Difuse/packages
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge branch 'openwrt:master' into master

Browse source
This commit is contained in:
Hayzam Sherif 2023-03-11 22:38:21 +05:30 committed by GitHub
commit 2d4ac8b280
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
29 changed files with 1410 additions and 9414 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
lang/lua-eco/Makefile
View file

@ -1,12 +1,12 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=lua-eco
PKG_VERSION:=2.1.0
PKG_VERSION:=2.2.0
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL=https://github.com/zhaojh329/lua-eco/releases/download/v$(PKG_VERSION)
PKG_HASH:=0e6d1906f15f350a825a4325cd579251baf6eb4b7ce6ef88f57357de49c0e00e
PKG_HASH:=b45073ba93123d93ab7521b1e699c0f8f8f7de513342b16e2115a0f5a26f8014
PKG_MAINTAINER:=Jianhui Zhao <zhaojh329@gmail.com>
PKG_LICENSE:=MIT

95
lang/rust/Config.in Normal file
View file

@ -0,0 +1,95 @@
# Rust Language Options
menu "Compiler Options"
visible if PACKAGE_rust
config RUST_DEBUG
bool "Enables Debugging Environment (--enable-debug)"
config RUST_DOCS
bool "Build standard library documentation (--enable-docs)"
config RUST_COMPILER_DOCS
bool "Build compiler documentation (--enable-compiler-docs)"
config RUST_OPTIMIZE_TESTS
bool "Build tests with optimizations (--enable-optimized-tests)"
config RUST_PARALLEL
bool "Build with multi-threaded support (--enable-parallel-compiler)"
config RUST_VERBOSE_TESTS
bool "Enable verbose output when running tests (--enable-verbose-tests)"
config RUST_CCACHE
bool "Build with ccache enabled (--enable-ccache)"
config RUST_LLVM_STATIC
bool "Statically link to libstdc++ to LLVM (--enable-llvm-static-stdccp)"
config RUST_LLVM_SHARED
bool "Prefer shared linking to LLVM (--enable-llvm-link-shared)"
config RUST_CODEGEN_TESTS
bool "Run the src/test/codegen tests (--enable-codegen-tests)"
config RUST_OPTION_CHECKING
bool "Complain about unrecognized options in this configure script (--enable-option-checking)"
default y
config RUST_ENABLE_NINJA
bool "Build LLVM using the Ninja generator (--enable-ninja)"
default y
config RUST_LOCKED_DEPS
bool "Force Cargo.lock to be up to date (--enable-locked-deps)"
config RUST_VENDOR
bool "Enable usage of vendored Rust crates (--enable-vendor)"
config RUST_SANITIZERS
bool "Build the sanitizer runtimes (asan, lsan, msan, tsan) (--enable-sanitizers)"
config RUST_DIST_SRC
bool "When building tarballs enables building a source tarball (--enable-dist-src)"
config RUST_CARGO_NATIVE_STATIC
bool "Build static native libraries in Cargo (--enable-cargo-native-static)"
config RUST_PROFILER
bool "Build the profiler runtime (--enable-profiler)"
config RUST_FULL_TOOLS
bool "Build all tools (--enable-full-tools)"
config RUST_MISSING_TOOLS
bool "Allow failures when building tools (--enable-missing-tools)"
default y
config RUST_USE_LIBCXX
bool "Build LLVM with libc++ (--enable-use-libcxx)"
config RUST_CONTROL_FLOW_GUARD
bool "Enable Control Flow Guard (--enable-control-flow-guard)"
config RUST_OPTIMIZE_LLVM
bool "Build optimized LLVM (--enable-optimize-llvm)"
default y
config RUST_LLVM_ASSERTIONS
bool "Build LLVM with assertions (--enable-llvm-assertions)"
config RUST_DEBUG_ASSERTIONS
bool "Build with debugging assertions (--enable-debug-assertions)"
config RUST_LLVM_RELEASE_DEBUGINFO
bool "Build LLVM with debugger metadata (--enable-llvm-release-debuginfo)"
config RUST_MANAGE_SUBMODULES
bool "Let the build manage the git submodules (--enable-manage-submodules)"
default y
config RUST_FULL_BOOTSTRAP
bool "Full Bootstrap - Build three compilers instead of two (--enable-full-bootstrap)"
endmenu

141
lang/rust/Makefile Normal file
View file

@ -0,0 +1,141 @@
# SPDX-License-Identifier: GPL-2.0-only
#
# Copyright (C) 2023 Luca Barbato and Donald Hoskins
include $(TOPDIR)/rules.mk
PKG_NAME:=rust
PKG_VERSION:=1.67.1
PKG_RELEASE:=1
PKG_SOURCE:=rustc-$(PKG_VERSION)-src.tar.gz
PKG_SOURCE_URL:=https://static.rust-lang.org/dist/
PKG_HASH:=46483d3e5de85a3bd46f8e7a3ae1837496391067dbe713a25d3cf051b3d9ff6e
HOST_BUILD_DIR:=$(BUILD_DIR_HOST)/rustc-$(PKG_VERSION)-src/
PKG_MAINTAINER:=Luca Barbato <lu_zero@luminem.org>
PKG_LICENSE:=Apache-2.0 MIT
PKG_LICENSE_FILES:=LICENSE-APACHE LICENSE-MIT
HOST_BUILD_DEPENDS:=python3/host
PKG_HOST_ONLY:=1
include $(INCLUDE_DIR)/package.mk
include $(INCLUDE_DIR)/host-build.mk
# rust environment variables
include ./rust-host.mk
# Rust Temp Directory
RUST_TMP_DIR:=$(TMP_DIR)/rust-install
RUST_INSTALL_HOST_FILENAME:=$(PKG_NAME)-$(PKG_VERSION)-$(RUSTC_HOST_ARCH)-install.tar.xz
RUST_INSTALL_TARGET_FILENAME:=$(PKG_NAME)-$(PKG_VERSION)-$(RUSTC_TARGET_ARCH)-install.tar.xz
# Rust-lang has an uninstall script
RUST_UNINSTALL:=$(CARGO_HOME)/lib/rustlib/uninstall.sh
# Target Flags
TARGET_CONFIGURE_ARGS = \
--set=target.$(RUSTC_TARGET_ARCH).ar=$(TARGET_AR) \
--set=target.$(RUSTC_TARGET_ARCH).cc=$(TARGET_CC_NOCACHE) \
--set=target.$(RUSTC_TARGET_ARCH).cxx=$(TARGET_CXX_NOCACHE) \
--set=target.$(RUSTC_TARGET_ARCH).linker=$(TARGET_CC_NOCACHE) \
--set=target.$(RUSTC_TARGET_ARCH).musl-root=$(TOOLCHAIN_DIR) \
--set=target.$(RUSTC_TARGET_ARCH).ranlib=$(TARGET_RANLIB)
# CARGO_HOME is an environmental
HOST_CONFIGURE_OPTS += CARGO_HOME="$(CARGO_HOME)"
# Rust Configuration Arguments
HOST_CONFIGURE_ARGS = \
--build=$(RUSTC_HOST_ARCH) \
--target=$(RUSTC_TARGET_ARCH),$(RUSTC_HOST_ARCH) \
--host=$(RUSTC_HOST_ARCH) \
--prefix=$(CARGO_HOME) \
--bindir=$(CARGO_HOME)/bin \
--libdir=$(CARGO_HOME)/lib \
--sysconfdir=$(CARGO_HOME)/etc \
--datadir=$(CARGO_HOME)/share \
--mandir=$(CARGO_HOME)/man \
--dist-compression-formats=xz \
--enable-llvm-link-shared \
--enable-llvm-plugins \
--enable-missing-tools \
--enable-ninja \
--disable-sanitizers \
--release-channel=stable \
--enable-cargo-native-static \
$(TARGET_CONFIGURE_ARGS)
define Host/Prepare
# Ensure rust temp directory
[ -d $(RUST_TMP_DIR) ] || \
mkdir -p $(RUST_TMP_DIR)
$(call Host/Prepare/Default)
endef
define Host/Uninstall
# Call the Uninstall script
[ -f $(RUST_UNINSTALL) ] && \
$(BASH) $(RUST_UNINSTALL) || echo No Uninstall
rm -rf $(RUST_TMP_DIR)
endef
# Makes and then packages the dist artifacts
define Host/Compile
cd $(HOST_BUILD_DIR) && \
$(PYTHON) x.py --config ./config.toml dist build-manifest cargo llvm-tools \
rustc rust-std rust-src
$(call Host/PackageDist)
endef
# Distribution Artifacts are packaged by Host/PackageDist
# We just need to extract and install
define Host/Install
$(TAR) -C $(RUST_TMP_DIR) -xJf $(DL_DIR)/$(RUST_INSTALL_HOST_FILENAME) && \
$(TAR) -C $(RUST_TMP_DIR) -xJf $(DL_DIR)/$(RUST_INSTALL_TARGET_FILENAME)
cd $(RUST_TMP_DIR) && \
find -iname "*.xz" -exec tar -xJf {} ";" && \
find ./* -type f -name install.sh -execdir sh {} --prefix=$(CARGO_HOME) --disable-ldconfig \;
echo -e "[target.$(RUSTC_TARGET_ARCH)]\nlinker = \"$(TARGET_CC_NOCACHE)\"\nrustflags = [\"-Ctarget-feature=-crt-static\", \"-Clink-args=$(RUSTC_LDFLAGS)\"]" > $(CARGO_HOME)/config
echo -e "\n[profile.stripped]\ninherits = \"release\"\nopt-level = \"s\"\nstrip = true" >> $(CARGO_HOME)/config
endef
# Packages the Distribution Artifacts into HOST and TARGET bundles.
define Host/PackageDist
( \
cd $(HOST_BUILD_DIR)/build/dist ; \
$(TAR) -cJf $(DL_DIR)/$(RUST_INSTALL_TARGET_FILENAME) \
rust-*-$(RUSTC_TARGET_ARCH).tar.xz ; \
$(TAR) -cJf $(DL_DIR)/$(RUST_INSTALL_HOST_FILENAME) \
--exclude rust-*-$(RUSTC_TARGET_ARCH).tar.xz *.xz ; \
)
endef
define Package/rust
SECTION:=lang
CATEGORY:=Languages
TITLE:=Rust Programming Language Compiler
URL:=https://www.rust-lang.org/
DEPENDS:=$(RUST_ARCH_DEPENDS) \
+pkg-config +libunwind +libopenssl +liblzma +libc
endef
define Package/rust/description
Rust is a multi-paradigm, general-purpose programming language designed for performance
and safety, especially safe concurrency. Rust is syntactically similar to C++, but can
guarantee memory safety by using a borrow checker to validate references.
endef
define Package/rust/config
source "$(SOURCE)/Config.in"
endef
$(eval $(call HostBuild))
$(eval $(call BuildPackage,rust))

