Page MenuHomeFreeBSD
Files F137907428

D6034.id15402.diff
No OneTemporary
Actions

D6034.id15402.diff
View Options

Index: GIDs
===================================================================
--- GIDs
+++ GIDs
@@ -103,6 +103,7 @@
polipo:*:173:
flowtools:*:174:
twms:*:175:
+mlvpn:*:176:
gdnsd:*:179:
rt:*:180:
nagios:*:181:
Index: UIDs
===================================================================
--- UIDs
+++ UIDs
@@ -109,6 +109,7 @@
polipo:*:173:173::0:0:polipo web cache:/nonexistent:/usr/sbin/nologin
flowtools:*:174:174::0:0:Flow-tools collector pseudo-user:/nonexistent:/usr/sbin/nologin
twms:*:175:175::0:0:tWMS pseudo-user:/nonexistent:/usr/sbin/nologin
+mlvpn:*:176:176::0:0:mlVPN pseudo-user:/var/run/mlvpn:/usr/sbin/nologin
gdnsd:*:179:179::0:0:gDNSd pseudo-user:/nonexistent:/usr/sbin/nologin
nagios:*:181:181::0:0:Nagios pseudo-user:/var/spool/nagios:/usr/sbin/nologin
noc:*:182:182::0:0:NOC pseudo-user:/usr/local/noc:/bin/sh
Index: net/mlvpn/Makefile
===================================================================
--- /dev/null
+++ net/mlvpn/Makefile
@@ -0,0 +1,50 @@
+# $FreeBSD$
+
+PORTNAME= mlvpn
+PORTVERSION= 2.3.1
+CATEGORIES= net
+
+MAINTAINER= olivier@FreeBSD.org
+COMMENT= Multi-link VPN
+
+LICENSE= BSD2CLAUSE
+LICENSE_FILE= ${WRKSRC}/LICENCE
+
+LIB_DEPENDS= libev.so:${PORTSDIR}/devel/libev \
+ libsodium.so:${PORTSDIR}/security/libsodium
+
+USE_GITHUB= yes
+GH_ACCOUNT= zehome
+
+WRKSRC= ${WRKDIR}/MLVPN-${PORTVERSION}
+USES= autoreconf libtool pkgconfig
+GNU_CONFIGURE= yes
+CPPFLAGS+= -I${LOCALBASE}/include
+LDFLAGS+= -L${LOCALBASE}/lib
+
+USERS= mlvpn
+GROUPS= mlvpn
+USE_RC_SUBR= mlvpn
+
+OPTIONS_DEFINE= CONTROL
+CONTROL_DESC= Enable UNIX socket/HTTP json remote control API
+
+OPTIONS_DEFAULT= CONTROL
+
+.include <bsd.port.options.mk>
+
+.if ! ${PORT_OPTIONS:MCONTROL}
+CONFIGURE_ARGS+=--disable-control
+.endif
+
+do-install:
+ ${INSTALL_PROGRAM} ${WRKSRC}/src/${PORTNAME} ${STAGEDIR}${PREFIX}/sbin/
+ ${INSTALL_MAN} ${WRKSRC}/man/${PORTNAME}.1 ${STAGEDIR}${PREFIX}/man/man1
+ ${INSTALL_MAN} ${WRKSRC}/man/${PORTNAME}.conf.5 ${STAGEDIR}${PREFIX}/man/man5
+ @${MKDIR} ${STAGEDIR}${ETCDIR}
+ ${INSTALL_MAN} ${WRKSRC}/doc/examples/${PORTNAME}.conf.in ${STAGEDIR}${ETCDIR}/${PORTNAME}.conf.sample
+ ${INSTALL_SCRIPT} ${WRKSRC}/doc/examples/mlvpn_updown.sh.in ${STAGEDIR}${ETCDIR}/mlvpn_updown.sh
+ @${CHMOD} 0600 ${STAGEDIR}${ETCDIR}/${PORTNAME}.conf.sample
+ @${CHMOD} 0700 ${STAGEDIR}${ETCDIR}/mlvpn_updown.sh
+
+.include <bsd.port.mk>
Index: net/mlvpn/distinfo
===================================================================
--- /dev/null
+++ net/mlvpn/distinfo
@@ -0,0 +1,2 @@
+SHA256 (zehome-mlvpn-2.3.1_GH0.tar.gz) = 4bbe8ae10ccad4ba764d29db0293b3ab523ded5d0a0b5adbe6a8d4d839e4138e
+SIZE (zehome-mlvpn-2.3.1_GH0.tar.gz) = 83817
Index: net/mlvpn/files/mlvpn.in
===================================================================
--- /dev/null
+++ net/mlvpn/files/mlvpn.in
@@ -0,0 +1,157 @@
+#!/bin/sh
+#
+# mlvpn - load tun/tap driver and start mlvpn daemon
+#
+# (C) Copyright 2005 - 2008, 2010 by Matthias Andree
+# (C) Copyright 2015 Laurent COUSTET (mlvpn modifications)
+# (C) Copyright 2016 Olivier Cochard-Labbe (updating rc script)
+
+# based on suggestions by Matthias Grimm and Dirk Gouders
+# with multi-instance contribution from Denis Shaposhnikov, Gleb Kozyrev
+# and Vasil Dimov
+# softrestart feature suggested by Nick Hibma
+#
+# $FreeBSD$
+#
+# This program is free software; you can redistribute it and/or modify it under
+# the terms of the GNU General Public License as published by the Free Software
+# Foundation; either version 2 of the License, or (at your option) any later
+# version.
