FreeBSD Bugzilla – Attachment 31216 Details for
Bug 52123
pf4freebsd authpf authentification shell for pf gateways
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
authpf_port.shar
authpf_port.shar (text/plain), 9.48 KB, created by
Max Laier
on 2003-05-12 16:30:15 UTC
(
hide
)
Description:
authpf_port.shar
Filename:
MIME Type:
Creator:
Max Laier
Created:
2003-05-12 16:30:15 UTC
Size:
9.48 KB
patch
obsolete
># This is a shell archive. Save it in a file, remove anything before ># this line, and then unpack it by entering "sh file". Note, it may ># create directories; files and directories will be owned by you and ># have default permissions. ># ># This archive contains: ># ># authpf ># authpf/files ># authpf/files/patch-aa ># authpf/files/pathnames.h.sed ># authpf/Makefile ># authpf/distinfo ># authpf/pkg-descr ># authpf/pkg-install ># authpf/pkg-message ># authpf/pkg-plist ># >echo c - authpf >mkdir -p authpf > /dev/null 2>&1 >echo c - authpf/files >mkdir -p authpf/files > /dev/null 2>&1 >echo x - authpf/files/patch-aa >sed 's/^X//' >authpf/files/patch-aa << 'END-of-authpf/files/patch-aa' >X*** ./authpf/Makefile Thu Apr 17 04:17:07 2003 >X--- ./authpf/Makefile Fri May 9 17:07:32 2003 >X*************** >X*** 3,15 **** >X PROG= authpf >X MAN= authpf.8 >X BINOWN= root >X! BINGRP= wheel >X BINMODE= 6555 >X! .if defined(PREFIX) && !empty(PREFIX) >X! BINDIR= ${PREFIX}/libexec >X! .else >X! BINDIR= /usr/libexec >X! .endif >X SRCS= authpf.c parse.y pfctl_parser.c pf_print_state.c pfctl_altq.c >X SRCS+= pfctl_radix.c >X #CFLAGS+= -I${.CURDIR}/../../sbin/pfctl -Wall -Werror >X--- 3,11 ---- >X PROG= authpf >X MAN= authpf.8 >X BINOWN= root >X! BINGRP= authpf >X BINMODE= 6555 >X! BINDIR= ${PREFIX}/sbin >X SRCS= authpf.c parse.y pfctl_parser.c pf_print_state.c pfctl_altq.c >X SRCS+= pfctl_radix.c >X #CFLAGS+= -I${.CURDIR}/../../sbin/pfctl -Wall -Werror >END-of-authpf/files/patch-aa >echo x - authpf/files/pathnames.h.sed >sed 's/^X//' >authpf/files/pathnames.h.sed << 'END-of-authpf/files/pathnames.h.sed' >X/* $OpenBSD: pathnames.h,v 1.5 2002/10/25 18:35:33 camield Exp $ */ >X >X/* >X * Copyright (C) 2002 Chris Kuethe (ckuethe@ualberta.ca) >X * >X * Redistribution and use in source and binary forms, with or without >X * modification, are permitted provided that the following conditions >X * are met: >X * 1. Redistributions of source code must retain the above copyright >X * notice, this list of conditions and the following disclaimer. >X * 2. Redistributions in binary form must reproduce the above copyright >X * notice, this list of conditions and the following disclaimer in the >X * documentation and/or other materials provided with the distribution. >X * 3. Neither the name of the author nor the names of contributors >X * may be used to endorse or promote products derived from this software >X * without specific prior written permission. >X * >X * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND >X * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE >X * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE >X * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE >X * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL >X * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS >X * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) >X * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT >X * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY >X * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF >X * SUCH DAMAGE. >X */ >X >X#define PATH_CONFFILE "%%PREFIX%%/etc/authpf/authpf.conf" >X#define PATH_ALLOWFILE "%%PREFIX%%/etc/authpf/authpf.allow" >X#define PATH_PFRULES "%%PREFIX%%/etc/authpf/authpf.rules" >X#define PATH_PROBLEM "%%PREFIX%%/etc/authpf/authpf.problem" >X#define PATH_MESSAGE "%%PREFIX%%/etc/authpf/authpf.message" >X#define PATH_USER_DIR "%%PREFIX%%/etc/authpf/users" >X#define PATH_BAN_DIR "%%PREFIX%%/etc/authpf/banned" >X#define PATH_DEVFILE "/dev/pf" >X#define PATH_PIDFILE "/var/authpf" >X#define PATH_AUTHPF_SHELL "%%PREFIX%%/sbin/authpf" >END-of-authpf/files/pathnames.h.sed >echo x - authpf/Makefile >sed 's/^X//' >authpf/Makefile << 'END-of-authpf/Makefile' >X# New ports collection makefile for: authpf >X# Date created: 09 May 2003 >X# Whom: Max Laier <max@love2party.net> >X# >X# $FreeBSD$ >X# >X >XPORTNAME= authpf >XPORTVERSION= 1.0 >XCATEGORIES= security ipv6 >XMASTER_SITES= http://pf4freebsd.love2party.net/ >X.if defined(WITH_ALTQ) && (${WITH_ALTQ} == "yes") >XPKGNAMESUFFIX= -altq >X.endif >XDISTNAME= ${PORTNAME}_${PORTVERSION} >XDISTFILES= pf_freebsd_${PORTVERSION}${EXTRACT_SUFX} >X >XMAINTAINER= max@love2party.net >XCOMMENT= Authentification shell for pf gateways >X >XWRKSRC= ${WRKDIR}/pf_freebsd_${PORTVERSION} >X >XRUN_DEPENDS= ${LOCALBASE}/modules/pf.ko:${PF_PORT} >X >XPF_PORT= ${PORTSDIR}/security/pf >X >X.if !defined(BATCH) && !defined(PACKAGE_BUILDING) >XIS_INTERACTIVE= yes >X.endif >X >XMAN8= authpf.8 >X >XMANCOMPRESSED= maybe >X >XMAKE_ARGS= MANDIR="${PREFIX}/man/man" ONLY_AUTHPF=yes >X >X.if defined(WITH_ALTQ) && (${WITH_ALTQ} == "yes") >XSYS_ALTQ?= /usr/src/sys.altq >XMAKE_ARGS+= WITH_ALTQ="yes" SYS_ALTQ="${SYS_ALTQ}" >XPLIST_SUB+= WITH_ALTQ="" >X.else >XPLIST_SUB+= WITH_ALTQ="@comment " >X.endif >X >X.include <bsd.port.pre.mk> >X >X.if ${OSVERSION} < 500000 >XBROKEN= "Sorry only for 5.0 and above" >X.endif >X >XSRC_BASE?= /usr/src >X.if !exists(${SRC_BASE}/sys/Makefile) && \ >X (defined(WITH_ALTQ) && !exists(${SYS_ALTQ}/Makefile) >XBROKEN= "Kernel source files required" >X.endif >X >X.if !defined(WITH_ALTQ) || (${WITH_ALTQ} != "yes") >Xpre-fetch: >X @${ECHO_CMD} "=======================================================" >X @${ECHO_CMD} "* If you have ALTQ support from: *" >X @${ECHO_CMD} "* http://www.rofug.ro/projects/freebsd-altq/ *" >X @${ECHO_CMD} "* You can may define WITH_ALTQ=yes to make use of it *" >X @${ECHO_CMD} "* Please define SYS_ALTQ to point to the patched src *" >X @${ECHO_CMD} "* *" >X @${ECHO_CMD} "* e.g.: make WITH_ALTQ=yes SYS_ALTQ=/usr/src/sys.altq *" >X @${ECHO_CMD} "* *" >X @${ECHO_CMD} "=======================================================" >X @sleep 2 >X.endif >X >Xpost-patch: >X ${SED} -e 's!%%PREFIX%%!${PREFIX}!' ${PATCHDIR}/pathnames.h.sed > \ >X ${WRKSRC}/authpf/pathnames.h >X >Xpre-install: >X.if !defined(BATCH) && !defined(PACKAGE_BUILDING) >X @${SETENV} PKG_PREFIX=${PREFIX} ${SH} ${PKGINSTALL} ${PKGNAME} PRE-INSTALL >X.endif >X >Xpost-install: >X ${SED} -e 's!%%PREFIX%%!