53
lang/rust/maturin/Makefile Normal file
View file

@ -0,0 +1,53 @@
# SPDX-License-Identifier: GPL-2.0-only
#
# Copyright (C) 2023 Luca Barbato
include $(TOPDIR)/rules.mk
PKG_NAME:=maturin
PKG_VERSION:=0.14.10
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/PyO3/maturin/tar.gz/v$(PKG_VERSION)?
PKG_HASH:=8fc9bcdcb7f1535d5e3e8bb500c348ca1bff5a6dce87b0ab7dbc5a49723da28a
PKG_MAINTAINER:=Luca Barbato <lu_zero@luminem.org>
PKG_LICENSE:=Apache-2.0 MIT
PKG_LICENSE_FILES:=license-apache license-mit
HOST_BUILD_DEPENDS:=rust/host
PKG_BUILD_DEPENDS:=rust/host
PKG_BUILD_PARALLEL:=1
PKG_HOST_ONLY:=1
include ../rust-package.mk
include $(INCLUDE_DIR)/host-build.mk
include $(INCLUDE_DIR)/package.mk
define Package/maturin
SECTION:=lang
CATEGORY:=Languages
SUBMENU:=Rust
TITLE:=Build and publish crates as python packages
DEPENDS:=$(RUST_ARCH_DEPENDS)
URL:=https://maturin.rs
endef
define Host/Compile
$(call Host/Compile/Cargo)
endef
define Package/maturin/description
Build and publish crates with pyo3, rust-cpython, cffi and uniffi
bindings as well as rust binaries as python packages.
endef
define Host/Install
$(INSTALL_DIR) $(STAGING_DIR_HOSTPKG)/bin
$(INSTALL_BIN) $(HOST_INSTALL_DIR)/bin/maturin $(STAGING_DIR_HOSTPKG)/bin/maturin
endef
$(eval $(call HostBuild))
$(eval $(call BuildPackage,maturin))

573
lang/rust/patches/0001-Update-xz2-and-use-it-static.patch Normal file
View file

@ -0,0 +1,573 @@
From cfa7506a303537ee7211bd46c39a96bbc5cea9cf Mon Sep 17 00:00:00 2001
From: Luca Barbato <lu_zero@gentoo.org>
Date: Fri, 27 Jan 2023 15:34:36 +0100
Subject: [PATCH] Update xz2 and lzma-sys
And use the static build.
---
Cargo.lock | 140 +++++++--------------------------------
src/bootstrap/Cargo.lock | 8 +--
src/bootstrap/Cargo.toml | 2 +-
3 files changed, 28 insertions(+), 122 deletions(-)
diff --git a/Cargo.lock b/Cargo.lock
index 6a15105805e..d4ecc363071 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -295,45 +295,44 @@ version = "1.0.9"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "869119e97797867fd90f5e22af7d0bd274bd4635ebb9eb68c04f3f513ae6c412"
dependencies = [
"serde",
]
[[package]]
name = "cargo"
-version = "0.68.0"
+version = "0.67.1"
dependencies = [
"anyhow",
+ "atty",
"base64",
"bytesize",
"cargo-platform 0.1.2",
"cargo-test-macro",
"cargo-test-support",
"cargo-util",
"clap 4.0.15",
"crates-io",
"curl",
"curl-sys",
- "env_logger 0.10.0",
+ "env_logger 0.9.0",
"filetime",
"flate2",
"fwdansi",
"git2",
"git2-curl",
"glob",
"hex 0.4.2",
"hmac",
"home",
- "http-auth",
"humantime 2.0.1",
"ignore",
"im-rc",
"indexmap",
- "is-terminal",
"itertools",
"jobserver",
"lazy_static",
"lazycell",
"libc",
"libgit2-sys",
"log",
"memchr",
@@ -363,38 +362,38 @@ dependencies = [
"unicode-xid",
"url",
"walkdir",
"winapi",
]
[[package]]
name = "cargo-credential"
-version = "0.2.0"
+version = "0.1.0"
[[package]]
name = "cargo-credential-1password"
-version = "0.2.0"
+version = "0.1.0"
dependencies = [
"cargo-credential",
"serde",
"serde_json",
]
[[package]]
name = "cargo-credential-macos-keychain"
-version = "0.2.0"
+version = "0.1.0"
dependencies = [
"cargo-credential",
"security-framework",
]
[[package]]
name = "cargo-credential-wincred"
-version = "0.2.0"
+version = "0.1.0"
dependencies = [
"cargo-credential",
"winapi",
]
[[package]]
name = "cargo-miri"
version = "0.1.0"
@@ -438,38 +437,39 @@ dependencies = [
"cargo-util",
"crates-io",
"filetime",
"flate2",
"git2",
"glob",
"itertools",
"lazy_static",
+ "remove_dir_all",
"serde_json",
"snapbox",
"tar",
"termcolor",
"toml_edit",
"url",
"winapi",
]
[[package]]
name = "cargo-util"
-version = "0.2.3"
+version = "0.2.2"
dependencies = [
"anyhow",
"core-foundation",
"crypto-hash",
"filetime",
"hex 0.4.2",
"jobserver",
"libc",
"log",
- "miow 0.5.0",
+ "miow",
"same-file",
"shell-escape",
"tempfile",
"walkdir",
"winapi",
]
[[package]]
@@ -832,17 +832,17 @@ version = "0.0.0"
dependencies = [
"colored",
"diff",
"getopts",
"glob",
"lazy_static",
"lazycell",
"libc",
- "miow 0.3.7",
+ "miow",
"miropt-test-tools",
"regex",
"rustfix",
"serde",
"serde_json",
"tracing",
"tracing-subscriber",
"unified-diff",
@@ -857,43 +857,43 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "70489bbb718aea4f92e5f48f2e3b5be670c2051de30e57cb6e5377b4aa08b372"
dependencies = [
"diff",
"filetime",
"getopts",
"lazy_static",
"libc",
"log",
- "miow 0.3.7",
+ "miow",
"regex",
"rustfix",
"serde",
"serde_derive",
"serde_json",
"tempfile",
"tester",
"winapi",
]
[[package]]
name = "concolor"
-version = "0.0.9"
+version = "0.0.8"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "b90f9dcd9490a97db91a85ccd79e38a87e14323f0bb824659ee3274e9143ba37"
+checksum = "015267563b1df20adccdd00cb05257b1dfbea70a04928e9cf88ffb850c1a40af"
dependencies = [
"atty",
"bitflags",
"concolor-query",
]
[[package]]
name = "concolor-query"
-version = "0.1.0"
+version = "0.0.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "82a90734b3d5dcf656e7624cca6bce9c3a90ee11f900e80141a7427ccfb3d317"
+checksum = "d6417fe6fc03a8b533fd2177742eeb39a90c7233eedec7bac96d4d6b69a09449"
[[package]]
name = "content_inspector"
version = "0.2.4"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b7bda66e858c683005a53a9a60c69a4aca7eeaa45d124526e389f7aec8e62f38"
dependencies = [
"memchr",
@@ -939,17 +939,17 @@ version = "0.2.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "28d997bd5e24a5928dd43e46dc529867e207907fe0b239c3477d924f7f2ca320"
dependencies = [
"libc",
]
[[package]]
name = "crates-io"
-version = "0.35.0"
+version = "0.34.0"
dependencies = [
"anyhow",
"curl",
"percent-encoding",
"serde",
"serde_json",
"url",
]
@@ -1258,50 +1258,16 @@ checksum = "0b2cf0344971ee6c64c31be0d530793fba457d322dfec2810c453d0ef228f9c3"
dependencies = [
"atty",
"humantime 2.0.1",
"log",
"regex",
"termcolor",
]
-[[package]]
-name = "env_logger"
-version = "0.10.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "85cdab6a89accf66733ad5a1693a4dcced6aeff64602b634530dd73c1f3ee9f0"
-dependencies = [
- "humantime 2.0.1",
- "is-terminal",
- "log",
- "regex",
- "termcolor",
-]
-
-[[package]]
-name = "errno"
-version = "0.2.8"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "f639046355ee4f37944e44f60642c6f3a7efa3cf6b78c78a0d989a8ce6c396a1"
-dependencies = [
- "errno-dragonfly",
- "libc",
- "winapi",
-]
-
-[[package]]
-name = "errno-dragonfly"
-version = "0.1.2"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "aa68f1b12764fab894d2755d2518754e71b4fd80ecfb822714a1206c2aab39bf"
-dependencies = [
- "cc",
- "libc",
-]
-
[[package]]
name = "error_index_generator"
version = "0.0.0"
dependencies = [
"mdbook",
]
[[package]]
@@ -1795,25 +1761,16 @@ dependencies = [
"log",
"mac",
"markup5ever",
"proc-macro2",
"quote",
"syn",
]
-[[package]]
-name = "http-auth"
-version = "0.1.6"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "c0b40b39d66c28829a0cf4d09f7e139ff8201f7500a5083732848ed3b4b4d850"
-dependencies = [
- "memchr",
-]
-
[[package]]
name = "humantime"
version = "1.3.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "df004cfca50ef23c36850aaaa59ad52cc70d0e90243c3c7737a4dd32dc7a3c4f"
dependencies = [
"quick-error",
]
@@ -2004,38 +1961,16 @@ dependencies = [
name = "intl_pluralrules"
version = "7.0.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "078ea7b7c29a2b4df841a7f6ac8775ff6074020c6776d48491ce2268e068f972"
dependencies = [
"unic-langid",
]
-[[package]]
-name = "io-lifetimes"
-version = "1.0.2"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "e394faa0efb47f9f227f1cd89978f854542b318a6f64fa695489c9c993056656"
-dependencies = [
- "libc",
- "windows-sys",
-]
-
-[[package]]
-name = "is-terminal"
-version = "0.4.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "aae5bc6e2eb41c9def29a3e0f1306382807764b9b53112030eff57435667352d"
-dependencies = [
- "hermit-abi 0.2.6",
- "io-lifetimes",
- "rustix",
- "windows-sys",
-]
-
[[package]]
name = "itertools"
version = "0.10.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b0fd2260e829bddf4cb6ea802289de2f86d6a7a690192fbe91b3f46e0f2c8473"
dependencies = [
"either",
]
@@ -2235,22 +2170,16 @@ checksum = "7fb9b38af92608140b86b693604b9ffcc5824240a484d1ecd4795bacb2fe88f3"
name = "lint-docs"
version = "0.1.0"
dependencies = [
"serde_json",
"tempfile",
"walkdir",
]
-[[package]]
-name = "linux-raw-sys"
-version = "0.1.3"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "8f9f08d8963a6c613f4b1a78f4f4a4dbfadf8e6545b2d72861731e4858b8b47f"
-
[[package]]
name = "litemap"
version = "0.6.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "f34a3f4798fac63fb48cf277eefa38f94d3443baff555bb98e4f56bc9092368e"
[[package]]
name = "lld-wrapper"
@@ -2272,19 +2201,19 @@ version = "0.4.14"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "51b9bbe6c47d51fc3e1a9b945965946b4c44142ab8792c50835a980d362c2710"
dependencies = [
"cfg-if 1.0.0",
]
[[package]]
name = "lzma-sys"
-version = "0.1.16"
+version = "0.1.20"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "f24f76ec44a8ac23a31915d6e326bca17ce88da03096f1ff194925dc714dac99"
+checksum = "5fda04ab3764e6cde78b9974eec4f779acaba7c4e84b36eca3cf77c581b85d27"
dependencies = [
"cc",
"libc",
"pkg-config",
]
[[package]]
name = "mac"
@@ -2434,25 +2363,16 @@ dependencies = [
name = "miow"
version = "0.3.7"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b9f1c5b025cda876f66ef43a113f91ebc9f4ccef34843000e0adf6ebbab84e21"
dependencies = [
"winapi",
]
-[[package]]
-name = "miow"
-version = "0.5.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "52ffbca2f655e33c08be35d87278e5b18b89550a37dbd598c20db92f6a471123"
-dependencies = [
- "windows-sys",
-]
-
[[package]]
name = "miri"
version = "0.1.0"
dependencies = [
"colored",
"env_logger 0.9.0",
"getrandom 0.2.0",
"lazy_static",
@@ -4637,30 +4557,16 @@ dependencies = [
"term",
"thiserror",
"toml",
"unicode-segmentation",
"unicode-width",
"unicode_categories",
]
-[[package]]
-name = "rustix"
-version = "0.36.3"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "0b1fbb4dfc4eb1d390c02df47760bb19a84bb80b301ecc947ab5406394d8223e"
-dependencies = [
- "bitflags",
- "errno",
- "io-lifetimes",
- "libc",
- "linux-raw-sys",
- "windows-sys",
-]
-
[[package]]
name = "rustversion"
version = "1.0.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "61b3909d758bb75c79f23d4736fac9433868679d3ad2ea7a61e3c25cfda9a088"
[[package]]
name = "ryu"
@@ -4879,19 +4785,19 @@ checksum = "cc88c725d61fc6c3132893370cac4a0200e3fedf5da8331c570664b1987f5ca2"
[[package]]
name = "snap"
version = "1.0.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "da73c8f77aebc0e40c300b93f0a5f1bece7a248a36eee287d4e095f35c7b7d6e"
[[package]]
name = "snapbox"
-version = "0.4.1"
+version = "0.3.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "827c00e91b15e2674d8a5270bae91f898693cbf9561cbb58d8eaa31974597293"
+checksum = "44d199ccf8f606592df2d145db26f2aa45344e23c64b074cc5a4047f1d99b0f7"
dependencies = [
"concolor",
"content_inspector",
"dunce",
"filetime",
"normalize-line-endings",
"similar",
"snapbox-macros",
@@ -5866,19 +5772,19 @@ version = "0.2.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "244c3741f4240ef46274860397c7c74e50eb23624996930e484c16679633a54c"
dependencies = [
"libc",
]
[[package]]
name = "xz2"
-version = "0.1.6"
+version = "0.1.7"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "c179869f34fc7c01830d3ce7ea2086bc3a07e0d35289b667d0a8bf910258926c"
+checksum = "388c44dc09d76f1536602ead6d325eb532f5c122f17782bd57fb47baeeb767e2"
dependencies = [
"lzma-sys",
]
[[package]]
name = "yaml-merge-keys"
version = "0.4.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
diff --git a/src/bootstrap/Cargo.lock b/src/bootstrap/Cargo.lock
index efe8ae3169f..ad115c46110 100644
--- a/src/bootstrap/Cargo.lock
+++ b/src/bootstrap/Cargo.lock
@@ -346,19 +346,19 @@ version = "0.4.17"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "abb12e687cfb44aa40f41fc3978ef76448f9b6038cad6aef4259d3c095a2382e"
dependencies = [
"cfg-if",
]
[[package]]
name = "lzma-sys"
-version = "0.1.17"
+version = "0.1.20"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "bdb4b7c3eddad11d3af9e86c487607d2d2442d185d848575365c4856ba96d619"
+checksum = "5fda04ab3764e6cde78b9974eec4f779acaba7c4e84b36eca3cf77c581b85d27"
dependencies = [
"cc",
"libc",
"pkg-config",
]
[[package]]
name = "memchr"
@@ -780,19 +780,19 @@ version = "0.2.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "6d1526bbe5aaeb5eb06885f4d987bcdfa5e23187055de9b83fe00156a821fabc"
dependencies = [
"libc",
]
[[package]]
name = "xz2"
-version = "0.1.6"
+version = "0.1.7"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "c179869f34fc7c01830d3ce7ea2086bc3a07e0d35289b667d0a8bf910258926c"
+checksum = "388c44dc09d76f1536602ead6d325eb532f5c122f17782bd57fb47baeeb767e2"
dependencies = [
"lzma-sys",
]
[[package]]
name = "yansi"
version = "0.5.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
diff --git a/src/bootstrap/Cargo.toml b/src/bootstrap/Cargo.toml
index ccc7ec1fce9..6d5838439db 100644
--- a/src/bootstrap/Cargo.toml
+++ b/src/bootstrap/Cargo.toml
@@ -46,17 +46,17 @@ object = { version = "0.29.0", default-features = false, features = ["archive",
serde = { version = "1.0.8", features = ["derive"] }
serde_json = "1.0.2"
sha2 = "0.10"
tar = "0.4"
toml = "0.5"
ignore = "0.4.10"
opener = "0.5"
once_cell = "1.7.2"
-xz2 = "0.1"
+xz2 = { version = "0.1", features = ["static"] }
walkdir = "2"
# Dependencies needed by the build-metrics feature
sysinfo = { version = "0.26.0", optional = true }
[target.'cfg(windows)'.dependencies.winapi]
version = "0.3"
features = [
--
2.38.0

