \
$(if $(call IsEnabled,DNSDIST_MAC),-DDNSDIST_RINGS_WITH_MACADDRESS,) \
$(if $(call IsEnabled,DNSDIST_OCSP_STAPLING),,-DDISABLE_OCSP_STAPLING) \
$(if $(call IsEnabled,DNSDIST_PROTOBUF),,-DDISABLE_PROTOBUF) \
PKG_NAME:=sshtunnel
PKG_VERSION:=5
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_LICENSE:=GPL-2.0-or-later
PKG_MAINTAINER:=Nuno Goncalves <nunojpg@gmail.com>
logger -p daemon.err -t sshtunnel "$@"
}
-append_params() {
- local p v args
- for p in "$@"; do
- eval "v=\$$p"
- [ -n "$v" ] && args="$args -o $p=$v"
- done
-
- ARGS_options="${args# *}"
-}
-
append_string() {
local varname="$1"; local add="$2"; local separator="${3:- }"; local actual new
eval "actual=\$$varname"
'PKCS11Provider:file' \
'CheckHostIP:or("yes", "no")' \
'Compression:or("yes", "no")' \
- 'CompressionLevel:range(1,9)' \
'IdentityFile:file' \
'LogLevel:or("QUIET", "FATAL", "ERROR", "INFO", "VERBOSE", "DEBUG", "DEBUG1", "DEBUG2", "DEBUG3")' \
'ServerAliveCountMax:min(1)' \
'ServerAliveInterval:min(0)' \
'StrictHostKeyChecking:or("yes", "no", "accept-new"):accept-new' \
'TCPKeepAlive:or("yes", "no")' \
- 'VerifyHostKeyDNS:or("yes", "no")'
+ 'VerifyHostKeyDNS:or("yes", "no")' \
+ 'ProxyCommand:string(1)'
}
validate_tunnelR_section() {
[ "$2" = 0 ] || { _err "server $server: validation failed"; return 1; }
- local ARGS=""
- local ARGS_options=""
local ARGS_tunnels=""
local count=0
config_foreach validate_tunnelW_section "tunnelW" load_tunnelW
[ "$count" -eq 0 ] && { _err "tunnels to $server not started - no tunnels defined"; return 1; }
- append_params CheckHostIP Compression CompressionLevel \
- LogLevel PKCS11Provider ServerAliveCountMax ServerAliveInterval \
- StrictHostKeyChecking TCPKeepAlive VerifyHostKeyDNS
-
- # dropbear doesn't support -o IdentityFile so use -i instead
- [ -n "$IdentityFile" ] && ARGS_options="$ARGS_options -i $IdentityFile"
- # dbclient doesn't support StrictHostKeyChecking but it has the -y option that works same
- [ "$StrictHostKeyChecking" = "accept-new" ] && ARGS_options="$ARGS_options -y"
- [ "$StrictHostKeyChecking" = "no" ] && ARGS_options="$ARGS_options -yy"
- ARGS="$ARGS_options -o ExitOnForwardFailure=yes -o BatchMode=yes -nN $ARGS_tunnels "
- [ -n "$port" ] && ARGS="$ARGS -p $port "
- [ -n "$user" ] && ARGS="$ARGS $user@"
- ARGS="${ARGS}$hostname"
+ # old dbclient use -y for StrictHostKeyChecking.
+ # The -y for OpenSSH means to use syslog but that's ok
+ local db_StrictHostKeyChecking=""
+ [ "$StrictHostKeyChecking" = "accept-new" ] && db_StrictHostKeyChecking="-y"
+ [ "$StrictHostKeyChecking" = "no" ] && db_StrictHostKeyChecking="-yy"
+
+ local ARGS="$hostname $ARGS_tunnels \
+ ${port:+-p $port} \
+ ${user:+-l $user} \
+ ${IdentityFile:+-i $IdentityFile} \
+ ${CheckHostIP:+-o CheckHostIP=$CheckHostIP} \
+ ${VerifyHostKeyDNS:+-o VerifyHostKeyDNS=$VerifyHostKeyDNS} \
+ ${Compression:+-o Compression=$Compression} \
+ ${LogLevel:+-o LogLevel=$LogLevel} \
+ ${PKCS11Provider:+-o PKCS11Provider=$PKCS11Provider} \
+ ${TCPKeepAlive:+-o TCPKeepAlive=$TCPKeepAlive} \
+ ${ServerAliveCountMax:+-o ServerAliveCountMax=$ServerAliveCountMax} \
+ ${ServerAliveInterval:+-o ServerAliveInterval=$ServerAliveInterval} \
+ ${StrictHostKeyChecking:+-o StrictHostKeyChecking=$StrictHostKeyChecking $db_StrictHostKeyChecking} \
+ -o ExitOnForwardFailure=yes -o BatchMode=yes -nN \
+ "
procd_open_instance "$server"
procd_set_param command "$PROG" $ARGS
+ # ProxyCommand must be quoted
+ [ -n "$ProxyCommand" ] && procd_append_param command -o "ProxyCommand=$ProxyCommand"
+
procd_set_param stdout 1
procd_set_param stderr 1
procd_set_param respawn 0 "$retrydelay" 1
# option retrydelay 1
# option CheckHostIP yes
# option Compression no
-# option CompressionLevel 6
# option IdentityFile /root/.ssh/id_rsa
# option LogLevel INFO
# option PKCS11Provider /lib/pteidpkcs11.so
include $(TOPDIR)/rules.mk
PKG_NAME:=rtty
-PKG_VERSION:=8.0.1
-PKG_RELEASE:=2
+PKG_VERSION:=8.1.0
+PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL=https://github.com/zhaojh329/rtty/releases/download/v$(PKG_VERSION)
-PKG_HASH:=b1a21819c2256b3364b8c64dfcc56583b9647409ab8b39ff54e00e242e44028e
+PKG_HASH:=e634939bae62bf3d52ceebae5df00179629d214634b93464eeb2294406512b30
PKG_MAINTAINER:=Jianhui Zhao <zhaojh329@gmail.com>
PKG_LICENSE:=MIT
include $(TOPDIR)/rules.mk
PKG_NAME:=zoneinfo
-PKG_VERSION:=2023c
-PKG_RELEASE:=2
+PKG_VERSION:=2023d
+PKG_RELEASE:=1
#As i couldn't find real license used "Public Domain"
#as referense to http://www.iana.org/time-zones/repository/tz-link.html
PKG_SOURCE:=tzdata$(PKG_VERSION).tar.gz
PKG_SOURCE_CODE:=tzcode$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=http://www.iana.org/time-zones/repository/releases
-PKG_HASH:=3f510b5d1b4ae9bb38e485aa302a776b317fb3637bdb6404c4adf7b6cadd965c
+PKG_HASH:=dbca21970b0a8b8c0ceceec1d7b91fa903be0f6eca5ae732b5329672232a08f3
include $(INCLUDE_DIR)/package.mk
define Download/tzcode
FILE=$(PKG_SOURCE_CODE)
URL=$(PKG_SOURCE_URL)
- HASH:=46d17f2bb19ad73290f03a203006152e0fa0d7b11e5b71467c4a823811b214e7
+ HASH:=e9a5f9e118886d2de92b62bb05510a28cc6c058d791c93bd6b84d3292c3c161e
endef
$(eval $(call Download,tzcode))