+#
+# This program is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+# FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
+# details.
+#
+# You should have received a copy of the GNU General Public License along with
+# this program; if not, write to the Free Software Foundation, Inc., 51 Franklin
+# Street, Fifth Floor, Boston, MA 02110-1301, USA.
+
+# PROVIDE: mlvpn
+# REQUIRE: DAEMON
+# KEYWORD: shutdown
+
+# -----------------------------------------------------------------------------
+#
+# This script supports running multiple instances of mlvpn
+# To run additional instances link this script to something like
+# % ln -s mlvpn mlvpn_foo
+# and define additional mlvpn_foo_* variables in one of
+# /etc/rc.conf, /etc/rc.conf.local or /etc/rc.conf.d/mlvpn_foo
+#
+# Below NAME should be substituted with the name of this script. By default
+# it is mlvpn, so read as mlvpn_enable. If you linked the script to
+# mlvpn_foo, then read as mlvpn_foo_enable etc.
+#
+# The following variables are supported (defaults are shown).
+# You can place them in any of
+# /etc/rc.conf, /etc/rc.conf.local or /etc/rc.conf.d/NAME
+#
+# NAME_enable="NO" # set to YES to enable mlvpn
+# NAME_if= # driver(s) to load, set to "tun", "tap" or "tun tap"
+# # it is OK to specify the if_ prefix.
+#
+# # optional:
+# NAME_flags= # additional command line arguments
+# NAME_configfile="/usr/local/etc/mlvpn/NAME.conf" # --config file
+#
+# Note that we deliberately refrain from unloading drivers.
+#
+# For further documentation, please see http://www.mlvpn.fr/
+#
+
+. /etc/rc.subr
+
+case "$0" in
+/etc/rc*)
+ # during boot (shutdown) $0 is /etc/rc (/etc/rc.shutdown),
+ # so get the name of the script from $_file
+ name="$_file"
+ ;;
+*)
+ name="$0"
+ ;;
+esac
+
+name="${name##*/}"
+rcvar=${name}_enable
+
+mlvpn_stop()
+{
+ if [ -f ${pidfile} ]; then
+ rc_pid=$(check_pidfile $pidfile ${name})
+ kill -TERM $rc_pid
+ wait_for_pids $rc_pid
+ fi
+}
+
+stop_postcmd()
+{
+ rm -f "$pidfile" || warn "Could not remove $pidfile."
+}
+
+mlvpn_softrestart()
+{
+ rc_pid=$(check_pidfile $pidfile ${name})
+ local status
+
+ if ! status=`run_rc_command status 2>&1`; then
+ echo $status
+ return 1
+ fi
+ echo 'Softrestarting mlvpn.'
+ kill -USR1 $rc_pid
+}
+
+mlvpn_status()
+{
+ rc_pid=$(check_pidfile $pidfile ${name})
+
+ if [ -z "$rc_pid" ]; then
+ [ -n "$rc_fast" ] && return 0
+ if [ -n "$pidfile" ]; then
+ echo "${name} not running? (check $pidfile)."
+ else
+ echo "${name} not running?"