58
lang/rust/rust-host.mk Normal file
View file

@ -0,0 +1,58 @@
# SPDX-License-Identifier: GPL-2.0-only
#
# Copyright (C) 2023 Luca Barbato and Donald Hoskins
# Rust Environmental Vars
CONFIG_HOST_SUFFIX:=$(word 4, $(subst -, ,$(GNU_HOST_NAME)))
RUSTC_HOST_ARCH:=$(HOST_ARCH)-unknown-linux-$(CONFIG_HOST_SUFFIX)
CARGO_HOME:=$(STAGING_DIR_HOST)/cargo
# Support only a subset for now.
RUST_ARCH_DEPENDS:=@(aarch64||arm||i386||i686||mips||mipsel||mips64||mips64el||mipsel||powerpc64||x86_64)
# Common Build Flags
RUST_BUILD_FLAGS = \
CARGO_HOME="$(CARGO_HOME)"
# This adds the rust environmental variables to Make calls
MAKE_FLAGS += $(RUST_BUILD_FLAGS)
# Force linking of the SSP library
ifdef CONFIG_PKG_CC_STACKPROTECTOR_REGULAR
ifeq ($(strip $(PKG_SSP)),1)
RUSTC_LDFLAGS += -lssp_nonshared
endif
endif
ifdef CONFIG_PKG_CC_STACKPROTECTOR_STRONG
ifeq ($(strip $(PKG_SSP)),1)
TARGET_CFLAGS += -lssp_nonshared
endif
endif
# mips64 openwrt has a specific targed in rustc
ifeq ($(ARCH),mips64)
RUSTC_TARGET_ARCH:=$(REAL_GNU_TARGET_NAME)
else
RUSTC_TARGET_ARCH:=$(subst openwrt,unknown,$(REAL_GNU_TARGET_NAME))
endif
RUSTC_TARGET_ARCH:=$(subst muslgnueabi,musleabi,$(RUSTC_TARGET_ARCH))
ifeq ($(ARCH),i386)
RUSTC_TARGET_ARCH:=$(subst i486,i586,$(RUSTC_TARGET_ARCH))
endif
# ARM Logic
ifeq ($(ARCH),arm)
ifeq ($(CONFIG_arm_v7),y)
RUSTC_TARGET_ARCH:=$(subst arm,armv7,$(RUSTC_TARGET_ARCH))
endif
ifeq ($(CONFIG_HAS_FPU),y)
RUSTC_TARGET_ARCH:=$(subst musleabi,musleabihf,$(RUSTC_TARGET_ARCH))
endif
endif
ifeq ($(ARCH),aarch64)
RUST_CFLAGS:=-mno-outline-atomics
endif

28
lang/rust/rust-package.mk Normal file
View file

@ -0,0 +1,28 @@
# SPDX-License-Identifier: GPL-2.0-only
#
# Copyright (C) 2023 Luca Barbato and Donald Hoskins
rust_mk_path:=$(dir $(lastword $(MAKEFILE_LIST)))
include $(rust_mk_path)rust-host.mk
# $(1) path to the package
# $(2) additional arguments to cargo
define Host/Compile/Cargo
( \
cd $(HOST_BUILD_DIR) ; \
export PATH="$(CARGO_HOME)/bin:$(PATH)" ; \
CARGO_HOME=$(CARGO_HOME) CC=$(HOSTCC) \
cargo install -v --profile stripped --root $(HOST_INSTALL_DIR) --path "$(if $(strip $(1)),$(strip $(1)),.)" $(2) ; \
)
endef
# $(1) path to the package
# $(2) additional arguments to cargo
define Build/Compile/Cargo
( \
cd $(PKG_BUILD_DIR) ; \
export PATH="$(CARGO_HOME)/bin:$(PATH)" ; \
CARGO_HOME=$(CARGO_HOME) TARGET_CFLAGS="$(TARGET_CFLAGS) $(RUST_CFLAGS)" TARGET_CC=$(TARGET_CC_NOCACHE) CC=cc \
cargo install -v --profile stripped --target $(RUSTC_TARGET_ARCH) --root $(PKG_INSTALL_DIR) --path "$(if $(strip $(1)),$(strip $(1)),.)" $(2) ; \
)
endef

119
lang/rust/rust_config.mk Normal file
View file

@ -0,0 +1,119 @@
ifeq ($(CONFIG_RUST_DEBUG),y)
CONFIGURE_ARGS += --enable-debug
endif
ifeq ($(CONFIG_RUST_DOCS),y)
CONFIGURE_ARGS += --enable-docs
else
CONFIGURE_ARGS += --disable-docs
endif
ifeq ($(CONFIG_RUST_COMPILER_DOCS),y)
CONFIGURE_ARGS += --enable-compiler-docs
else
CONFIGURE_ARGS += --disable-compiler-docs
endif
ifeq ($(CONFIG_RUST_OPTIMIZE_TESTS),y)
CONFIGURE_ARGS += --enable-optimize-tests
endif
ifeq ($(CONFIG_RUST_PARALLEL),y)
CONFIGURE_ARGS += --enable-parallel-compiler
endif
ifeq ($(CONFIG_RUST_VERBOSE_TESTS),y)
CONFIGURE_ARGS += --enable-verbose-tests
endif
ifeq ($(filter $(CONFIG_RUST_CCACHE) $(CCACHE),y),)
CONFIGURE_ARGS += --enable-ccache
endif
ifeq ($(CONFIG_RUST_CCACHE),y)
CONFIGURE_ARGS += --enable-ccache
endif
ifeq ($(CONFIG_RUST_LLVM_STATIC),y)
CONFIGURE_ARGS += --enable-llvm-static-stdcpp
endif
ifeq ($(CONFIG_RUST_LLVM_SHARED),y)
CONFIGURE_ARGS += --enable-llvm-link-shared
endif
ifeq ($(CONFIG_RUST_CODEGEN_TESTS),y)
CONFIGURE_ARGS += --enable-codegen-tests
endif
ifeq ($(CONFIG_RUST_OPTION_CHECKING),y)
CONFIGURE_ARGS += --enable-option-checking
endif
ifeq ($(CONFIG_RUST_ENABLE_NINJA),y)
CONFIGURE_ARGS += --enable-ninja
endif
ifeq ($(CONFIG_RUST_LOCKED_DEPS),y)
CONFIGURE_ARGS += --enable-locked-deps
endif
ifeq ($(CONFIG_RUST_VENDOR),y)
CONFIGURE_ARGS += --enable-vendor
endif
ifeq ($(CONFIG_RUST_SANITIZERS),y)
CONFIGURE_ARGS += --enable-sanitizers
endif
ifeq ($(CONFIG_RUST_DIST_SRC),y)
CONFIGURE_ARGS += --enable-dist-src
endif
ifeq ($(CONFIG_RUST_CARGO_NATIVE_STATIC),y)
CONFIGURE_ARGS += --enable-cargo-native-static
endif
ifeq ($(CONFIG_RUST_PROFILER),y)
CONFIGURE_ARGS += --enable-profiler
endif
ifeq ($(CONFIG_RUST_FULL_TOOLS),y)
CONFIGURE_ARGS += --enable-full-tools
endif
ifeq ($(CONFIG_RUST_MISSING_TOOLS),y)
CONFIGURE_ARGS += --enable-missing-tools
endif
ifeq ($(CONFIG_RUST_USE_LIBCXX),y)
CONFIGURE_ARGS += --enable-use-libcxx
endif
ifeq ($(CONFIG_RUST_CONTROL_FLOW_GUARD),y)
CONFIGURE_ARGS += --enable-control-flow-guard
endif
ifeq ($(CONFIG_RUST_OPTIMIZE_LLVM),y)
CONFIGURE_ARGS += --enable-optimize-llvm
endif
ifeq ($(CONFIG_RUST_LLVM_ASSERTIONS),y)
CONFIGURE_ARGS += --enable-llvm-assertions
endif
ifeq ($(CONFIG_RUST_DEBUG_ASSERTIONS),y)
CONFIGURE_ARGS += --enable-debug-assertions
endif
ifeq ($(CONFIG_RUST_LLVM_RELEASE_DEBUGINFO),y)
CONFIGURE_ARGS += --enable-llvm-release-debuginfo
endif
ifeq ($(CONFIG_RUST_MANAGE_SUBMODULES),y)
CONFIGURE_ARGS += --enable-manage-submodules
endif
ifeq ($(CONFIG_RUST_FULL_BOOTSTRAP),y)
CONFIGURE_ARGS += --enable-full-bootstrap
endif