${PREFIX}!' pkg-message >X ${MKDIR} ${PREFIX}/etc/authpf >X ${MKDIR} ${PREFIX}/etc/authpf/users >X ${MKDIR} ${PREFIX}/etc/authpf/banned >X >X.include <bsd.port.post.mk> >END-of-authpf/Makefile >echo x - authpf/distinfo >sed 's/^X//' >authpf/distinfo << 'END-of-authpf/distinfo' >XMD5 (pf_freebsd_1.0.tar.gz) = 66b573f0f6884b61f41240111425b93e >END-of-authpf/distinfo >echo x - authpf/pkg-descr >sed 's/^X//' >authpf/pkg-descr << 'END-of-authpf/pkg-descr' >XThis is an authentification shell that can change pf filterrules according >Xto the authentificated user. You will need a working installation of pf >Xand sshd as interconnect. For more information see http://www.OpenBSD.org/ >X >XWWW: http://pf4freebsd.love2party.net/ >X >X-Max <reports@pf4freebsd.love2party.net> >END-of-authpf/pkg-descr >echo x - authpf/pkg-install >sed 's/^X//' >authpf/pkg-install << 'END-of-authpf/pkg-install' >X#!/bin/sh >X# an installation script for pf_freebsd copied from Wnn6 >X >Xcheck_pw() >X{ >X if which -s pw; then >X : >X else >X cat <<EOF >X >XThis system looks like a pre-2.2 version of FreeBSD. We see that it >Xis missing the "pw" utility. We need this utility. Please get and >Xinstall it, and try again. You can get the source from: >X >X ftp://ftp.freebsd.org/pub/FreeBSD/FreeBSD-current/src/usr.sbin/pw.tar.gz >X >XEOF >X exit 1 >X fi >X} >X >Xask() { >X local question default answer >X >X question=$1 >X default=$2 >X if [ -z "${PACKAGE_BUILDING}" ]; then >X read -p "${question} (y/n) [${default}]? " answer >X fi >X if [ x${answer} = x ]; then >X answer=${default} >X fi >X echo ${answer} >X} >X >Xyesno() { >X local dflt question answer >X >X question=$1 >X dflt=$2 >X while :; do >X answer=$(ask "${question}" "${dflt}") >X case "${answer}" in >X [Yy]*) return 0;; >X [Nn]*) return 1;; >X esac >X echo "Please answer yes or no." >X done >X} >X >Xcheck_group() { >X local name id >X >X name=$1 >X id=$2 >X #check >X # We need a command 'pw(8)' >X check_pw >X if pw groupshow $name -q ; then >X return 0 >X fi >X if pw groupadd -g $id -n $name -N -q ; then >X echo "" >X echo "You need a group '$name' whose ID number is $id" >X if yesno "Would you like to create it automatically?" y; then >X pw groupadd -g $id -n $name >X return 0 >X fi >X fi >X echo "" >X echo "I was not able to add group 'proxy:*:71:' as pw reported:" >X pw groupadd -g $id -n $name -N >X echo "Please correct this and try again!" >X echo "" >X return 1 >X} >X >Xcase $2 in >XPRE-INSTALL) >X >X if ! check_group authpf 72 ; then >X exit 1 >X fi >X ;; >Xesac >END-of-authpf/pkg-install >echo x - authpf/pkg-message >sed 's/^X//' >authpf/pkg-message << 'END-of-authpf/pkg-message' >X=========================================================================== >XPlease note that authpf requires suid bit! Take a look at the man page NOW >Xauthpf(8) and create the following files according to your needs: >X >X %%PREFIX%%/etc/authpf/authpf.conf >X %%PREFIX%%/etc/authpf/authpf.allow >X %%PREFIX%%/etc/authpf/authpf.rules >X %%PREFIX%%/etc/authpf/authpf.message >X %%PREFIX%%/etc/authpf/authpf.problem >X >X=========================================================================== >END-of-authpf/pkg-message >echo x - authpf/pkg-plist >sed 's/^X//' >authpf/pkg-plist << 'END-of-authpf/pkg-plist' >X@group authpf >X@owner root >X@mode 6555 >Xsbin/authpf >X@group >X@owner >X@mode >X >X@dirrm etc/authpf/users >X@dirrm etc/authpf/banned >X@dirrm etc/authpf >X >END-of-authpf/pkg-plist >exit
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=31216">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 52123
: 31216