pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/trunk]: pkgsrc/net/knock 0.7:



details:   https://anonhg.NetBSD.org/pkgsrc/rev/3253cff39f54
branches:  trunk
changeset: 365446:3253cff39f54
user:      adam <adam%pkgsrc.org@localhost>
date:      Sun Jul 16 21:25:06 2017 +0000

description:
0.7:
- Document the 'target' configuration directive.
- Merging OS-specific networking code to reduce LOCs and the
  sea of #ifdefs.
- Added 50ms timeout to pcap_open_live() to reduce CPU usage
  on network-heavy hosts. Pcap recommends we not use zero.

0.6:
- Cleanup: Don't null-check before free
- Cleanup: Consolidate flag-check logic
- Accept single-knock sequences
- Introduce a 'target' configuration directive, enabling
  knockd to react to connect attempts to a target host.
  Useful in cases where knockd is on a router and you want
  to send a target a wakeup packet.

diffstat:

 net/knock/Makefile                   |   10 +-
 net/knock/PLIST                      |    6 +-
 net/knock/distinfo                   |   12 +-
 net/knock/patches/patch-Makefile.in  |   31 ---
 net/knock/patches/patch-src_knockd.c |  292 -----------------------------------
 5 files changed, 16 insertions(+), 335 deletions(-)

diffs (truncated from 395 to 300 lines):

diff -r 8917120e42af -r 3253cff39f54 net/knock/Makefile
--- a/net/knock/Makefile        Sun Jul 16 21:02:09 2017 +0000
+++ b/net/knock/Makefile        Sun Jul 16 21:25:06 2017 +0000
@@ -1,7 +1,6 @@
-# $NetBSD: Makefile,v 1.7 2013/02/06 19:30:58 jperkin Exp $
+# $NetBSD: Makefile,v 1.8 2017/07/16 21:25:06 adam Exp $
 
-DISTNAME=      knock-0.5
-PKGREVISION=   2
+DISTNAME=      knock-0.7
 CATEGORIES=    net
 MASTER_SITES=  http://www.zeroflux.org/proj/knock/files/
 
@@ -13,7 +12,7 @@
 USE_LANGUAGES=         c
 USE_TOOLS+=            gmake
 GNU_CONFIGURE=         yes
-CONFIGURE_ARGS+=       --sysconfdir=${PKG_SYSCONFDIR}
+CONFIGURE_ARGS+=       --sysconfdir=${EGDIR}
 
 BUILD_DEFS+=   VARBASE
 
@@ -29,5 +28,8 @@
 SUBST_SED.paths=       -e 's,"/etc,"${PKG_SYSCONFDIR},g'
 SUBST_SED.paths+=      -e 's,"/var,"${VARBASE},g'
 
+post-install:
+       cd ${DESTDIR}${PREFIX}/${PKGMANDIR} && ${MV} man1/knockd.1 man8/knockd.8 || ${TRUE}
+
 .include "../../net/libpcap/buildlink3.mk"
 .include "../../mk/bsd.pkg.mk"
diff -r 8917120e42af -r 3253cff39f54 net/knock/PLIST
--- a/net/knock/PLIST   Sun Jul 16 21:02:09 2017 +0000
+++ b/net/knock/PLIST   Sun Jul 16 21:25:06 2017 +0000
@@ -1,6 +1,10 @@
-@comment $NetBSD: PLIST,v 1.2 2011/05/02 10:11:34 adam Exp $
+@comment $NetBSD: PLIST,v 1.3 2017/07/16 21:25:06 adam Exp $
 bin/knock
 man/man1/knock.1
 man/man8/knockd.8
 sbin/knockd
+share/doc/knock/COPYING
+share/doc/knock/ChangeLog
+share/doc/knock/README.md
+share/doc/knock/TODO
 share/examples/knock/knockd.conf
diff -r 8917120e42af -r 3253cff39f54 net/knock/distinfo
--- a/net/knock/distinfo        Sun Jul 16 21:02:09 2017 +0000
+++ b/net/knock/distinfo        Sun Jul 16 21:25:06 2017 +0000
@@ -1,9 +1,7 @@
-$NetBSD: distinfo,v 1.3 2015/11/04 00:35:07 agc Exp $
+$NetBSD: distinfo,v 1.4 2017/07/16 21:25:06 adam Exp $
 