6
libs/icu/Makefile
View file

@ -11,7 +11,7 @@ PKG_NAME:=icu4c
MAJOR_VERSION:=72
MINOR_VERSION:=1
PKG_VERSION:=$(MAJOR_VERSION).$(MINOR_VERSION)
PKG_RELEASE:=1
PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(MAJOR_VERSION)_$(MINOR_VERSION)-src.tgz
PKG_SOURCE_URL:=https://github.com/unicode-org/icu/releases/download/release-$(MAJOR_VERSION)-$(MINOR_VERSION)
@ -79,8 +79,8 @@ endef
CONFIGURE_CMD:= ./runConfigureICU
CONFIGURE_ARGS:= \
Linux/gcc \
CC="$(TARGET_CC)" \
CXX="$(TARGET_CXX)" \
CC="$(TARGET_CC_NOCACHE)" \
CXX="$(TARGET_CXX_NOCACHE)" \
--target=$(GNU_TARGET_NAME) \
--host=$(GNU_TARGET_NAME) \
--build=$(GNU_HOST_NAME) \

4
libs/openblas/Makefile
View file

@ -6,7 +6,7 @@ include $(TOPDIR)/rules.mk
PKG_NAME:=OpenBLAS
PKG_VERSION:=0.3.21
PKG_RELEASE:=$(AUTORELEASE)
PKG_RELEASE:=2
PKG_SOURCE:=OpenBLAS-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://github.com/xianyi/OpenBLAS/releases/download/v$(PKG_VERSION)/
@ -76,6 +76,8 @@ endif
MAKE_FLAGS += \
CROSS=1 \
CC=$(TARGET_CC_NOCACHE) \
CXX=$(TARGET_CXX_NOCACHE) \
HOSTCC=$(HOSTCC_NOCACHE) \
CROSS_SUFFIX=$(TARGET_CROSS) \
BINARY=$(OPENBLAS_BINARY) \

6
libs/protobuf-c/Makefile
View file

@ -8,12 +8,12 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=libprotobuf-c
PKG_VERSION:=1.4.0
PKG_RELEASE:=$(AUTORELEASE)
PKG_VERSION:=1.4.1
PKG_RELEASE:=1
PKG_SOURCE:=protobuf-c-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://github.com/protobuf-c/protobuf-c/releases/download/v$(PKG_VERSION)
PKG_HASH:=26d98ee9bf18a6eba0d3f855ddec31dbe857667d269bc0b6017335572f85bbcb
PKG_HASH:=4cc4facd508172f3e0a4d3a8736225d472418aee35b4ad053384b137b220339f
PKG_BUILD_DIR:=$(BUILD_DIR)/protobuf-c-$(PKG_VERSION)
HOST_BUILD_DIR:=$(BUILD_DIR_HOST)/protobuf-c-$(PKG_VERSION)

2
net/banip/Makefile
View file

@ -8,7 +8,7 @@ include $(TOPDIR)/rules.mk
PKG_NAME:=banip
PKG_VERSION:=0.8.2
PKG_RELEASE:=1
PKG_RELEASE:=2
PKG_LICENSE:=GPL-3.0-or-later
PKG_MAINTAINER:=Dirk Brenken <dev@brenken.org>

51
net/banip/files/README.md
View file

@ -31,27 +31,27 @@ IP address blocking is commonly used to protect against brute force attacks, pre
| firehol2 | firehol level 2 compilation | x | x | | [Link](https://iplists.firehol.org/?ipset=firehol_level2) |
| firehol3 | firehol level 3 compilation | x | x | | [Link](https://iplists.firehol.org/?ipset=firehol_level3) |
| firehol4 | firehol level 4 compilation | x | x | | [Link](https://iplists.firehol.org/?ipset=firehol_level4) |
| greensnow | suspicious server IPs | x | x | x | [Link](https://greensnow.co) |
| greensnow | suspicious server IPs | x | x | | [Link](https://greensnow.co) |
| iblockads | Advertising IPs | | | x | [Link](https://www.iblocklist.com) |
| iblockspy | Malicious spyware IPs | x | x | x | [Link](https://www.iblocklist.com) |
| iblockspy | Malicious spyware IPs | x | x | | [Link](https://www.iblocklist.com) |
| myip | real-time IP blocklist | x | x | | [Link](https://myip.ms) |
| nixspam | iX spam protection | x | x | | [Link](http://www.nixspam.org) |
| oisdbig | OISD-big IPs | | | x | [Link](https://github.com/dibdot/banIP-IP-blocklists) |
| oisdnsfw | OISD-nsfw IPs | | | x | [Link](https://github.com/dibdot/banIP-IP-blocklists) |
| oisdsmall | OISD-small IPs | | | x | [Link](https://github.com/dibdot/banIP-IP-blocklists) |
| proxy | open proxies | x | | | [Link](https://iplists.firehol.org/?ipset=proxylists) |
| ssbl | SSL botnet IPs | x | x | x | [Link](https://sslbl.abuse.ch) |
| ssbl | SSL botnet IPs | x | x | | [Link](https://sslbl.abuse.ch) |
| stevenblack | stevenblack IPs | | | x | [Link](https://github.com/dibdot/banIP-IP-blocklists) |
| talos | talos IPs | x | x | | [Link](https://talosintelligence.com/reputation_center) |
| threat | emerging threats | x | x | x | [Link](https://rules.emergingthreats.net) |
| threatview | malicious IPs | x | x | x | [Link](https://threatview.io) |
| tor | tor exit nodes | x | x | x | [Link](https://github.com/SecOps-Institute/Tor-IP-Addresses) |
| threat | emerging threats | x | x | | [Link](https://rules.emergingthreats.net) |
| threatview | malicious IPs | x | x | | [Link](https://threatview.io) |
| tor | tor exit nodes | x | x | | [Link](https://github.com/SecOps-Institute/Tor-IP-Addresses) |
| uceprotect1 | spam protection level 1 | x | x | | [Link](http://www.uceprotect.net/en/index.php) |
| uceprotect2 | spam protection level 2 | x | x | | [Link](http://www.uceprotect.net/en/index.php) |
| uceprotect3 | spam protection level 3 | x | x | | [Link](http://www.uceprotect.net/en/index.php) |
| urlhaus | urlhaus IDS IPs | x | x | | [Link](https://urlhaus.abuse.ch) |
| urlvir | malware related IPs | x | x | x | [Link](https://iplists.firehol.org/?ipset=urlvir) |
| webclient | malware related IPs | x | x | x | [Link](https://iplists.firehol.org/?ipset=firehol_webclient) |
| urlvir | malware related IPs | x | x | | [Link](https://iplists.firehol.org/?ipset=urlvir) |
| webclient | malware related IPs | x | x | | [Link](https://iplists.firehol.org/?ipset=firehol_webclient) |
| voip | VoIP fraud blocklist | x | x | | [Link](https://voipbl.org) |
| yoyo | yoyo IPs | | | x | [Link](https://github.com/dibdot/banIP-IP-blocklists) |
@ -151,8 +151,10 @@ Available commands:
| ban_deduplicate | option | 1 | deduplicate IP addresses across all active sets |
| ban_splitsize | option | 0 | split ext. sets after every n lines/members (saves RAM) |
| ban_cores | option | - / autodetect | limit the cpu cores used by banIP (saves RAM) |
| ban_nftloglevel | option | warn | nft loglevel, values: emerg, alert, crit, err, warn, notice, info, debug, audit |
| ban_nftpriority | option | -200 | nft priority for the banIP table (default is the prerouting table priority) |
| ban_nftpolicy | option | memory | nft policy for banIP-related sets, values: memory, performance |
| ban_nftexpiry | option | - | expiry time for auto added blocklist members, e.g. '5m', '2h' or '1d' |
| ban_nftpriority | option | -200 | nft banIP table priority (default is the prerouting table priority) |
| ban_feed | list | - | external download feeds, e.g. 'yoyo', 'doh', 'country' or 'talos' (see feed table) |
| ban_asn | list | - | ASNs for the 'asn' feed, e.g.'32934' |
| ban_country | list | - | country iso codes for the 'country' feed, e.g. 'ru' |
@ -222,18 +224,18 @@ Available commands:
~# /etc/init.d/banip status
::: banIP runtime information
+ status : active (nft: ✔, monitor: ✔)
+ version : 0.8.2-1
+ element_count : 180596
+ active_feeds : allowlistvMAC, allowlistv4, allowlistv6, adawayv4, adawayv6, adguardv4, cinsscorev4, adguardv6, countryv6, countryv4,
deblv4, deblv6, dohv4, dohv6, firehol1v4, oisdsmallv6, oisdsmallv4, urlvirv4, webclientv4, blocklistvMAC, blocklistv4,
blocklistv6
+ active_devices : eth2
+ active_interfaces : wan, wan6
+ active_subnets : 91.64.168.218/24, 2a02:710c:0:80:e342:4b0c:725d:1d43/128
+ run_info : base: /tmp, backup: /mnt/data/banIP-backup, report: /mnt/data/banIP-report, feed: /etc/banip/banip.feeds
+ version : 0.8.2-2
+ element_count : 211397
+ active_feeds : allowlistvMAC, allowlistv4, allowlistv6, adawayv4, adawayv6, adguardv4, adguardtrackersv4, adguardv6, adguardtrackersv
6, antipopadsv4, antipopadsv6, cinsscorev4, countryv6, countryv4, deblv4, deblv6, dohv4, dohv6, firehol1v4, oisdsmallv
6, oisdsmallv4, stevenblackv6, stevenblackv4, webclientv4, blocklistvMAC, blocklistv4, blocklistv6
+ active_devices : eth2 ::: wan, wan6
+ active_subnets : 91.64.148.211/24, 2b02:710c:0:80:e442:4b0c:637d:1d33/128
+ nft_info : priority: -200, policy: memory, loglevel: warn, expiry: -
+ run_info : base: /mnt/data/banIP, backup: /mnt/data/banIP/backup, report: /mnt/data/banIP/report, feed: /etc/banip/banip.feeds
+ run_flags : auto: ✔, proto (4/6): ✔/✔, log (wan-inp/wan-fwd/lan-fwd): ✔/✔/✔, dedup: ✔, split: ✘, allowed only: ✘
+ last_run : action: restart, duration: 0m 58s, date: 2023-03-06 13:50:27
+ system_info : cores: 2, memory: 1831, device: Turris Omnia, OpenWrt SNAPSHOT r22151-1d82a47b49
+ last_run : action: restart, duration: 0m 55s, date: 2023-03-10 19:33:08
+ system_info : cores: 2, memory: 1830, device: Turris Omnia, OpenWrt SNAPSHOT r22248-bf055fcdca
```
**banIP search information**
@ -242,9 +244,9 @@ Available commands:
:::
::: banIP Search
:::
Looking for IP 221.228.105.173 on 2023-02-08 22:12:48
Looking for IP '221.228.105.173' on 2023-02-08 22:12:48
---
IP found in set oisdbasicv4
IP found in Set 'oisdbasicv4'
```
**banIP survey information**
@ -253,7 +255,7 @@ Available commands:
:::
::: banIP Survey
:::
List the elements of set cinsscorev4 on 2023-03-06 14:07:58
List the elements of Set 'cinsscorev4' on 2023-03-06 14:07:58
---
1.10.187.179
1.10.203.30
@ -272,7 +274,7 @@ Available commands:
1.15.77.237
[...]
```
**default regex for logfile parsing**
**default regex for logfile parsing**
```
list ban_logterm 'Exit before auth from'
list ban_logterm 'luci: failed login'
@ -299,6 +301,7 @@ nftables supports the atomic loading of rules/sets/members, which is cool but un
* point 'ban_basedir', 'ban_reportdir' and 'ban_backupdir' to an external usb drive
* set 'ban_cores' to '1' (only useful on a multicore system) to force sequential feed processing
* set 'ban_splitsize' e.g. to '1000' to split the load of an external set after every 1000 lines/members
* set 'ban_reportelements' to '0' to disable the CPU intensive counting of set elements
**tweak the download options**
By default banIP uses the following pre-configured download options:

