Update guardian to the re-written version.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
--- /dev/null
+/var/ipfire/guardian/guardian.conf
+/var/ipfire/guardian/guardian.ignore
+/var/ipfire/guardian/settings
+/var/ipfire/guardian/ignored
--- /dev/null
+lastaction
+ /usr/bin/guardianctrl logrotate &>/dev/null
+endscript
+
+/var/log/guardian/guardian.log {
+ weekly
+ rotate 4
+ copytruncate
+ compress
+ notifempty
+ missingok
+}
--- /dev/null
+$subservices->{'65.guardian'} = {
+ 'caption' => $Lang::tr{'guardian'},
+ 'uri' => '/cgi-bin/guardian.cgi',
+ 'title' => "$Lang::tr{'guardian'}",
+ 'enabled' => '1',
+ };
etc/rc.d/init.d/fsresize
etc/rc.d/init.d/functions
#etc/rc.d/init.d/gnump3d
+#etc/rc.d/init.d/guardian
etc/rc.d/init.d/halt
#etc/rc.d/init.d/haproxy
#etc/rc.d/init.d/hostapd
etc/rc.d/init.d/networking/red.up/24-RS-qos
etc/rc.d/init.d/networking/red.up/27-RS-squid
etc/rc.d/init.d/networking/red.up/30-ddns
+#etc/rc.d/init.d/networking/red.up/35-guardian
etc/rc.d/init.d/networking/red.up/40-ipac
etc/rc.d/init.d/networking/red.up/50-ipsec
etc/rc.d/init.d/networking/red.up/50-ovpn
#var/ipfire/menu.d/EX-apcupsd.menu
#var/ipfire/menu.d/EX-asterisk.menu
#var/ipfire/menu.d/EX-bluetooth.menu
+#var/ipfire/menu.d/EX-guardian.menu
#var/ipfire/menu.d/EX-imspector.menu
#var/ipfire/menu.d/EX-mpfire.menu
#var/ipfire/menu.d/EX-samba.menu
etc/rc.d/init.d/fsresize
etc/rc.d/init.d/functions
#etc/rc.d/init.d/gnump3d
+#etc/rc.d/init.d/guardian
etc/rc.d/init.d/halt
#etc/rc.d/init.d/haproxy
#etc/rc.d/init.d/hostapd
etc/rc.d/init.d/networking/red.up/24-RS-qos
etc/rc.d/init.d/networking/red.up/27-RS-squid
etc/rc.d/init.d/networking/red.up/30-ddns
+#etc/rc.d/init.d/networking/red.up/35-guardian
etc/rc.d/init.d/networking/red.up/40-ipac
etc/rc.d/init.d/networking/red.up/50-ipsec
etc/rc.d/init.d/networking/red.up/50-ovpn
srv/web/ipfire/cgi-bin/firewall.cgi
srv/web/ipfire/cgi-bin/fwhosts.cgi
srv/web/ipfire/cgi-bin/geoip-block.cgi
+#srv/web/ipfire/cgi-bin/guardian.cgi
srv/web/ipfire/cgi-bin/gpl.cgi
srv/web/ipfire/cgi-bin/gui.cgi
srv/web/ipfire/cgi-bin/hardwaregraphs.cgi
etc/rc.d/init.d/fsresize
etc/rc.d/init.d/functions
#etc/rc.d/init.d/gnump3d
+#etc/rc.d/init.d/guardian
etc/rc.d/init.d/halt
#etc/rc.d/init.d/haproxy
#etc/rc.d/init.d/hostapd
etc/rc.d/init.d/networking/red.up/24-RS-qos
etc/rc.d/init.d/networking/red.up/27-RS-squid
etc/rc.d/init.d/networking/red.up/30-ddns
+#etc/rc.d/init.d/networking/red.up/35-guardian
etc/rc.d/init.d/networking/red.up/40-ipac
etc/rc.d/init.d/networking/red.up/50-ipsec
etc/rc.d/init.d/networking/red.up/50-ovpn
-usr/local/bin/guardian.pl
-usr/local/bin/guardian_block.sh
-usr/local/bin/guardian_unblock.sh
+etc/logrotate.d/guardian
+etc/rc.d/init.d/guardian
+etc/rc.d/init.d/networking/red.up/35-guardian
+etc/rc.d/rc0.d/K76guardian
+etc/rc.d/rc3.d/S45guardian
+etc/rc.d/rc6.d/K76guardian
+srv/web/ipfire/cgi-bin/guardian.cgi
+usr/bin/guardianctrl
+#usr/lib/perl5/site_perl/5.12.3/Guardian
+usr/lib/perl5/site_perl/5.12.3/Guardian/Base.pm
+usr/lib/perl5/site_perl/5.12.3/Guardian/Config.pm
+usr/lib/perl5/site_perl/5.12.3/Guardian/Daemon.pm
+usr/lib/perl5/site_perl/5.12.3/Guardian/Events.pm
+usr/lib/perl5/site_perl/5.12.3/Guardian/IPtables.pm
+usr/lib/perl5/site_perl/5.12.3/Guardian/Logger.pm
+usr/lib/perl5/site_perl/5.12.3/Guardian/Parser.pm
+usr/lib/perl5/site_perl/5.12.3/Guardian/Socket.pm
+usr/sbin/guardian
+var/ipfire/backup/addons/includes/guardian
var/ipfire/guardian
-var/ipfire/guardian/guardian.conf
-var/ipfire/guardian/guardian.ignore
+var/ipfire/menu.d/EX-guardian.menu
var/log/guardian
var/log/guardian/guardian.log
include Config
-VER = ipfire
+VER = 2.0
THISAPP = guardian-$(VER)
+DL_FILE = $(THISAPP).tar.gz
+DL_FROM = $(URL_IPFIRE)
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
+
PROG = guardian
-PAK_VER = 9
+PAK_VER = 10
+
+DEPS = "perl-inotify2 perl-Net-IP"
