Bug 211744

Summary: [NEW PORT] sysutils/ipdbtools: Tools for IP based Geo-blocking and Geo-routing
Product: Ports & Packages Reporter: cyclaero
Component: Individual Port(s)Assignee: Kurt Jaeger <pi>
Status: Closed FIXED    
Severity: Affects Many People CC: cyclaero, pi
Priority: ---    
Version: Latest   
Hardware: Any   
OS: Any   
See Also: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=211881
Attachments:
Description Flags
ipdbtools port directory as .shar file none

Description cyclaero 2016-08-11 00:33:43 UTC 
Created attachment 173531 [details]
ipdbtools port directory as .shar file

New port: sysutils/ipdbtools

Tools for generating IP based Geo-block-ing and Geo-routing tables in
order to configure the system's firewall and/or routing facilities

In general, routing is determined by destination IP addresses, and access
control by the firewall is established by selectors that can be attrib-
uted to incoming and outgoing IP packets, like physical interfaces on
which the packets are going, source and target IP addresses, protocol
types, port numbers, content types and content, etc. The Geo-location
would be just another selector, but this information is not carried
explicitly with IP packets, however, it can be obtained using an IP
address as a key for looking-up the location in an IP database.

Online databases do exist, but these are usually limited to single queries
and in addition the look-up in an online database is by far too slow for
even thinking about being utilized at the firewall level, where IP packets
need to be processed in a microsecond time scale. Therefore, a locally
maintained Geo-location database is indispensable in the given respect.
The System's own routing and filtering tables can be configured to do
these tasks if there is a source of the appropriate data. The ipdbtools(1)
are designed to provide this data and to assist managing and using it.

WWW: https://cyclaero.github.io/ipdb/
Comment 1 commit-hook freebsd_committer freebsd_triage 2016-08-11 11:13:03 UTC 
A commit references this bug:

Author: pi
Date: Thu Aug 11 11:12:23 UTC 2016
New revision: 420060
URL: https://svnweb.freebsd.org/changeset/ports/420060

Log:
  New port: sysutils/ipdbtools

  Tools for generating IP based Geo-block-ing and Geo-routing tables in
  order to configure the system's firewall and/or routing facilities

  In general, routing is determined by destination IP addresses, and access
  control by the firewall is established by selectors that can be attrib-
  uted to incoming and outgoing IP packets, like physical interfaces on
  which the packets are going, source and target IP addresses, protocol
  types, port numbers, content types and content, etc. The Geo-location
  would be just another selector, but this information is not carried
  explicitly with IP packets, however, it can be obtained using an IP
  address as a key for looking-up the location in an IP database.

  Online databases do exist, but these are usually limited to single queries
  and in addition the look-up in an online database is by far too slow for
  even thinking about being utilized at the firewall level, where IP packets
  need to be processed in a microsecond time scale. Therefore, a locally
  maintained Geo-location database is indispensable in the given respect.
  The System's own routing and filtering tables can be configured to do
  these tasks if there is a source of the appropriate data. The ipdbtools(1)
  are designed to provide this data and to assist managing and using it.

  WWW: https://cyclaero.github.io/ipdb/

  PR:		211744
  Submitted by:	cyclaero@gmail.com

Changes:
  head/sysutils/Makefile
  head/sysutils/ipdbtools/
  head/sysutils/ipdbtools/Makefile
  head/sysutils/ipdbtools/distinfo
  head/sysutils/ipdbtools/pkg-descr
Comment 2 Kurt Jaeger freebsd_committer freebsd_triage 2016-08-11 11:15:59 UTC 
Committed, thanks. I've added ONLY_FOR_ARCHS=amd64 because of

In file included from ipdb.c:36:
./store.h:547:9: error: unknown type name '__uint128_t'
typedef __uint128_t uint128_t;
        ^

on i386. If you have some patch to avoid using the __uint128_t type,
that would be useful.
Comment 3 cyclaero 2016-08-11 13:21:45 UTC 
(In reply to Kurt Jaeger from comment #2)

Sorry, I didn't realize that __uint128_t is not available on 32bit targets.

This type is used for storage and basic arithmetic with IPv6 addresses. Storage could be done easily with a union of 2 uint64_t, however, I have to look into how to do comparisons and the 4 basic arithmetic operations in a straight forward manner on 32bit systems.