218
net/banip/files/banip-functions.sh
View file

@ -35,9 +35,10 @@ ban_mailreceiver=""
ban_mailtopic="banIP notification"
ban_mailprofile="ban_notify"
ban_reportelements="1"
ban_nftloglevel="warn"
ban_nftpriority="-200"
ban_nftpolicy="memory"
ban_nftexpiry=""
ban_loglevel="warn"
ban_loglimit="100"
ban_logcount="1"
ban_logterm=""
@ -304,90 +305,112 @@ f_actual() {
# get wan interfaces
#
f_getif() {
local iface
local iface update="0"
"${ban_ubuscmd}" -t 5 wait_for network.device network.interface 2>/dev/null
if [ "${ban_autodetect}" = "1" ]; then
if [ -z "${ban_ifv4}" ]; then
network_flush_cache
network_find_wan iface
if [ -n "${iface}" ] && ! printf "%s" "${ban_ifv4}" | "${ban_grepcmd}" -q "${iface}"; then
if [ -n "${iface}" ] && "${ban_ubuscmd}" -t 10 wait_for network.interface."${iface}" >/dev/null 2>&1; then
ban_protov4="1"
ban_ifv4="${ban_ifv4}${iface} "
ban_ifv4="${iface}"
uci_set banip global ban_protov4 "1"
uci_add_list banip global ban_ifv4 "${iface}"
f_log "info" "added IPv4 interface '${iface}' to config"
fi
fi
if [ -z "${ban_ifv6}" ]; then
network_flush_cache
network_find_wan6 iface
if [ -n "${iface}" ] && ! printf "%s" "${ban_ifv6}" | "${ban_grepcmd}" -q "${iface}"; then
if [ -n "${iface}" ] && "${ban_ubuscmd}" -t 10 wait_for network.interface."${iface}" >/dev/null 2>&1; then
ban_protov6="1"
ban_ifv6="${ban_ifv6}${iface} "
ban_ifv6="${iface}"
uci_set banip global ban_protov6 "1"
uci_add_list banip global ban_ifv6 "${iface}"
f_log "info" "added IPv6 interface '${iface}' to config"
fi
fi
fi
if [ -n "$(uci -q changes "banip")" ]; then
update="1"
uci_commit "banip"
else
ban_ifv4="${ban_ifv4%%?}"
ban_ifv6="${ban_ifv6%%?}"
[ -n "$(uci -q changes "banip")" ] && uci_commit "banip"
for iface in ${ban_ifv4} ${ban_ifv6}; do
if ! "${ban_ubuscmd}" -t 10 wait_for network.interface."${iface}" >/dev/null 2>&1; then
f_log "err" "wan interface '${iface}' is not available, please check your configuration"
fi
done
fi
[ -z "${ban_ifv4}" ] && [ -z "${ban_ifv6}" ] && f_log "err" "wan interfaces not found, please check your configuration"
f_log "debug" "f_getif ::: auto_detect: ${ban_autodetect}, interfaces (4/6): ${ban_ifv4}/${ban_ifv6}, protocols (4/6): ${ban_protov4}/${ban_protov6}"
f_log "debug" "f_getif ::: auto/update: ${ban_autodetect}/${update}, interfaces (4/6): ${ban_ifv4}/${ban_ifv6}, protocols (4/6): ${ban_protov4}/${ban_protov6}"
}
# get wan devices
#
f_getdev() {
local dev iface
local dev iface update="0" cnt="0" cnt_max="10"
if [ "${ban_autodetect}" = "1" ] && [ -z "${ban_dev}" ]; then
for iface in ${ban_ifv4} ${ban_ifv6}; do
network_get_device dev "${iface}"
if [ -n "${dev}" ] && ! printf "%s" "${ban_dev}" | "${ban_grepcmd}" -q "${dev}"; then
ban_dev="${ban_dev}${dev} "
uci_add_list banip global ban_dev "${dev}"
else
network_get_physdev dev "${iface}"
if [ -n "${dev}" ] && ! printf "%s" "${ban_dev}" | "${ban_grepcmd}" -q "${dev}"; then
ban_dev="${ban_dev}${dev} "
uci_add_list banip global ban_dev "${dev}"
if [ "${ban_autodetect}" = "1" ]; then
while [ -z "${ban_dev}" ] && [ "${cnt}" -le "${cnt_max}" ]; do
network_flush_cache
for iface in ${ban_ifv4} ${ban_ifv6}; do
network_get_device dev "${iface}"
if [ -n "${dev}" ]; then
if printf "%s" "${dev}" | "${ban_grepcmd}" -qE "pppoe|6in4"; then
dev="${iface}"
fi
if ! printf " %s " "${ban_dev}" | "${ban_grepcmd}" -q " ${dev} "; then
ban_dev="${ban_dev}${dev} "
uci_add_list banip global ban_dev "${dev}"
f_log "info" "added device '${dev}' to config"
fi
fi
fi
done
cnt="$((cnt + 1))"
sleep 1
done
ban_dev="${ban_dev%%?}"
[ -n "$(uci -q changes "banip")" ] && uci_commit "banip"
fi
if [ -n "$(uci -q changes "banip")" ]; then
update="1"
uci_commit "banip"
fi
ban_dev="${ban_dev%%?}"
[ -z "${ban_dev}" ] && f_log "err" "wan devices not found, please check your configuration"
f_log "debug" "f_getdev ::: auto_detect: ${ban_autodetect}, devices: ${ban_dev}"
f_log "debug" "f_getdev ::: auto/update: ${ban_autodetect}/${update}, devices: ${ban_dev}, cnt: ${cnt}"
}
# get local subnets
#
f_getsub() {
local sub iface ip
local sub iface ip update="0"
for iface in ${ban_ifv4} ${ban_ifv6}; do
network_get_subnet sub "${iface}"
if [ -n "${sub}" ] && ! printf "%s" "${ban_sub}" | "${ban_grepcmd}" -q "${sub}"; then
ban_sub="${ban_sub} ${sub}"
fi
network_get_subnet6 sub "${iface}"
if [ -n "${sub}" ] && ! printf "%s" "${ban_sub}" | "${ban_grepcmd}" -q "${sub}"; then
ban_sub="${ban_sub} ${sub}"
fi
done
if [ "${ban_autoallowlist}" = "1" ]; then
for ip in ${ban_sub}; do
if ! "${ban_grepcmd}" -q "${ip}" "${ban_allowlist}"; then
printf "%-42s%s\n" "${ip}" "added on $(date "+%Y-%m-%d %H:%M:%S")" >>"${ban_allowlist}"
f_log "info" "add subnet '${ip}' to local allowlist"
for iface in ${ban_ifv4} ${ban_ifv6}; do
network_flush_cache
network_get_subnet sub "${iface}"
if [ -n "${sub}" ] && ! printf " %s " "${ban_sub}" | "${ban_grepcmd}" -q " ${sub} "; then
ban_sub="${ban_sub}${sub} "
fi
network_get_subnet6 sub "${iface}"
if [ -n "${sub}" ] && ! printf " %s " "${ban_sub}" | "${ban_grepcmd}" -q " ${sub} "; then
ban_sub="${ban_sub}${sub} "
fi
done
for ip in ${ban_sub}; do
if ! "${ban_grepcmd}" -q "${ip}" "${ban_allowlist}"; then
update="1"
printf "%-42s%s\n" "${ip}" "# subnet added on $(date "+%Y-%m-%d %H:%M:%S")" >>"${ban_allowlist}"
f_log "info" "added subnet '${ip}' to local allowlist"
fi
done
ban_sub="${ban_sub%%?}"
fi
[ -z "${ban_sub}" ] && f_log "err" "wan subnet(s) not found, please check your configuration"
f_log "debug" "f_getsub ::: auto_allowlist: ${ban_autoallowlist}, subnet(s): ${ban_sub:-"-"}"
f_log "debug" "f_getsub ::: auto/update: ${ban_autoallowlist}/${update}, subnet(s): ${ban_sub:-"-"}"
}
# get set elements
@ -442,7 +465,7 @@ f_nftinit() {
feed_log="$("${ban_nftcmd}" -f "${file}" 2>&1)"
feed_rc="${?}"
f_log "debug" "f_nftinit ::: devices: ${ban_dev}, priority: ${ban_nftpriority}, rc: ${feed_rc:-"-"}, log: ${feed_log:-"-"}"
f_log "debug" "f_nftinit ::: devices: ${ban_dev}, priority: ${ban_nftpriority}, policy: ${ban_nftpolicy}, loglevel: ${ban_nftloglevel}, rc: ${feed_rc:-"-"}, log: ${feed_log:-"-"}"
return ${feed_rc}
}
@ -461,9 +484,9 @@ f_down() {
tmp_flush="${ban_tmpfile}.${feed}.flush"
tmp_nft="${ban_tmpfile}.${feed}.nft"
[ "${ban_loginput}" = "1" ] && log_input="log level ${ban_loglevel} prefix \"banIP/inp-wan/drp/${feed}: \""
[ "${ban_logforwardwan}" = "1" ] && log_forwardwan="log level ${ban_loglevel} prefix \"banIP/fwd-wan/drp/${feed}: \""
[ "${ban_logforwardlan}" = "1" ] && log_forwardlan="log level ${ban_loglevel} prefix \"banIP/fwd-lan/rej/${feed}: \""
[ "${ban_loginput}" = "1" ] && log_input="log level ${ban_nftloglevel} prefix \"banIP/inp-wan/drp/${feed}: \""
[ "${ban_logforwardwan}" = "1" ] && log_forwardwan="log level ${ban_nftloglevel} prefix \"banIP/fwd-wan/drp/${feed}: \""
[ "${ban_logforwardlan}" = "1" ] && log_forwardlan="log level ${ban_nftloglevel} prefix \"banIP/fwd-lan/rej/${feed}: \""
# set source block direction
#
@ -508,11 +531,11 @@ f_down() {
[ -s "${tmp_flush}" ] && cat "${tmp_flush}"
if [ "${proto}" = "MAC" ]; then
"${ban_awkcmd}" '/^([0-9A-f]{2}:){5}[0-9A-f]{2}([[:space:]]|$)/{printf "%s, ",tolower($1)}' "${ban_allowlist}" >"${tmp_file}"
printf "%s\n" "add set inet banIP ${feed} { type ether_addr; policy memory; $(f_getelements "${tmp_file}") }"
printf "%s\n" "add set inet banIP ${feed} { type ether_addr; policy ${ban_nftpolicy}; $(f_getelements "${tmp_file}") }"
[ -z "${feed_direction##*forwardlan*}" ] && printf "%s\n" "add rule inet banIP lan-forward ether saddr @${feed} counter accept"
elif [ "${proto}" = "4" ]; then
"${ban_awkcmd}" '/^(([0-9]{1,3}\.){3}(1?[0-9][0-9]?|2[0-4][0-9]|25[0-5])(\/(1?[0-9]|2?[0-9]|3?[0-2]))?)([[:space:]]|$)/{printf "%s, ",$1}' "${ban_allowlist}" >"${tmp_file}"
printf "%s\n" "add set inet banIP ${feed} { type ipv4_addr; flags interval; auto-merge; policy memory; $(f_getelements "${tmp_file}") }"
printf "%s\n" "add set inet banIP ${feed} { type ipv4_addr; flags interval; auto-merge; policy ${ban_nftpolicy}; $(f_getelements "${tmp_file}") }"
if [ -z "${feed_direction##*input*}" ]; then
if [ "${ban_allowlistonly}" = "1" ]; then
printf "%s\n" "add rule inet banIP wan-input ip saddr != @${feed} ${log_input} counter drop"
@ -537,7 +560,7 @@ f_down() {
elif [ "${proto}" = "6" ]; then
"${ban_awkcmd}" '!/^([0-9A-f]{2}:){5}[0-9A-f]{2}([[:space:]]|$)/{printf "%s\n",$1}' "${ban_allowlist}" |
"${ban_awkcmd}" '/^(([0-9A-f]{0,4}:){1,7}[0-9A-f]{0,4}:?(\/(1?[0-2][0-8]|[0-9][0-9]))?)([[:space:]]|$)/{printf "%s, ",tolower($1)}' >"${tmp_file}"
printf "%s\n" "add set inet banIP ${feed} { type ipv6_addr; flags interval; auto-merge; policy memory; $(f_getelements "${tmp_file}") }"
printf "%s\n" "add set inet banIP ${feed} { type ipv6_addr; flags interval; auto-merge; policy ${ban_nftpolicy}; $(f_getelements "${tmp_file}") }"
if [ -z "${feed_direction##*input*}" ]; then
if [ "${ban_allowlistonly}" = "1" ]; then
printf "%s\n" "add rule inet banIP wan-input ip6 saddr != @${feed} ${log_input} counter drop"
@ -568,7 +591,7 @@ f_down() {
[ -s "${tmp_flush}" ] && cat "${tmp_flush}"
if [ "${proto}" = "MAC" ]; then
"${ban_awkcmd}" '/^([0-9A-f]{2}:){5}[0-9A-f]{2}([[:space:]]|$)/{printf "%s, ",tolower($1)}' "${ban_blocklist}" >"${tmp_file}"
printf "%s\n" "add set inet banIP ${feed} { type ether_addr; policy memory; $(f_getelements "${tmp_file}") }"
printf "%s\n" "add set inet banIP ${feed} { type ether_addr; policy ${ban_nftpolicy}; $(f_getelements "${tmp_file}") }"
[ -z "${feed_direction##*forwardlan*}" ] && printf "%s\n" "add rule inet banIP lan-forward ether saddr @${feed} ${log_forwardlan} counter reject"
elif [ "${proto}" = "4" ]; then
if [ "${ban_deduplicate}" = "1" ]; then
@ -580,7 +603,7 @@ f_down() {
"${ban_awkcmd}" '/^(([0-9]{1,3}\.){3}(1?[0-9][0-9]?|2[0-4][0-9]|25[0-5])(\/(1?[0-9]|2?[0-9]|3?[0-2]))?)([[:space:]]|$)/{printf "%s,\n",$1}' "${ban_blocklist}" >"${tmp_split}"
fi
"${ban_awkcmd}" '{ORS=" ";print}' "${tmp_split}" 2>/dev/null >"${tmp_file}"
printf "%s\n" "add set inet banIP ${feed} { type ipv4_addr; flags interval, timeout; auto-merge; policy memory; $(f_getelements "${tmp_file}") }"
printf "%s\n" "add set inet banIP ${feed} { type ipv4_addr; flags interval, timeout; auto-merge; policy ${ban_nftpolicy}; $(f_getelements "${tmp_file}") }"