-DEPS = ""
###############################################################################
# Top-level Rules
###############################################################################
-objects =
+objects = $(DL_FILE)
+
+$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
+
+$(DL_FILE)_MD5 = 5ddabfb89900d5232809a0d9ff9b8e9e
install : $(TARGET)
-check :
+check : $(patsubst %,$(DIR_CHK)/%,$(objects))
-download :
+download :$(patsubst %,$(DIR_DL)/%,$(objects))
-md5 :
+md5 : $(subst %,%_MD5,$(objects))
-dist:
+dist:
@$(PAK)
+###############################################################################
+# Downloading, checking, md5sum
+###############################################################################
+
+$(patsubst %,$(DIR_CHK)/%,$(objects)) :
+ @$(CHECK)
+
+$(patsubst %,$(DIR_DL)/%,$(objects)) :
+ @$(LOAD)
+
+$(subst %,%_MD5,$(objects)) :
+ @$(MD5)
+
###############################################################################
# Installation Details
###############################################################################
$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
@$(PREBUILD)
- -mkdir -p /var/ipfire/guardian /var/log/guardian
- touch /var/log/guardian/guardian.log
- touch /var/ipfire/guardian/guardian.ignore
- install -v -m 644 $(DIR_SRC)/config/guardian/guardian.conf /var/ipfire/guardian/
- install -v -m 755 $(DIR_SRC)/config/guardian/guardian.pl /usr/local/bin/
- install -v -m 755 $(DIR_SRC)/config/guardian/guardian_block.sh /usr/local/bin/
- install -v -m 755 $(DIR_SRC)/config/guardian/guardian_unblock.sh /usr/local/bin/
+ @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axvf $(DIR_DL)/$(DL_FILE)
+
+ # Adjust path for firewall binaries.
+ cd $(DIR_APP) && sed -i "s|/usr/sbin/|/sbin/|g" modules/IPtables.pm
+
+ cd $(DIR_APP) && make
+ cd $(DIR_APP) && make install
+
+ # Create config directory and create files.
+ -mkdir -pv /var/ipfire/guardian
chown nobody.nobody /var/ipfire/guardian
- chown nobody.nobody /var/ipfire/guardian/{guardian.conf,guardian.ignore}
+
+ # Create directory and file for logging.
+ -mkdir -pv /var/log/guardian
+ touch /var/log/guardian/guardian.log
+
+ # Create symlinks for runlevel interaction.
+ ln -svf /etc/rc.d/init.d/guardian /etc/rc.d/rc3.d/S45guardian
+ ln -svf /etc/rc.d/init.d/guardian /etc/rc.d/rc0.d/K76guardian
+ ln -svf /etc/rc.d/init.d/guardian /etc/rc.d/rc6.d/K76guardian
+
+ # Install include file for backup.
+ install -v -m 644 $(DIR_SRC)/config/backup/includes/guardian \
+ /var/ipfire/backup/addons/includes/guardian
+
+ # Logrotate.
+ -mkdir -pv /etc/logrotate.d
+ install -v -m 644 $(DIR_SRC)/config/guardian/guardian.logrotate \
+ /etc/logrotate.d/guardian
+
+ @rm -rf $(DIR_APP)
@$(POSTBUILD)
--- /dev/null
+#!/bin/sh
+########################################################################
+# Begin $rc_base/init.d/guardian
+#
+# Description : Guardian Initscript
+#
+# Authors : Kim Wölfel for ipfire.org
+#
+# Version : 01.00
+#
+# Notes :
+#
+########################################################################
+
+. /etc/sysconfig/rc
+. ${rc_functions}
+
+eval $(/usr/local/bin/readhash /var/ipfire/guardian/settings)
+
+function guardian_is_enabled() {
+ [ "${GUARDIAN_ENABLED}" = "on" ]
+}
+
+case "$1" in
+ start)
+ guardian_is_enabled || exit 0
+
+ boot_mesg "Starting Guardian..."
+ loadproc /usr/sbin/guardian -c /var/ipfire/guardian/guardian.conf
+ ;;
+
+ stop)
+ if ([ -f /run/guardian/guardian.pid ]); then
+ boot_mesg "Stopping Guardian..."
+ kill $(cat /run/guardian/guardian.pid)
+ sleep 1;
+ fi
+ ;;
+
+ status)
+ statusproc /usr/sbin/guardian
+ ;;
+
+ restart)
+ $0 stop
+ sleep 2
+ $0 start
+ ;;
+
+ *)
+ echo "Usage: $0 {start|stop|restart|status}"
+ exit 1
+ ;;
+esac
+
+# End $rc_base/init.d/guardian
--- /dev/null
+#!/bin/bash
+
+exec /usr/bin/guardianctrl reload-ignore-list 2&>/dev/null