-SHA1 (knock-0.5.tar.gz) = 26f3b2f2d698bc6978390ef6e93c628361605059
-RMD160 (knock-0.5.tar.gz) = 089ea289a51478a89945c46469b378c3b33fff6d
-SHA512 (knock-0.5.tar.gz) = c5f7f3320d4d9a41847dba0cda4d66852f983db419b23d3bf9c83d44a41ba437379bf6cee47a096c600841e321740849dac26d5c3afff9b3ae0178a2fcb6c35e
-Size (knock-0.5.tar.gz) = 83990 bytes
-SHA1 (patch-Makefile.in) = c42b1ec9ef1eb91402a078fd6a93938d197eebce
+SHA1 (knock-0.7.tar.gz) = 186a687c9db11733cf23a7423884a863873ebb27
+RMD160 (knock-0.7.tar.gz) = 09a85c7cc7e4eacf1b144a3cfe06737a0308759c
+SHA512 (knock-0.7.tar.gz) = eab5d855f7111d9411e84a56a15e8ea74f41c5bd9dee27ab49f0d8d509eeeb96a60c508928c92916dc0ec9b737c447ca8ca5ed4db6479b389549d60e76a85aa7
+Size (knock-0.7.tar.gz) = 110791 bytes
 SHA1 (patch-doc_knockd.1.in) = 88a7f4a1fd632c4928820858da71f7e39d3b1f43
-SHA1 (patch-src_knockd.c) = b8602ac54f6e05dabe6054907712a4269f87ee12
diff -r 8917120e42af -r 3253cff39f54 net/knock/patches/patch-Makefile.in
--- a/net/knock/patches/patch-Makefile.in       Sun Jul 16 21:02:09 2017 +0000
+++ /dev/null   Thu Jan 01 00:00:00 1970 +0000
@@ -1,31 +0,0 @@
-$NetBSD: patch-Makefile.in,v 1.1 2011/05/02 10:11:34 adam Exp $
-
-Fix installation.
-
---- Makefile.in.orig   2010-11-30 10:30:02.000000000 +0000
-+++ Makefile.in
-@@ -28,6 +28,7 @@ VERSION = 0.5
- BINDIR  = @bindir@
- SBINDIR = @sbindir@
- MANDIR  = @mandir@
-+DATADIR = @datadir@
- 
- INSTALL = @INSTALL@
- INSTALL_PROGRAM = @INSTALL_PROGRAM@ $(AM_INSTALL_PROGRAM_FLAGS)
-@@ -68,11 +68,11 @@ dist: distclean
-       (cd ..; tar czvf knock-$(VERSION).tar.gz knock-$(VERSION))
- 
- install: all
--      $(INSTALL) -D -m0755 knockd $(DESTDIR)$(SBINDIR)/knockd
--      $(INSTALL) -D -m0755 knock $(DESTDIR)$(BINDIR)/knock
--      $(INSTALL) -D -m0644 $(MANSRC)knockd.1 $(DESTDIR)$(MANDIR)/man1/knockd.1
--      $(INSTALL) -D -m0644 $(MANSRC)knock.1 $(DESTDIR)$(MANDIR)/man1/knock.1
--      $(INSTALL) -D -m0644 knockd.conf $(DESTDIR)/etc/knockd.conf
-+      ${BSD_INSTALL_PROGRAM} knockd $(DESTDIR)$(SBINDIR)/knockd
-+      ${BSD_INSTALL_PROGRAM} knock $(DESTDIR)$(BINDIR)/knock
-+      ${BSD_INSTALL_MAN} $(MANSRC)knockd.1 $(DESTDIR)$(MANDIR)/man8/knockd.8
-+      ${BSD_INSTALL_MAN} $(MANSRC)knock.1 $(DESTDIR)$(MANDIR)/man1/knock.1
-+      ${BSD_INSTALL_DATA} knockd.conf $(DESTDIR)$(DATADIR)/examples/knock/knockd.conf
- 
- clean:
-       rm -f *~ $(OBJDIR)*.o $(MANSRC)*.1
diff -r 8917120e42af -r 3253cff39f54 net/knock/patches/patch-src_knockd.c
--- a/net/knock/patches/patch-src_knockd.c      Sun Jul 16 21:02:09 2017 +0000
+++ /dev/null   Thu Jan 01 00:00:00 1970 +0000
@@ -1,292 +0,0 @@
-$NetBSD: patch-src_knockd.c,v 1.1 2011/05/02 10:11:34 adam Exp $
-
-Use correct network structures.
-Re-open log file on SIGHUP.
-
---- src/knockd.c.orig  2005-06-27 05:11:34.000000000 +0000
-+++ src/knockd.c
-@@ -28,18 +28,20 @@
- #include <ctype.h>
- #include <string.h>
- #include <fcntl.h>
-+#include <sys/param.h>
-+#include <sys/time.h>
-+#include <sys/socket.h>
-+#include <sys/types.h>
-+#include <sys/wait.h>
-+#include <sys/ioctl.h>
-+#include <net/if.h>
- #include <netinet/in.h>
-+#include <netinet/in_systm.h>
- #include <netinet/if_ether.h>
- #include <netinet/ip.h>
- #include <netinet/tcp.h>
- #include <netinet/udp.h>
- #include <netinet/ip_icmp.h>
--#include <net/if.h>
--#include <bits/time.h>
--#include <sys/socket.h>
--#include <sys/types.h>
--#include <sys/wait.h>
--#include <sys/ioctl.h>
- #include <arpa/inet.h>
- #include <netdb.h>
- #include <getopt.h>
-@@ -193,7 +195,7 @@ int main(int argc, char **argv)
-               }
-       }
- 
--      cap = pcap_open_live(o_int, 65535, 0, 0, pcapErr);
-+      cap = pcap_open_live(o_int, 65535, 0, 1000, pcapErr);