[ -z "${feed_direction##*input*}" ] && printf "%s\n" "add rule inet banIP wan-input ip saddr @${feed} ${log_input} counter drop"
[ -z "${feed_direction##*forwardwan*}" ] && printf "%s\n" "add rule inet banIP wan-forward ip saddr @${feed} ${log_forwardwan} counter drop"
[ -z "${feed_direction##*forwardlan*}" ] && printf "%s\n" "add rule inet banIP lan-forward ip daddr @${feed} ${log_forwardlan} counter reject with icmp type admin-prohibited"
@ -596,7 +619,7 @@ f_down() {
"${ban_awkcmd}" '/^(([0-9A-f]{0,4}:){1,7}[0-9A-f]{0,4}:?(\/(1?[0-2][0-8]|[0-9][0-9]))?)([[:space:]]|$)/{printf "%s,\n",tolower($1)}' >"${tmp_split}"
fi
"${ban_awkcmd}" '{ORS=" ";print}' "${tmp_split}" 2>/dev/null >"${tmp_file}"
printf "%s\n" "add set inet banIP ${feed} { type ipv6_addr; flags interval, timeout; auto-merge; policy memory; $(f_getelements "${tmp_file}") }"
printf "%s\n" "add set inet banIP ${feed} { type ipv6_addr; flags interval, timeout; auto-merge; policy ${ban_nftpolicy}; $(f_getelements "${tmp_file}") }"
[ -z "${feed_direction##*input*}" ] && printf "%s\n" "add rule inet banIP wan-input ip6 saddr @${feed} ${log_input} counter drop"
[ -z "${feed_direction##*forwardwan*}" ] && printf "%s\n" "add rule inet banIP wan-forward ip6 saddr @${feed} ${log_forwardwan} counter drop"
[ -z "${feed_direction##*forwardlan*}" ] && printf "%s\n" "add rule inet banIP lan-forward ip6 daddr @${feed} ${log_forwardlan} counter reject with icmpv6 type admin-prohibited"
@ -691,7 +714,7 @@ f_down() {
#
printf "%s\n\n" "#!/usr/sbin/nft -f"
[ -s "${tmp_flush}" ] && cat "${tmp_flush}"
printf "%s\n" "add set inet banIP ${feed} { type ipv4_addr; flags interval; auto-merge; policy memory; $(f_getelements "${tmp_file}.1") }"
printf "%s\n" "add set inet banIP ${feed} { type ipv4_addr; flags interval; auto-merge; policy ${ban_nftpolicy}; $(f_getelements "${tmp_file}.1") }"
# input and forward rules
#
@ -705,7 +728,7 @@ f_down() {
#
printf "%s\n\n" "#!/usr/sbin/nft -f"
[ -s "${tmp_flush}" ] && cat "${tmp_flush}"
printf "%s\n" "add set inet banIP ${feed} { type ipv6_addr; flags interval; auto-merge; policy memory; $(f_getelements "${tmp_file}.1") }"
printf "%s\n" "add set inet banIP ${feed} { type ipv6_addr; flags interval; auto-merge; policy ${ban_nftpolicy}; $(f_getelements "${tmp_file}.1") }"
# input and forward rules
#
@ -737,7 +760,9 @@ f_down() {
fi
rm -f "${split_file}"
done
cnt_set="$("${ban_nftcmd}" -j list set inet banIP "${feed}" 2>/dev/null | jsonfilter -qe '@.nftables[*].set.elem[*]' | wc -l 2>/dev/null)"
if [ "${ban_debug}" = "1" ] && [ "${ban_reportelements}" = "1" ]; then
cnt_set="$("${ban_nftcmd}" -j list set inet banIP "${feed}" 2>/dev/null | jsonfilter -qe '@.nftables[*].set.elem[*]' | wc -l 2>/dev/null)"
fi
fi
else
f_log "info" "empty feed ${feed} will be skipped"
@ -825,9 +850,11 @@ f_genstatus() {
duration="$(((ban_endtime - ban_starttime) / 60))m $(((ban_endtime - ban_starttime) % 60))s"
fi
table_sets="$("${ban_nftcmd}" -tj list ruleset 2>/dev/null | jsonfilter -qe '@.nftables[@.set.table="banIP"].set.name')"
for set in ${table_sets}; do
cnt_elements="$((cnt_elements + $("${ban_nftcmd}" -j list set inet banIP "${set}" 2>/dev/null | jsonfilter -qe '@.nftables[*].set.elem[*]' | wc -l 2>/dev/null)))"
done
if [ "${ban_reportelements}" = "1" ]; then
for set in ${table_sets}; do
cnt_elements="$((cnt_elements + $("${ban_nftcmd}" -j list set inet banIP "${set}" 2>/dev/null | jsonfilter -qe '@.nftables[*].set.elem[*]' | wc -l 2>/dev/null)))"
done
fi
runtime="action: ${ban_action:-"-"}, duration: ${duration:-"-"}, date: $(date "+%Y-%m-%d %H:%M:%S")"
fi
f_system
@ -863,14 +890,6 @@ f_genstatus() {
json_add_string "device" "${object}"
json_close_object
done
fi
json_close_array
json_add_array "active_interfaces"
if [ "${status}" != "active" ]; then
json_add_object
json_add_string "interface" "-"
json_close_object
else
for object in ${ban_ifv4} ${ban_ifv6}; do
json_add_object
json_add_string "interface" "${object}"
@ -891,6 +910,7 @@ f_genstatus() {
done
fi
json_close_array
json_add_string "nft_info" "priority: ${ban_nftpriority}, policy: ${ban_nftpolicy}, loglevel: ${ban_nftloglevel}, expiry: ${ban_nftexpiry:-"-"}"
json_add_string "run_info" "base: ${ban_basedir}, backup: ${ban_backupdir}, report: ${ban_reportdir}, feed: ${ban_feedfile}"
json_add_string "run_flags" "auto: $(f_char ${ban_autodetect}), proto (4/6): $(f_char ${ban_protov4})/$(f_char ${ban_protov6}), log (wan-inp/wan-fwd/lan-fwd): $(f_char ${ban_loginput})/$(f_char ${ban_logforwardwan})/$(f_char ${ban_logforwardlan}), dedup: $(f_char ${ban_deduplicate}), split: $(f_char ${split}), allowed only: $(f_char ${ban_allowlistonly})"
json_add_string "last_run" "${runtime:-"-"}"
@ -901,7 +921,7 @@ f_genstatus() {
# get status information
#
f_getstatus() {
local key keylist type value index_value actual="${1}"
local key keylist type value index_key1 index_key2 index_value1 index_value2 actual="${1}"
[ -z "${ban_dev}" ] && f_conf
json_load_file "${ban_rtfile}" >/dev/null 2>&1
@ -911,22 +931,45 @@ f_getstatus() {
json_get_var value "${key}" >/dev/null 2>&1
if [ "${key}" = "status" ]; then
value="${value} ($(f_actual))"
elif [ "${key}" = "active_devices" ]; then
json_select "${key}" >/dev/null 2>&1
index=1
while json_get_type type "${index}" && [ "${type}" = "object" ]; do
json_get_keys index_key1 "${index}" >/dev/null 2>&1
json_get_keys index_key2 "$((index + 1))" >/dev/null 2>&1
json_get_values index_value1 "${index}" >/dev/null 2>&1
if [ "${index}" = "1" ] && [ "${index_key1// /}" = "device" ] && [ "${index_key2// /}" = "interface" ]; then
json_get_values index_value2 "$((index + 1))" >/dev/null 2>&1
value="${index_value1} ::: ${index_value2}"
index="$((index + 1))"
elif [ "${index}" = "1" ]; then
value="${index_value1}"
elif [ "${index}" != "1" ] && [ "${index_key1// /}" = "device" ] && [ "${index_key2// /}" = "interface" ]; then
json_get_values index_value2 "$((index + 1))" >/dev/null 2>&1
value="${value}, ${index_value1} ::: ${index_value2}"
index="$((index + 1))"
elif [ "${index}" != "1" ]; then
value="${value}, ${index_value1}"
fi
index="$((index + 1))"
done
json_select ".."
elif [ "${key%_*}" = "active" ]; then
json_select "${key}" >/dev/null 2>&1
index=1
while json_get_type type "${index}" && [ "${type}" = "object" ]; do
json_get_values index_value "${index}" >/dev/null 2>&1
json_get_values index_value1 "${index}" >/dev/null 2>&1
if [ "${index}" = "1" ]; then
value="${index_value}"
value="${index_value1}"
else
value="${value}, ${index_value}"
value="${value}, ${index_value1}"
fi
index=$((index + 1))
index="$((index + 1))"
done
json_select ".."
fi
value="$(printf "%s" "${value}" |
awk '{NR=1;max=118;if(length($0)>max+1)while($0){if(NR==1){print substr($0,1,max)}else{printf"%-24s%s\n","",substr($0,1,max)}{$0=substr($0,max+1);NR=NR+1}}else print}')"
awk '{NR=1;max=118;if(length($0)>max+1)while($0){if(NR==1){print substr($0,1,max)}else{printf"%-24s%s\n","",substr($0,1,max)}{$0=substr($0,max+1);NR=NR+1}}else print}')"
printf " + %-17s : %s\n" "${key}" "${value:-"-"}"
done
else
@ -967,9 +1010,9 @@ f_lookup() {
fi
fi
if [ "${feed}" = "allowlist" ] && [ "${ban_autoallowlist}" = "1" ]; then
printf "%-42s%s\n" "${ip}" "# ip of '${domain}' added on $(date "+%Y-%m-%d %H:%M:%S")" >>"${ban_allowlist}"
printf "%-42s%s\n" "${ip}" "# '${domain}' added on $(date "+%Y-%m-%d %H:%M:%S")" >>"${ban_allowlist}"
elif [ "${feed}" = "blocklist" ] && [ "${ban_autoblocklist}" = "1" ]; then
printf "%-42s%s\n" "${ip}" "# ip of '${domain}' added on $(date "+%Y-%m-%d %H:%M:%S")" >>"${ban_blocklist}"
printf "%-42s%s\n" "${ip}" "# '${domain}' added on $(date "+%Y-%m-%d %H:%M:%S")" >>"${ban_blocklist}"
fi
fi
fi
@ -1151,6 +1194,7 @@ f_search() {
f_system
run_search="/var/run/banIP.search"
if [ -n "${search}" ]; then
ip="$(printf "%s" "${search}" | "${ban_awkcmd}" 'BEGIN{RS="(([0-9]{1,3}\\.){3}[0-9]{1,3})+"}{printf "%s",RT}')"
[ -n "${ip}" ] && proto="v4"
@ -1158,24 +1202,21 @@ f_search() {
ip="$(printf "%s" "${search}" | "${ban_awkcmd}" 'BEGIN{RS="([A-Fa-f0-9]{1,4}::?){3,7}[A-Fa-f0-9]{1,4}"}{printf "%s",RT}')"
[ -n "${ip}" ] && proto="v6"
fi
if [ -n "${proto}" ]; then
table_sets="$("${ban_nftcmd}" -tj list ruleset 2>/dev/null | jsonfilter -qe "@.nftables[@.set.table=\"banIP\"&&@.set.type=\"ip${proto}_addr\"].set.name")"
else
printf "%s\n%s\n%s\n" ":::" "::: no valid search input (single IPv4/IPv6 address)" ":::"
return
fi
fi
if [ -n "${proto}" ]; then
table_sets="$("${ban_nftcmd}" -tj list ruleset 2>/dev/null | jsonfilter -qe "@.nftables[@.set.table=\"banIP\"&&@.set.type=\"ip${proto}_addr\"].set.name")"
else
printf "%s\n%s\n%s\n" ":::" "::: no valid search input (single IPv4/IPv6 address)" ":::"
printf "%s\n%s\n%s\n" ":::" "::: no valid search input" ":::"
return
fi
printf "%s\n%s\n%s\n" ":::" "::: banIP Search" ":::"
printf "%s\n" " Looking for IP ${ip} on $(date "+%Y-%m-%d %H:%M:%S")"
printf "%s\n" " Looking for IP '${ip}' on $(date "+%Y-%m-%d %H:%M:%S")"
printf "%s\n" " ---"
cnt=1
for set in ${table_sets}; do
(
if "${ban_nftcmd}" get element inet banIP "${set}" "{ ${ip} }" >/dev/null 2>&1; then
printf "%s\n" " IP found in set ${set}"
printf "%s\n" " IP found in Set '${set}'"
: >"${run_search}"
fi
) &
@ -1184,8 +1225,11 @@ f_search() {
cnt="$((cnt + 1))"
done
wait
[ ! -f "${run_search}" ] && printf "%s\n" " IP not found"
rm -f "${run_search}"
if [ ! -f "${run_search}" ]; then
printf "%s\n" " IP not found"
else
rm -f "${run_search}"
fi
}
# set survey
@ -1197,11 +1241,11 @@ f_survey() {
[ -n "${set}" ] && set_elements="$("${ban_nftcmd}" -j list set inet banIP "${set}" 2>/dev/null | jsonfilter -qe '@.nftables[*].set.elem[*]')"
if [ -z "${set}" ] || [ -z "${set_elements}" ]; then
printf "%s\n%s\n%s\n" ":::" "::: no valid survey input (single banIP set name)" ":::"
printf "%s\n%s\n%s\n" ":::" "::: no valid survey input" ":::"
return
fi
printf "%s\n%s\n%s\n" ":::" "::: banIP Survey" ":::"
printf "%s\n" " List the elements of set ${set} on $(date "+%Y-%m-%d %H:%M:%S")"
printf "%s\n" " List the elements of Set '${set}' on $(date "+%Y-%m-%d %H:%M:%S")"
printf "%s\n" " ---"
printf "%s\n" "${set_elements}"
}

