From f2d8fc3bc2efc7fb9ee53b5df47aee1520618b29 Mon Sep 17 00:00:00 2001 From: Jonathan Bennett Date: Thu, 7 May 2015 22:39:22 -0500 Subject: [PATCH] Fwknop: Update to newest release add basic uci support add optional gpg support signed-off-by: Jonathan Bennett --- net/fwknop/Config.in | 12 ++++ net/fwknop/Makefile | 19 ++++-- net/fwknop/files/fwknopd.init | 89 +++++++++++++++++++++++++ net/fwknop/patches/001-fix_config.patch | 18 ----- net/fwknop/patches/002-fix_init.patch | 17 ----- 5 files changed, 114 insertions(+), 41 deletions(-) create mode 100644 net/fwknop/Config.in create mode 100644 net/fwknop/files/fwknopd.init delete mode 100644 net/fwknop/patches/001-fix_config.patch delete mode 100644 net/fwknop/patches/002-fix_init.patch diff --git a/net/fwknop/Config.in b/net/fwknop/Config.in new file mode 100644 index 0000000000..ee0e62300a --- /dev/null +++ b/net/fwknop/Config.in @@ -0,0 +1,12 @@ +#fwknop config +menu "Configuration" + depends on PACKAGE_fwknopd + +config FWKNOPD_GPG + bool "Enable GPG support" + select PACKAGE_gnupg + default n + + + +endmenu diff --git a/net/fwknop/Makefile b/net/fwknop/Makefile index df16e15f4f..62d85e675b 100644 --- a/net/fwknop/Makefile +++ b/net/fwknop/Makefile @@ -8,12 +8,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=fwknop -PKG_VERSION:=2.6.5 +PKG_VERSION:=2.6.6 PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2 PKG_SOURCE_URL:=http://www.cipherdyne.org/fwknop/download -PKG_MD5SUM:=1ae000a499bf604a2aeef4d0a7a178c8 +PKG_MD5SUM:=1372aeaf1e33ab1d6b9906ef9b5cd02e PKG_MAINTAINER:=Jonathan Bennett PKG_LICENSE:=GPLv2 PKG_INSTALL:=1 @@ -42,7 +42,7 @@ define Package/fwknopd CATEGORY:=Network SUBMENU:=Firewall TITLE+= Daemon - DEPENDS:=+iptables +libfko +libpcap + DEPENDS:=+iptables +libfko +libpcap +FWKNOP_GPG:gnupg endef define Package/fwknopd/description @@ -55,6 +55,10 @@ define Package/fwknopd/conffiles /etc/fwknop/fwknopd.conf endef +define Package/fwknopd/config + source "$(SOURCE)/Config.in" +endef + define Package/fwknop $(call Package/fwknop/Default) SECTION:=net @@ -82,8 +86,12 @@ define Package/libfko/description This package contains the libfko shared library. endef + +ifeq ($(CONFIG_FWKNOPD_GPG),n) + CONFIGURE_ARGS += --without-gpgme +endif + CONFIGURE_ARGS += \ - --without-gpgme \ --with-iptables=/usr/sbin/iptables define Build/InstallDev @@ -98,8 +106,7 @@ define Package/fwknopd/install $(INSTALL_CONF) $(PKG_INSTALL_DIR)/etc/fwknop/{access,fwknopd}.conf \ $(1)/etc/fwknop/ $(INSTALL_DIR) $(1)/etc/init.d - $(INSTALL_BIN) $(PKG_BUILD_DIR)/extras/fwknop.init.openwrt \ - $(1)/etc/init.d/fwknopd + $(INSTALL_BIN) ./files/fwknopd.init $(1)/etc/init.d/fwknopd $(INSTALL_DIR) $(1)/usr/sbin $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/fwknopd $(1)/usr/sbin/ endef diff --git a/net/fwknop/files/fwknopd.init b/net/fwknop/files/fwknopd.init new file mode 100644 index 0000000000..294258f82a --- /dev/null +++ b/net/fwknop/files/fwknopd.init @@ -0,0 +1,89 @@ +#!