-       if(strlen(pcapErr)) {
-               fprintf(stderr, "could not open %s: %s\n", o_int, pcapErr);
-       }
-@@ -371,7 +373,18 @@ void read_cfg(int signum)
-       }
-       list_free(doors);
- 
-+      if(logfd) {
-+              fclose(logfd);
-+              logfd = NULL;
-+      }
-       parseconfig(o_cfg);
-+      if(strlen(o_logfile)) {
-+              /* open the log file */
-+              logfd = fopen(o_logfile, "a");
-+              if(logfd == NULL) {
-+                      perror("warning: cannot open logfile");
-+              }
-+      }
-       return;
- }
- 
-@@ -1161,8 +1174,8 @@ int exec_cmd(char* command, char* name){
- void sniff(u_char* arg, const struct pcap_pkthdr* hdr, const u_char* packet)
- {
-       /* packet structs */
--      struct ethhdr* eth = NULL;
--      struct iphdr* ip   = NULL;
-+      struct ether_header* eth = NULL;
-+      struct ip* ip   = NULL;
-       struct tcphdr* tcp = NULL;
-       struct udphdr* udp = NULL;
-       char proto[8];
-@@ -1179,23 +1192,23 @@ void sniff(u_char* arg, const struct pca
-       knocker_t *attempt = NULL;
- 
-       if(lltype == DLT_EN10MB) {
--              eth = (struct ethhdr*)packet;
--              if(ntohs(eth->h_proto) != ETH_P_IP) {
-+              eth = (struct ether_header*)packet;
-+              if(ntohs(eth->ether_type) != ETHERTYPE_IP) {
-                       return;
-               }
--              ip = (struct iphdr*)(packet + sizeof(struct ethhdr));
-+              ip = (struct ip*)(packet + sizeof(struct ether_header));
-       } else if(lltype == DLT_LINUX_SLL) {
--              ip = (struct iphdr*)((u_char*)packet + 16);
-+              ip = (struct ip*)((u_char*)packet + 16);
-       } else if(lltype == DLT_RAW) {
--              ip = (struct iphdr*)((u_char*)packet);
-+              ip = (struct ip*)((u_char*)packet);
-       }
-       
--      if(ip->version != 4) {
-+      if(ip->ip_v != 4) {
-               /* no IPv6 yet */
-               dprint("packet is not IPv4, ignoring...\n");
-               return;
-       }
--      if(ip->protocol == IPPROTO_ICMP) {
-+      if(ip->ip_p == IPPROTO_ICMP) {
-               /* we don't do ICMP */
-               return;
-       }
-@@ -1207,23 +1220,23 @@ void sniff(u_char* arg, const struct pca
-               fprintf(stderr, "error: could not understand IP address: %s\n", myip);
-               return;
-       }
--      if(ip->daddr != inaddr.s_addr) {
-+      if(ip->ip_dst.s_addr != inaddr.s_addr) {
-               dprint("packet destined for another host, ignoring...\n");
-               return;
-       }
-       
-       sport = dport = 0;
--      if(ip->protocol == IPPROTO_TCP) {
-+      if(ip->ip_p == IPPROTO_TCP) {
-               strncpy(proto, "tcp", sizeof(proto));
--              tcp = (struct tcphdr*)((u_char*)ip + (ip->ihl * 4));
--              sport = ntohs(tcp->source);
--              dport = ntohs(tcp->dest);
-+              tcp = (struct tcphdr*)((u_char*)ip + (ip->ip_hl * 4));
-+              sport = ntohs(tcp->th_sport);
-+              dport = ntohs(tcp->th_dport);
-       }
--      if(ip->protocol == IPPROTO_UDP) {
-+      if(ip->ip_p == IPPROTO_UDP) {
-               strncpy(proto, "udp", sizeof(proto));
--              udp = (struct udphdr*)((u_char*)ip + (ip->ihl * 4));
--              sport = ntohs(udp->source);
--              dport = ntohs(udp->dest);
-+              udp = (struct udphdr*)((u_char*)ip + (ip->ip_hl * 4));
-+              sport = ntohs(udp->uh_sport);
-+              dport = ntohs(udp->uh_dport);
-       }
- 
-       /* get the date/time */
-@@ -1234,10 +1247,10 @@ void sniff(u_char* arg, const struct pca