2
net/banip/files/banip-service.sh
View file

@ -174,7 +174,7 @@ if [ -x "${ban_logreadcmd}" ] && [ -n "${ban_logterm%%??}" ]; then
log_count="$(printf "%s\n" "${log_raw}" | grep -c "found '${ip}'")"
if [ "${log_count}" -ge "${ban_logcount}" ]; then
if "${ban_nftcmd}" add element inet banIP "blocklist${proto}" "{ ${ip} ${nft_expiry} }" >/dev/null 2>&1; then
f_log "info" "added IP${proto} '${ip}' (${nft_expiry:-"-"}) to blocklist${proto} set"
f_log "info" "added IP${proto} '${ip}' (expiry: ${nft_expiry:-"-"}) to blocklist${proto} set"
if [ "${ban_autoblocklist}" = "1" ] && ! grep -q "^${ip}" "${ban_blocklist}"; then
printf "%-42s%s\n" "${ip}" "# added on $(date "+%Y-%m-%d %H:%M:%S")" >>"${ban_blocklist}"
f_log "info" "added IP${proto} '${ip}' to local blocklist"

2
net/banip/files/banip.init
View file

@ -97,7 +97,7 @@ service_triggers() {
local iface trigger delay
trigger="$(uci_get banip global ban_trigger)"
delay="$(uci_get banip global ban_triggerdelay "5")"
delay="$(uci_get banip global ban_triggerdelay "10")"
PROCD_RELOAD_DELAY=$((delay * 1000))
for iface in ${trigger}; do

51
net/cni-protocol/Makefile Normal file
View file

@ -0,0 +1,51 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=cni-protocol
PKG_VERSION:=20230217
PKG_RELEASE:=1
PKG_MAINTAINER:=Oskari Rauta <oskari.rauta@gmail.com>
include $(INCLUDE_DIR)/package.mk
define Package/cni-protocol
SECTION:=net
CATEGORY:=Network
TITLE:=cni netifd protocol
PKGARCH:=all
endef
define Package/cni-protocol/description
protocol support for cni networks for netifd
makes defining network for podman and other similar
systems using cni networking much easier and simpler.
with cni protocol support, on a network, where firewall
and portmapper management is disabled, you may control
firewalling with openwrt's default firewall configuration.
for example, create a container that hosts web content on
port 80 with static ip on your cni network, if your
network is 10.88.0.0/16, use for eg. 10.88.0.101 as
your containers static ip address. Create a zone, cni
to your firewall and add your interface to it.
Now you can easily set up redirectiong to 10.88.0.101:80
to expose it's port 80 to wan for serving your website.
Protocol has one setting: device, on podman this often
is cni-podman0.
endef
define Build/Configure
endef
define Build/Compile
endef
define Package/cni-protocol/install
$(INSTALL_DIR) $(1)/lib/netifd/proto
$(INSTALL_BIN) ./files/cni.sh $(1)/lib/netifd/proto/cni.sh
endef
$(eval $(call BuildPackage,cni-protocol))

52
net/cni-protocol/files/cni.sh Executable file
View file

@ -0,0 +1,52 @@
#!/bin/sh
[ -n "$INCLUDE_ONLY" ] || {
. /lib/functions.sh
. ../netifd-proto.sh
init_proto "$@"
}
proto_cni_init_config() {
no_device=0
available=0
no_proto_task=1
teardown_on_l3_link_down=1
proto_config_add_string "device:device"
}
proto_cni_setup() {
local cfg="$1"
local device ipaddr netmask broadcast route routemask routesrc
json_get_var device device
ipaddr=$(ip -4 -o a show "$device" | awk '{ print $4 }' | cut -d '/' -f1)
netmask=$(ip -4 -o a show "$device" | awk '{ print $4 }' | cut -d '/' -f2)
broadcast=$(ip -4 -o a show "$device" | awk '{ print $6 }')
route=$(ip -4 -o r show dev "$device" | awk '{ print $1 }' | cut -d '/' -f1)
routemask=$(ip -4 -o r show dev "$device" | awk '{ print $1 }' | cut -d '/' -f2)
routesrc=$(ip -4 -o r show dev "$device" | awk '{ print $7 }')
[ -z "$ipaddr" ] && {
echo "cni network $cfg does not have ip address"
proto_notify_error "$cfg" NO_IPADDRESS
return 1
}
proto_init_update "$device" 1
[ -n "$ipaddr" ] && proto_add_ipv4_address "$ipaddr" "$netmask" "$broadcast" ""
[ -n "$route" ] && proto_add_ipv4_route "$route" "$routemask" "" "$routesrc" ""
proto_send_update "$cfg"
}
proto_cni_teardown() {
local cfg="$1"
#proto_set_available "$cfg" 0
return 0
}
[ -n "$INCLUDE_ONLY" ] || {
add_protocol cni
}

