Fwknop: Update to newest release

add basic uci support add optional gpg support signed-off-by: Jonathan Bennett <jbennett@incomsystems.biz>
2015-05-07 22:39:22 -05:00 · 2015-05-07 22:39:22 -05:00 · 8c1e0d4bfd
commit 8c1e0d4bfd
parent 76baa032e8
5 changed files with 114 additions and 41 deletions
--- a/net/fwknop/Config.in
+++ b/net/fwknop/Config.in
@ -0,0 +1,12 @@
+#fwknop config
+menu "Configuration"
+	depends on PACKAGE_fwknopd
+
+config FWKNOPD_GPG
+	bool "Enable GPG support"
+	select PACKAGE_gnupg
+	default n
+
+
+
+endmenu
--- a/net/fwknop/Makefile
+++ b/net/fwknop/Makefile
@ -8,12 +8,12 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=fwknop
-PKG_VERSION:=2.6.5
+PKG_VERSION:=2.6.6
 PKG_RELEASE:=1

 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
 PKG_SOURCE_URL:=http://www.cipherdyne.org/fwknop/download
-PKG_MD5SUM:=1ae000a499bf604a2aeef4d0a7a178c8
+PKG_MD5SUM:=1372aeaf1e33ab1d6b9906ef9b5cd02e
 PKG_MAINTAINER:=Jonathan Bennett <JBennett@incomsystems.biz>
 PKG_LICENSE:=GPLv2
 PKG_INSTALL:=1
@ -42,7 +42,7 @@ define Package/fwknopd
  CATEGORY:=Network
  SUBMENU:=Firewall
  TITLE+= Daemon
-  DEPENDS:=+iptables +libfko +libpcap
+  DEPENDS:=+iptables +libfko +libpcap +FWKNOP_GPG:gnupg
 endef

 define Package/fwknopd/description
@ -55,6 +55,10 @@ define Package/fwknopd/conffiles
 /etc/fwknop/fwknopd.conf
 endef

+define Package/fwknopd/config
+	source "$(SOURCE)/Config.in"
+endef
+
 define Package/fwknop
  $(call Package/fwknop/Default)
  SECTION:=net
@ -82,8 +86,12 @@ define Package/libfko/description
  This package contains the libfko shared library.
 endef

+
+ifeq ($(CONFIG_FWKNOPD_GPG),n)
+	CONFIGURE_ARGS += --without-gpgme 
+endif
+
 CONFIGURE_ARGS += \
-	--without-gpgme \
 	--with-iptables=/usr/sbin/iptables

 define Build/InstallDev
@ -98,8 +106,7 @@ define Package/fwknopd/install
 	$(INSTALL_CONF) $(PKG_INSTALL_DIR)/etc/fwknop/{access,fwknopd}.conf \
 		$(1)/etc/fwknop/
 	$(INSTALL_DIR) $(1)/etc/init.d
-	$(INSTALL_BIN) $(PKG_BUILD_DIR)/extras/fwknop.init.openwrt \
-		$(1)/etc/init.d/fwknopd
+	$(INSTALL_BIN) ./files/fwknopd.init $(1)/etc/init.d/fwknopd
 	$(INSTALL_DIR) $(1)/usr/sbin
 	$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/fwknopd $(1)/usr/sbin/
 endef
--- a/net/fwknop/files/fwknopd.init
+++ b/net/fwknop/files/fwknopd.init
@ -0,0 +1,89 @@
+#!/bin/sh /etc/rc.common
+#
+# Fwknop is developed primarily by the people listed in the file 'AUTHORS'.
+# Copyright (C) 2009-2014 fwknop developers and contributors. For a full
+# list of contributors, see the file 'CREDITS'.
+#
+. /lib/functions.sh
+UCI_ENABLED=0
+START=60
+
+FWKNOPD_BIN=/usr/sbin/fwknopd
+
+start()
+{
+	gen_confs
+        $FWKNOPD_BIN 
+}
+
+stop()
+{
+        $FWKNOPD_BIN -K
+}
+
+restart()
+{
+    stop;
+    sleep 1;
+    start;
+}
+
+reload()
+{
+        $FWKNOPD_BIN -R
+}
+
+gen_confs()
+{
+
+
+config_cb() {
+
+	local type="$1"
+	local name="$2"
+	if [ "$type" = "global" ]
+	then
+	        option_cb() { 
+			local option="$1"                                
+			local value="$2"   
+			if [ "$option" = "uci_enabled" ] && [ "$value" -eq 1 ] ; then
+				> /etc/fwknop/fwknopd.conf
+				> /etc/fwknop/access.conf
+				UCI_ENABLED=1
+			fi
+		}
+	elif [ "$type" = "config" ]
+	then
+	        option_cb() { 
+			local option="$1"                                
+			local value="$2"   
+			if [ $UCI_ENABLED ]; then 
+				echo "${option//_/-} $value" >> /etc/fwknop/fwknopd.conf  #writing each option to fwknopd.conf
+			fi
+		}
+	elif [ "$type" = "SOURCE" ]
+	then
+		echo "${type//_/-} $name" >> /etc/fwknop/access.conf  #writing each option to access.conf
+	        option_cb() { 
+			local option="$1"                                
+			local value="$2"   
+			if [ $UCI_ENABLED ]; then 
+				echo "${option//_/-} $value" >> /etc/fwknop/access.conf  #writing each option to access.conf
+			fi
+		}
+	fi	 
+
+
+
+
+}
+
+
+if [ -f /etc/config/fwknopd ]; then
+
+	config_load fwknopd
+
+
+fi
+
+}
--- a/net/fwknop/patches/001-fix_config.patch
+++ b/net/fwknop/patches/001-fix_config.patch
@ -1,18 +0,0 @@
--- a/server/fwknopd.conf.inst
-+++ b/server/fwknopd.conf.inst
-@@ -402,8 +402,13 @@
- # The IPT_FORWARD_ACCESS variable is only used if ENABLE_IPT_FORWARDING is
- # enabled.
- #
-#IPT_FORWARD_ACCESS      ACCEPT, filter, FORWARD, 1, FWKNOP_FORWARD, 1;
-#IPT_DNAT_ACCESS         DNAT, nat, PREROUTING, 1, FWKNOP_PREROUTING, 1;
-+
-+# These two lines are changed specifically for Openwrt, due to
-+# different naming conventions. IPT_FORWARD is still disabled
-+# by default, and must be enabled earlier in this file to be used.
-+
-+IPT_FORWARD_ACCESS      ACCEPT, filter, zone_wan_forward, 1, FWKNOP_FORWARD, 1;
-+IPT_DNAT_ACCESS         DNAT, nat, zone_wan_prerouting, 1, FWKNOP_PREROUTING, 1;
- 
- # The IPT_SNAT_ACCESS variable is not used unless both ENABLE_IPT_SNAT and
- # ENABLE_IPT_FORWARDING are enabled.  Also, the external static IP must be
--- a/net/fwknop/patches/002-fix_init.patch
+++ b/net/fwknop/patches/002-fix_init.patch
@ -1,17 +0,0 @@
--- a/extras/openwrt/package/fwknop/files/fwknopd.init
-+++ b/extras/openwrt/package/fwknop/files/fwknopd.init
-@@ -11,12 +11,12 @@ FWKNOPD_BIN=/usr/sbin/fwknopd
- 
- start()
- {
-	$FWKNOPD_BIN
-+	service_start $FWKNOPD_BIN
- }
- 
- stop()
- {
-	$FWKNOPD_BIN -K
-+	service_stop $FWKNOPD_BIN -K
- }
- 
- restart()