-                       pkt_tm->tm_sec);
- 
-       /* convert IPs from binary to string */
--      inaddr.s_addr = ip->saddr;
-+      inaddr.s_addr = ip->ip_src.s_addr;
-       strncpy(srcIP, inet_ntoa(inaddr), sizeof(srcIP)-1);
-       srcIP[sizeof(srcIP)-1] = '\0';
--      inaddr.s_addr = ip->daddr;
-+      inaddr.s_addr = ip->ip_dst.s_addr;
-       strncpy(dstIP, inet_ntoa(inaddr), sizeof(dstIP)-1);
-       dstIP[sizeof(dstIP)-1] = '\0';
- 
-@@ -1297,69 +1310,69 @@ void sniff(u_char* arg, const struct pca
-               /* if tcp, check the flags to ignore the packets we don't want
-                * (don't even use it to cancel sequences)
-                */
--              if(ip->protocol == IPPROTO_TCP) {
-+              if(ip->ip_p == IPPROTO_TCP) {
-                       if(attempt->door->flag_fin != DONT_CARE) {
--                              if(attempt->door->flag_fin == SET && tcp->fin != 1) {
-+                              if(attempt->door->flag_fin == SET && !(tcp->th_flags & TH_FIN)) {
-                                       dprint("packet is not FIN, ignoring...\n");
-                                       flagsmatch = 0;
-                               }
--                              if(attempt->door->flag_fin == NOT_SET && tcp->fin == 1) {
-+                              if(attempt->door->flag_fin == NOT_SET && (tcp->th_flags & TH_FIN)) {
-                                       dprint("packet is not !FIN, ignoring...\n");
-                                       flagsmatch = 0;
-                               }
-                       }
-                       if(attempt->door->flag_syn != DONT_CARE) {
--                              if(attempt->door->flag_syn == SET && tcp->syn != 1) {
-+                              if(attempt->door->flag_syn == SET && !(tcp->th_flags & TH_SYN)) {
-                                       dprint("packet is not SYN, ignoring...\n");
-                                       flagsmatch = 0;
-                               }
--                              if(attempt->door->flag_syn == NOT_SET && tcp->syn == 1) {
-+                              if(attempt->door->flag_syn == NOT_SET && (tcp->th_flags & TH_SYN)) {
-                                       dprint("packet is not !SYN, ignoring...\n");
-                                       flagsmatch = 0;
-                               }
-                       }
-                       if(attempt->door->flag_rst != DONT_CARE) {
--                              if(attempt->door->flag_rst == SET && tcp->rst != 1) {
-+                              if(attempt->door->flag_rst == SET && !(tcp->th_flags & TH_RST)) {
-                                       dprint("packet is not RST, ignoring...\n");
-                                       flagsmatch = 0;
-                               }
--                              if(attempt->door->flag_rst == NOT_SET && tcp->rst == 1) {
-+                              if(attempt->door->flag_rst == NOT_SET && (tcp->th_flags & TH_RST)) {
-                                       dprint("packet is not !RST, ignoring...\n");
-                                       flagsmatch = 0;
-                               }
-                       }
-                       if(attempt->door->flag_psh != DONT_CARE) {
--                              if(attempt->door->flag_psh == SET && tcp->psh != 1) {
-+                              if(attempt->door->flag_psh == SET && !(tcp->th_flags & TH_PUSH)) {
-                                       dprint("packet is not PSH, ignoring...\n");
-                                       flagsmatch = 0;



Home | Main Index | Thread Index | Old Index