6
net/ksmbd-tools/Makefile
View file

@ -1,12 +1,12 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=ksmbd-tools
PKG_RELEASE:=$(AUTORELEASE)
PKG_RELEASE:=1
PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL:=https://github.com/cifsd-team/ksmbd-tools
PKG_SOURCE_VERSION:=3.4.6
PKG_MIRROR_HASH:=c78dace3320cf8a273738b8f3e67bed24c812695f2fab2fbaeae06ec8a15cb77
PKG_SOURCE_VERSION:=3.4.7
PKG_MIRROR_HASH:=9128ecac1a2c463e689ed42fd71952a0eafe956f8bcd1b04af58c7bc66a8baee
PKG_LICENSE:=GPL-2.0-or-later
PKG_LICENSE_FILES:=COPYING

69
net/ksmbd-tools/patches/010-muon.patch
View file

@ -1,69 +0,0 @@
From 3281f325c820a72057ea639e0d11ad68d5703b43 Mon Sep 17 00:00:00 2001
From: Rosen Penev <rosenp@gmail.com>
Date: Thu, 6 Oct 2022 18:07:01 -0700
Subject: [PATCH] ksmbd-tools: run meson through muon analyze
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Mostly unused variable removals. Removed pointless [] in
include_directories.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Acked-by: Atte Heikkilä <atteh.mailbox@gmail.com>
Signed-off-by: Namjae Jeon <linkinjeon@kernel.org>
---
addshare/meson.build | 2 +-
adduser/meson.build | 2 +-
control/meson.build | 2 +-
meson.build | 4 ++--
mountd/meson.build | 2 +-
5 files changed, 6 insertions(+), 6 deletions(-)
--- a/addshare/meson.build
+++ b/addshare/meson.build
@@ -1,4 +1,4 @@
-addshare = executable(
+executable(
'ksmbd.addshare',
'share_admin.c',
'addshare.c',
--- a/adduser/meson.build
+++ b/adduser/meson.build
@@ -1,4 +1,4 @@
-adduser = executable(
+executable(
'ksmbd.adduser',
'md4_hash.c',
'user_admin.c',
--- a/control/meson.build
+++ b/control/meson.build
@@ -1,4 +1,4 @@
-control = executable(
+executable(
'ksmbd.control',
'control.c',
dependencies: [
--- a/meson.build
+++ b/meson.build
@@ -13,10 +13,10 @@ exec awk '/define KSMBD_TOOLS_VERSION /
meson_version: '>= 0.51.0',
)
-tools_incdir = include_directories([
+tools_incdir = include_directories(
'.',
'include',
-])
+)
glib_dep = dependency(
'glib-2.0',
--- a/mountd/meson.build
+++ b/mountd/meson.build
@@ -1,4 +1,4 @@
-mountd = executable(
+executable(
'ksmbd.mountd',
'worker.c',
'ipc.c',

9190
net/ksmbd-tools/patches/020-meson.patch
View file

File diff suppressed because it is too large Load diff

16
net/miniupnpd/Makefile
View file

@ -8,16 +8,13 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=miniupnpd
PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL:=https://github.com/miniupnp/miniupnp.git
PKG_SOURCE_DATE:=2022-08-31
PKG_SOURCE_VERSION:=68c8ec508a421f4f4af67a63e3eb6f497d2531e1
PKG_MIRROR_HASH:=68a3170ec73149c4cf4855b1ce6e031557cc12bff85a58421bb94785daaf225d
PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(BUILD_VARIANT)/$(PKG_NAME)-$(PKG_VERSION)/miniupnpd
PKG_VERSION:=2.3.3
PKG_RELEASE:=1
PKG_SOURCE_URL:=https://miniupnp.tuxfamily.org/files
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_HASH:=6fd7019f936ff88c41e7c822f46f10b51bd72d665978f6586483de75b30c36bf
PKG_MAINTAINER:=
PKG_LICENSE:=BSD-3-Clause
PKG_LICENSE_FILES:=LICENSE
@ -29,9 +26,6 @@ PKG_BUILD_PARALLEL:=1
include $(INCLUDE_DIR)/package.mk
include $(INCLUDE_DIR)/version.mk
TAR_OPTIONS+= --strip-components 1
TAR_CMD=$(HOST_TAR) -C $(1)/.. $(TAR_OPTIONS)
define Package/miniupnpd/Default
SECTION:=net
CATEGORY:=Network

16
net/netifyd/Makefile
View file

@ -16,10 +16,9 @@ PKG_INSTALL:=1
PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL:=https://gitlab.com/netify.ai/public/netify-agent.git
PKG_SOURCE_DATE:=2022-11-03
PKG_SOURCE_VERSION:=v4.2.2
#PKG_SOURCE_VERSION:=e8d649e170ad3f85017115ea5414ade5f297e9c5
PKG_MIRROR_HASH:=34a9f89aa88f666e6f9e6e8fcbfaa94b02cfc4ce6e76c521377af9492d12a90d
PKG_SOURCE_DATE:=2023-03-03
PKG_SOURCE_VERSION:=v4.4.1
PKG_MIRROR_HASH:=aa3522b6d86e113943abacd50b235738e6452991a36864ec70f5db5b7bec6d13
include $(INCLUDE_DIR)/package.mk
@ -49,11 +48,10 @@ define Package/netifyd/conffiles
/etc/netify.d/agent.uuid
/etc/netify.d/serial.uuid
/etc/netify.d/site.uuid
/etc/netify.d/netify-categories.json
endef
TARGET_CFLAGS+=-ffunction-sections -fdata-sections -Wno-psabi
TARGET_CXXFLAGS+=-ffunction-sections -fdata-sections -Wno-psabi
TARGET_CXXFLAGS+=-std=c++11 -ffunction-sections -fdata-sections -Wno-psabi
TARGET_LDFLAGS+=-Wl,--gc-sections
CONFIGURE_ARGS+= \
@ -74,10 +72,6 @@ CONFIGURE_ARGS+= \
--without-libcurl-zlib
endif
define Build/Configure
(cd $(PKG_BUILD_DIR); ./autogen.sh)
$(call Build/Configure/Default)
endef
define Build/InstallDev
$(INSTALL_DIR) $(1)/usr/include/netifyd
@ -86,6 +80,8 @@ define Build/InstallDev
$(CP) $(PKG_INSTALL_DIR)/usr/include/netifyd/pcap-compat/*.h $(1)/usr/include/netifyd/pcap-compat
$(INSTALL_DIR) $(1)/usr/include/netifyd/nlohmann
$(CP) $(PKG_INSTALL_DIR)/usr/include/netifyd/nlohmann/*.hpp $(1)/usr/include/netifyd/nlohmann
$(INSTALL_DIR) $(1)/usr/include/netifyd/radix
$(CP) $(PKG_INSTALL_DIR)/usr/include/netifyd/radix/*.hpp $(1)/usr/include/netifyd/radix
$(INSTALL_DIR) $(1)/usr/include/ndpi
$(CP) $(PKG_INSTALL_DIR)/usr/include/ndpi/*.h $(1)/usr/include/ndpi
$(INSTALL_DIR) $(1)/usr/lib

4
net/pdns-recursor/Makefile
View file

@ -1,12 +1,12 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=pdns-recursor
PKG_VERSION:=4.8.2
PKG_VERSION:=4.8.3
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
PKG_SOURCE_URL:=https://downloads.powerdns.com/releases/
PKG_HASH:=4382d3e84f13401685772779dfede6cbc8157ecf6763fa7fdb1dd33ee3f79ac7
PKG_HASH:=37b91a5458c54411f4e38e2d1263ecf41e751e43c5fd66e813100d9978f02505
PKG_MAINTAINER:=Peter van Dijk <peter.van.dijk@powerdns.com>
PKG_LICENCE:=GPL-2.0-only

6
net/samba4/Makefile
View file

@ -2,8 +2,8 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=samba
PKG_VERSION:=4.17.2
PKG_RELEASE:=$(AUTORELEASE)
PKG_VERSION:=4.17.5
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:= \
@ -13,7 +13,7 @@ PKG_SOURCE_URL:= \
http://www.nic.funet.fi/index/samba/pub/samba/stable/ \
http://samba.mirror.bit.nl/samba/ftp/stable/ \
https://download.samba.org/pub/samba/stable/
PKG_HASH:=e55ddf4d5178f8c84316abf53c5edd7b35399e3b7d86bcb81b75261c827bb3b8
PKG_HASH:=ebb7880d474ffc09d73b5fc77bcbd657f6235910337331a9c24d7f69ca11442b
PKG_LICENSE:=GPL-3.0-only
PKG_LICENSE_FILES:=COPYING

2
net/samba4/patches/021-source4-msgsock-nvram-fix.patch
View file

@ -1,6 +1,6 @@
--- a/source4/lib/messaging/messaging.c
+++ b/source4/lib/messaging/messaging.c
@@ -514,7 +514,7 @@ static struct imessaging_context *imessa
@@ -525,7 +525,7 @@ static struct imessaging_context *imessa
goto fail;
}

2
net/udp-broadcast-relay-redux-openwrt/Makefile
View file

@ -1,7 +1,7 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=udp-broadcast-relay-redux
PKG_RELEASE:=$(AUTORELEASE)
PKG_RELEASE:=2
PKG_LICENSE:=GPL-2.0
PKG_SOURCE_PROTO:=git

2
net/udp-broadcast-relay-redux-openwrt/files/udp-broadcast-relay-redux.init
View file

@ -58,7 +58,7 @@ udp_broadcast_relay_redux_instance() {
procd_append_param command "-t" "$dest_override"
fi
procd_add_jail ubr-${PIDCOUNT}
procd_add_jail ubr-${PIDCOUNT} cgroupsns
procd_close_instance
}

46
utils/ripgrep/Makefile Normal file
View file

@ -0,0 +1,46 @@
# SPDX-License-Identifier: GPL-2.0-only
#
# Copyright (C) 2023 Luca Barbato and Donald Hoskins
include $(TOPDIR)/rules.mk
PKG_NAME:=ripgrep
PKG_VERSION:=13.0.0
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/BurntSushi/ripgrep/tar.gz/$(PKG_VERSION)?
PKG_HASH:=0fb17aaf285b3eee8ddab17b833af1e190d73de317ff9648751ab0660d763ed2
PKG_MAINTAINER:=Luca Barbato <lu_zero@luminem.org>
PKG_LICENSE:=MIT Unlicense
PKG_LICENSE_FILES:=LICENSE-MIT UNLICENSE
PKG_BUILD_DEPENDS:=rust/host
include ../../lang/rust/rust-package.mk
include $(INCLUDE_DIR)/package.mk
define Build/Compile
$(call Build/Compile/Cargo,, --features 'pcre2')
endef
define Package/ripgrep
SECTION:=utils
CATEGORY:=Utilities
TITLE:=ripgrep (rg) regex grep
DEPENDS:=$(RUST_ARCH_DEPENDS) +libpcre2
URL:=https://github.com/BurntSushi/ripgrep
endef
define Package/ripgrep/description
ripgrep (rg) recursively searches directories for a regex pattern
while respecting your gitignore
endef
define Package/ripgrep/install
$(INSTALL_DIR) $(1)/bin
$(INSTALL_BIN) $(PKG_BUILD_DIR)/target/$(RUSTC_TARGET_ARCH)/stripped/rg $(1)/bin/rg
endef
$(eval $(call BuildPackage,ripgrep))