/bin/sh /etc/rc.common +# +# Fwknop is developed primarily by the people listed in the file 'AUTHORS'. +# Copyright (C) 2009-2014 fwknop developers and contributors. For a full +# list of contributors, see the file 'CREDITS'. +# +. /lib/functions.sh +UCI_ENABLED=0 +START=60 + +FWKNOPD_BIN=/usr/sbin/fwknopd + +start() +{ + gen_confs + $FWKNOPD_BIN +} + +stop() +{ + $FWKNOPD_BIN -K +} + +restart() +{ + stop; + sleep 1; + start; +} + +reload() +{ + $FWKNOPD_BIN -R +} + +gen_confs() +{ + + +config_cb() { + + local type="$1" + local name="$2" + if [ "$type" = "global" ] + then + option_cb() { + local option="$1" + local value="$2" + if [ "$option" = "uci_enabled" ] && [ "$value" -eq 1 ] ; then + > /etc/fwknop/fwknopd.conf + > /etc/fwknop/access.conf + UCI_ENABLED=1 + fi + } + elif [ "$type" = "config" ] + then + option_cb() { + local option="$1" + local value="$2" + if [ $UCI_ENABLED ]; then + echo "${option//_/-} $value" >> /etc/fwknop/fwknopd.conf #writing each option to fwknopd.conf + fi + } + elif [ "$type" = "SOURCE" ] + then + echo "${type//_/-} $name" >> /etc/fwknop/access.conf #writing each option to access.conf + option_cb() { + local option="$1" + local value="$2" + if [ $UCI_ENABLED ]; then + echo "${option//_/-} $value" >> /etc/fwknop/access.conf #writing each option to access.conf + fi + } + fi + + + + +} + + +if [ -f /etc/config/fwknopd ]; then + + config_load fwknopd + + +fi + +} diff --git a/net/fwknop/patches/001-fix_config.patch b/net/fwknop/patches/001-fix_config.patch deleted file mode 100644 index 8e5e59088d..0000000000 --- a/net/fwknop/patches/001-fix_config.patch +++ /dev/null @@ -1,18 +0,0 @@ ---- a/server/fwknopd.conf.inst -+++ b/server/fwknopd.conf.inst -@@ -402,8 +402,13 @@ - # The IPT_FORWARD_ACCESS variable is only used if ENABLE_IPT_FORWARDING is - # enabled. - # --#IPT_FORWARD_ACCESS ACCEPT, filter, FORWARD, 1, FWKNOP_FORWARD, 1; --#IPT_DNAT_ACCESS DNAT, nat, PREROUTING, 1, FWKNOP_PREROUTING, 1; -+ -+# These two lines are changed specifically for Openwrt, due to -+# different naming conventions. IPT_FORWARD is still disabled -+# by default, and must be enabled earlier in this file to be used. -+ -+IPT_FORWARD_ACCESS ACCEPT, filter, zone_wan_forward, 1, FWKNOP_FORWARD, 1; -+IPT_DNAT_ACCESS DNAT, nat, zone_wan_prerouting, 1, FWKNOP_PREROUTING, 1; - - # The IPT_SNAT_ACCESS variable is not used unless both ENABLE_IPT_SNAT and - # ENABLE_IPT_FORWARDING are enabled. Also, the external static IP must be diff --git a/net/fwknop/patches/002-fix_init.patch b/net/fwknop/patches/002-fix_init.patch deleted file mode 100644 index 6370c8e60b..0000000000 --- a/net/fwknop/patches/002-fix_init.patch +++ /dev/null @@ -1,17 +0,0 @@ ---- a/extras/openwrt/package/fwknop/files/fwknopd.init -+++ b/extras/openwrt/package/fwknop/files/fwknopd.init -@@ -11,12 +11,12 @@ FWKNOPD_BIN=/usr/sbin/fwknopd - - start() - { -- $FWKNOPD_BIN -+ service_start $FWKNOPD_BIN - } - - stop() - { -- $FWKNOPD_BIN -K -+ service_stop $FWKNOPD_BIN -K - } - - restart() -- 2.30.2