+ fi
+ return 1
+ fi
+ echo "${name} is running as pid ${rc_pid}"
+}
+
+# reload: support SIGHUP to reparse configuration file
+# softrestart: support SIGUSR1 to reconnect without superuser privileges
+extra_commands="reload softrestart"
+softrestart_cmd="mlvpn_softrestart"
+
+# pidfile
+pidfile="/var/run/${name}.pid"
+rc_pid=$(check_pidfile $pidfile ame)
+
+# command and arguments
+procname="%%PREFIX%%/sbin/mlvpn"
+command="/usr/sbin/daemon"
+
+# run this last
+stop_cmd="mlvpn_stop"
+stop_postcmd="stop_postcmd"
+status_cmd="mlvpn_status"
+
+load_rc_config ${name}
+
+eval ": \${${name}_enable:=\"NO\"}"
+eval ": \${${name}_configfile:=\"/usr/local/etc/mlvpn/${name}.conf\"}"
+
+configfile="$(eval echo \${${name}_configfile})"
+interfaces="$(eval echo \${${name}_if})"
+
+required_modules=
+for i in $interfaces ; do
+ required_modules="$required_modules${required_modules:+" "}if_${i#if_}"
+done
+
+required_files=${configfile}
+
+command_args="-f -p ${pidfile} ${procname} --name ${name} --config ${configfile} --user mlvpn"
+
+run_rc_command "$1"
Index: net/mlvpn/files/patch-src_config.c
===================================================================
--- /dev/null
+++ net/mlvpn/files/patch-src_config.c
@@ -0,0 +1,59 @@
+diff --git src/config.c src/config.c
+index 4125b3c..77b0881 100644
+--- src/config.c
++++ src/config.c
+@@ -269,6 +269,7 @@ mlvpn_config(int config_file_fd, int first_time)
+ } else if (strncmp(lastSection, "filters", 7) != 0) {
+ char *bindaddr;
+ char *bindport;
++ uint32_t bindfib = 0;
+ char *dstaddr;
+ char *dstport;
+ uint32_t bwlimit = 0;
+@@ -284,6 +285,9 @@ mlvpn_config(int config_file_fd, int first_time)
+ _conf_set_str_from_conf(
+ config, lastSection, "bindport", &bindport, NULL,
+ "bind port is mandatory in server mode.\n", 1);
++ _conf_set_uint_from_conf(
++ config, lastSection, "bindfib", &bindfib, 0,
++ NULL, 0);
+ _conf_set_str_from_conf(
+ config, lastSection, "remotehost", &dstaddr, NULL,
+ NULL, 0);
+@@ -297,6 +301,9 @@ mlvpn_config(int config_file_fd, int first_time)
+ _conf_set_str_from_conf(
+ config, lastSection, "bindport", &bindport, NULL,
+ NULL, 0);
++ _conf_set_uint_from_conf(
++ config, lastSection, "bindfib", &bindfib, 0,
++ NULL, 0);
+ _conf_set_str_from_conf(
+ config, lastSection, "remotehost", &dstaddr, NULL,
+ "No remote address specified.\n", 1);
+@@ -336,6 +343,7 @@ mlvpn_config(int config_file_fd, int first_time)
+ tmptun->name);
+ if ((! mystr_eq(tmptun->bindaddr, bindaddr)) ||
+ (! mystr_eq(tmptun->bindport, bindport)) ||
++ (tmptun->bindfib != bindfib) ||
+ (! mystr_eq(tmptun->destaddr, dstaddr)) ||
+ (! mystr_eq(tmptun->destport, dstport))) {
+ mlvpn_rtun_status_down(tmptun);
+@@ -347,6 +355,9 @@ mlvpn_config(int config_file_fd, int first_time)
+ if (bindport) {
+ strlcpy(tmptun->bindport, bindport, sizeof(tmptun->bindport));
+ }
++ if (tmptun->bindfib != bindfib) {
++ tmptun->bindfib = bindfib;
++ }
+ if (dstaddr) {
+ strlcpy(tmptun->destaddr, dstaddr, sizeof(tmptun->destaddr));
+ }
+@@ -380,7 +391,7 @@ mlvpn_config(int config_file_fd, int first_time)
+ {
+ log_info("config", "%s tunnel added", lastSection);
+ mlvpn_rtun_new(
+- lastSection, bindaddr, bindport, dstaddr, dstport,
++ lastSection, bindaddr, bindport, bindfib, dstaddr, dstport,
+ default_server_mode, timeout, fallback_only,
+ bwlimit, loss_tolerence);
+ }
Index: net/mlvpn/files/patch-src_mlvpn.h
===================================================================
--- /dev/null
+++ net/mlvpn/files/patch-src_mlvpn.h
@@ -0,0 +1,21 @@
+diff --git src/mlvpn.h src/mlvpn.h
+index fd4b911..daa9a4c 100644
+--- src/mlvpn.h
++++ src/mlvpn.h
+@@ -138,6 +138,7 @@ typedef struct mlvpn_tunnel_s
+ char *name; /* tunnel name */
+ char bindaddr[MLVPN_MAXHNAMSTR]; /* packets source */
+ char bindport[MLVPN_MAXPORTSTR]; /* packets port source (or NULL) */
++ uint32_t bindfib; /* FIB number to use */
+ char destaddr[MLVPN_MAXHNAMSTR]; /* remote server ip (can be hostname) */
+ char destport[MLVPN_MAXPORTSTR]; /* remote server port */
+ int fd; /* socket file descriptor */
+@@ -193,7 +194,7 @@ int mlvpn_rtun_wrr_reset(struct rtunhead *head, int use_fallbacks);
+ mlvpn_tunnel_t *mlvpn_rtun_wrr_choose();
+ mlvpn_tunnel_t *mlvpn_rtun_choose();
+ mlvpn_tunnel_t *mlvpn_rtun_new(const char *name,
+- const char *bindaddr, const char *bindport,
++ const char *bindaddr, const char *bindport, uint32_t bindfib,
+ const char *destaddr, const char *destport,
+ int server_mode, uint32_t timeout,
+ int fallback_only, uint32_t bandwidth,
Index: net/mlvpn/files/patch-src_mlvpn.c
===================================================================
--- /dev/null
+++ net/mlvpn/files/patch-src_mlvpn.c
@@ -0,0 +1,56 @@
+diff --git src/mlvpn.c src/mlvpn.c
+index 1dd27ea..8aaf67a 100644
+--- src/mlvpn.c
++++ src/mlvpn.c
+@@ -612,7 +612,7 @@ mlvpn_rtun_write(EV_P_ ev_io *w, int revents)
+
+ mlvpn_tunnel_t *
+ mlvpn_rtun_new(const char *name,
+- const char *bindaddr, const char *bindport,
++ const char *bindaddr, const char *bindport, uint32_t bindfib,
+ const char *destaddr, const char *destport,
+ int server_mode, uint32_t timeout,
+ int fallback_only, uint32_t bandwidth,
+@@ -668,6 +668,7 @@ mlvpn_rtun_new(const char *name,
+ strlcpy(new->bindaddr, bindaddr, sizeof(new->bindaddr));
+ if (bindport)
+ strlcpy(new->bindport, bindport, sizeof(new->bindport));
++ new->bindfib = bindfib;
+ if (destaddr)
+ strlcpy(new->destaddr, destaddr, sizeof(new->destaddr));
+ if (destport)
+@@ -795,6 +796,7 @@ static int
+ mlvpn_rtun_start(mlvpn_tunnel_t *t)
+ {
+ int ret, fd = -1;
++ int fib = 0;
+ char *addr, *port;
+ struct addrinfo hints, *res;
+
+@@ -803,9 +805,11 @@ mlvpn_rtun_start(mlvpn_tunnel_t *t)
+ {
+ addr = t->bindaddr;
+ port = t->bindport;
++ fib = t->bindfib;
+ } else {
+ addr = t->destaddr;
+ port = t->destport;
++ fib = t->bindfib;
+ }
+
+ /* Initialize hints */
+@@ -832,6 +836,14 @@ mlvpn_rtun_start(mlvpn_tunnel_t *t)
+ log_warn(NULL, "%s socket creation error",
+ t->name);
+ } else {
++#if defined(HAVE_FREEBSD) || defined(HAVE_OPENBSD)
++ /* Setting SO_SETFIB (fib) supported on FreeBSD and OpenBSD only */
++ if (setsockopt(fd, SOL_SOCKET, SO_SETFIB, &fib, sizeof(fib)) < 0)
++ {
++ log_warnx(NULL, "Cannot set FIB %d for kernel socket", fib);
++ goto error;
++ }
++#endif
+ t->fd = fd;
+ break;
+ }
Index: net/mlvpn/files/patch-src_tuntap__bsd.c
===================================================================
--- /dev/null
+++ net/mlvpn/files/patch-src_tuntap__bsd.c
@@ -0,0 +1,11 @@
+--- src/tuntap_bsd.c.orig 2016-03-10 14:57:37 UTC
++++ src/tuntap_bsd.c
+@@ -21,7 +21,7 @@ mlvpn_tuntap_read(struct tuntap_s *tunta
+ mlvpn_tunnel_t *rtun = NULL;
+ mlvpn_pkt_t *pkt;
+ ssize_t ret;
+- u_char data[DEFAULT_MTU]
++ u_char data[DEFAULT_MTU];
+ struct iovec iov[2];
+ uint32_t type;
+
Index: net/mlvpn/pkg-descr
===================================================================
--- /dev/null
+++ net/mlvpn/pkg-descr
@@ -0,0 +1,6 @@
+MLVPN allow to bond your internet links to increase bandwidth, secure your
+internet connection by actively monitoring your links and removing the faulty
+ones, without loosing your TCP connections and secure your internet connection
+to the aggregation server using cryptography.
+
+WWW: https://zehome.github.io/MLVPN/
Index: net/mlvpn/pkg-plist
===================================================================
--- /dev/null
+++ net/mlvpn/pkg-plist
@@ -0,0 +1,5 @@
+sbin/mlvpn
+man/man1/mlvpn.1.gz
+man/man5/mlvpn.conf.5.gz
+@sample %%ETCDIR%%/mlvpn.conf.sample
+%%ETCDIR%%/mlvpn_updown.sh

File Metadata

Mime Type
text/plain
Expires
Fri, Nov 28, 2:39 AM (23 h, 26 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
26271946
Default Alt Text
D6034.id15402.diff (14 KB)

Event Timeline