From owner-svn-ports-head@freebsd.org Mon May 9 10:57:54 2016 Return-Path: Delivered-To: svn-ports-head@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 7FF9FB3488A; Mon, 9 May 2016 10:57:54 +0000 (UTC) (envelope-from olivier@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4C3A91184; Mon, 9 May 2016 10:57:54 +0000 (UTC) (envelope-from olivier@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id u49AvrOM033155; Mon, 9 May 2016 10:57:53 GMT (envelope-from olivier@FreeBSD.org) Received: (from olivier@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id u49Avq5e033143; Mon, 9 May 2016 10:57:52 GMT (envelope-from olivier@FreeBSD.org) Message-Id: <201605091057.u49Avq5e033143@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: olivier set sender to olivier@FreeBSD.org using -f From: Olivier Cochard Date: Mon, 9 May 2016 10:57:52 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r414837 - in head: . net net/mlvpn net/mlvpn/files X-SVN-Group: ports-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-head@freebsd.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: SVN commit messages for the ports tree for head List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 09 May 2016 10:57:54 -0000 Author: olivier Date: Mon May 9 10:57:52 2016 New Revision: 414837 URL: https://svnweb.freebsd.org/changeset/ports/414837 Log: New port: net/mlvpn MLVPN allow to bond your internet links to increase bandwidth, secure your internet connection by actively monitoring your links and removing the faulty ones, without loosing your TCP connections and secure your internet connection to the aggregation server using cryptography. WWW: https://zehome.github.io/MLVPN/ Approved by: mat Differential Revision: https://reviews.freebsd.org/D6034 Added: head/net/mlvpn/ head/net/mlvpn/Makefile (contents, props changed) head/net/mlvpn/distinfo (contents, props changed) head/net/mlvpn/files/ head/net/mlvpn/files/mlvpn.in (contents, props changed) head/net/mlvpn/files/patch-src_config.c (contents, props changed) head/net/mlvpn/files/patch-src_mlvpn.c (contents, props changed) head/net/mlvpn/files/patch-src_mlvpn.h (contents, props changed) head/net/mlvpn/files/patch-src_tuntap__bsd.c (contents, props changed) head/net/mlvpn/pkg-descr (contents, props changed) head/net/mlvpn/pkg-plist (contents, props changed) Modified: head/GIDs head/UIDs head/net/Makefile Modified: head/GIDs ============================================================================== --- head/GIDs Mon May 9 10:56:16 2016 (r414836) +++ head/GIDs Mon May 9 10:57:52 2016 (r414837) @@ -103,6 +103,7 @@ agk:*:172: polipo:*:173: flowtools:*:174: twms:*:175: +mlvpn:*:176: gdnsd:*:179: rt:*:180: nagios:*:181: Modified: head/UIDs ============================================================================== --- head/UIDs Mon May 9 10:56:16 2016 (r414836) +++ head/UIDs Mon May 9 10:57:52 2016 (r414837) @@ -109,6 +109,7 @@ agk:*:172:172::0:0:AquaGateKeeper:/nonex polipo:*:173:173::0:0:polipo web cache:/nonexistent:/usr/sbin/nologin flowtools:*:174:174::0:0:Flow-tools collector pseudo-user:/nonexistent:/usr/sbin/nologin twms:*:175:175::0:0:tWMS pseudo-user:/nonexistent:/usr/sbin/nologin +mlvpn:*:176:176::0:0:mlVPN pseudo-user:/var/run/mlvpn:/usr/sbin/nologin gdnsd:*:179:179::0:0:gDNSd pseudo-user:/nonexistent:/usr/sbin/nologin nagios:*:181:181::0:0:Nagios pseudo-user:/var/spool/nagios:/usr/sbin/nologin noc:*:182:182::0:0:NOC pseudo-user:/usr/local/noc:/bin/sh Modified: head/net/Makefile ============================================================================== --- head/net/Makefile Mon May 9 10:56:16 2016 (r414836) +++ head/net/Makefile Mon May 9 10:57:52 2016 (r414837) @@ -398,6 +398,7 @@ SUBDIR += miniupnpd SUBDIR += miredo SUBDIR += miruo + SUBDIR += mlvpn SUBDIR += mono-zeroconf SUBDIR += mopd SUBDIR += morebalance Added: head/net/mlvpn/Makefile ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/net/mlvpn/Makefile Mon May 9 10:57:52 2016 (r414837) @@ -0,0 +1,41 @@ +# $FreeBSD$ + +PORTNAME= mlvpn +PORTVERSION= 2.3.1 +CATEGORIES= net + +MAINTAINER= olivier@FreeBSD.org +COMMENT= Multi-link VPN + +LICENSE= BSD2CLAUSE +LICENSE_FILE= ${WRKSRC}/LICENCE + +LIB_DEPENDS= libev.so:devel/libev \ + libsodium.so:security/libsodium + +USE_GITHUB= yes +GH_PROJECT= MLVPN +GH_ACCOUNT= zehome + +USES= autoreconf libtool pkgconfig localbase +GNU_CONFIGURE= yes + +USERS= mlvpn +GROUPS= mlvpn +USE_RC_SUBR= mlvpn + +OPTIONS_DEFINE= CONTROL +CONTROL_DESC= Enable UNIX socket/HTTP json remote control API + +OPTIONS_DEFAULT= CONTROL +CONTROL_CONFIGURE_OFF= --disable-control + +do-install: + ${INSTALL_PROGRAM} ${WRKSRC}/src/${PORTNAME} ${STAGEDIR}${PREFIX}/sbin/ + ${INSTALL_MAN} ${WRKSRC}/man/${PORTNAME}.1 ${STAGEDIR}${PREFIX}/man/man1 + ${INSTALL_MAN} ${WRKSRC}/man/${PORTNAME}.conf.5 ${STAGEDIR}${PREFIX}/man/man5 + @${MKDIR} ${STAGEDIR}${ETCDIR} + ${INSTALL_MAN} ${WRKSRC}/doc/examples/${PORTNAME}.conf.in ${STAGEDIR}${ETCDIR}/${PORTNAME}.conf.sample + ${INSTALL_SCRIPT} ${WRKSRC}/doc/examples/mlvpn_updown.sh.in ${STAGEDIR}${ETCDIR}/mlvpn_updown.sh + +.include Added: head/net/mlvpn/distinfo ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/net/mlvpn/distinfo Mon May 9 10:57:52 2016 (r414837) @@ -0,0 +1,2 @@ +SHA256 (zehome-MLVPN-2.3.1_GH0.tar.gz) = 4bbe8ae10ccad4ba764d29db0293b3ab523ded5d0a0b5adbe6a8d4d839e4138e +SIZE (zehome-MLVPN-2.3.1_GH0.tar.gz) = 83817 Added: head/net/mlvpn/files/mlvpn.in ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/net/mlvpn/files/mlvpn.in Mon May 9 10:57:52 2016 (r414837) @@ -0,0 +1,155 @@ +#!/bin/sh +# +# mlvpn - load tun/tap driver and start mlvpn daemon +# +# (C) Copyright 2005 - 2008, 2010 by Matthias Andree +# (C) Copyright 2015 Laurent COUSTET (mlvpn modifications) +# (C) Copyright 2016 Olivier Cochard-Labbe (updating rc script) + +# based on suggestions by Matthias Grimm and Dirk Gouders +# with multi-instance contribution from Denis Shaposhnikov, Gleb Kozyrev +# and Vasil Dimov +# softrestart feature suggested by Nick Hibma +# +# This program is free software; you can redistribute it and/or modify it under +# the terms of the GNU General Public License as published by the Free Software +# Foundation; either version 2 of the License, or (at your option) any later +# version. +# +# This program is distributed in the hope that it will be useful, but WITHOUT +# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS +# FOR A PARTICULAR PURPOSE. See the GNU General Public License for more +# details. +# +# You should have received a copy of the GNU General Public License along with +# this program; if not, write to the Free Software Foundation, Inc., 51 Franklin +# Street, Fifth Floor, Boston, MA 02110-1301, USA. + +# PROVIDE: mlvpn +# REQUIRE: DAEMON +# KEYWORD: shutdown + +# ----------------------------------------------------------------------------- +# +# This script supports running multiple instances of mlvpn +# To run additional instances link this script to something like +# % ln -s mlvpn mlvpn_foo +# and define additional mlvpn_foo_* variables in one of +# /etc/rc.conf, /etc/rc.conf.local or /etc/rc.conf.d/mlvpn_foo +# +# Below NAME should be substituted with the name of this script. By default +# it is mlvpn, so read as mlvpn_enable. If you linked the script to +# mlvpn_foo, then read as mlvpn_foo_enable etc. +# +# The following variables are supported (defaults are shown). +# You can place them in any of +# /etc/rc.conf, /etc/rc.conf.local or /etc/rc.conf.d/NAME +# +# NAME_enable="NO" # set to YES to enable mlvpn +# NAME_if= # driver(s) to load, set to "tun", "tap" or "tun tap" +# # it is OK to specify the if_ prefix. +# +# # optional: +# NAME_flags= # additional command line arguments +# NAME_configfile="/usr/local/etc/mlvpn/NAME.conf" # --config file +# +# Note that we deliberately refrain from unloading drivers. +# +# For further documentation, please see http://www.mlvpn.fr/ +# + +. /etc/rc.subr + +case "$0" in +/etc/rc*) + # during boot (shutdown) $0 is /etc/rc (/etc/rc.shutdown), + # so get the name of the script from $_file + name="$_file" + ;; +*) + name="$0" + ;; +esac + +name="${name##*/}" +rcvar=${name}_enable + +mlvpn_stop() +{ + if [ -f ${pidfile} ]; then + rc_pid=$(check_pidfile $pidfile ${name}) + kill -TERM $rc_pid + wait_for_pids $rc_pid + fi +} + +stop_postcmd() +{ + rm -f "$pidfile" || warn "Could not remove $pidfile." +} + +mlvpn_softrestart() +{ + rc_pid=$(check_pidfile $pidfile ${name}) + local status + + if ! status=`run_rc_command status 2>&1`; then + echo $status + return 1 + fi + echo 'Softrestarting mlvpn.' + kill -USR1 $rc_pid +} + +mlvpn_status() +{ + rc_pid=$(check_pidfile $pidfile ${name}) + + if [ -z "$rc_pid" ]; then + [ -n "$rc_fast" ] && return 0 + if [ -n "$pidfile" ]; then + echo "${name} not running? (check $pidfile)." + else + echo "${name} not running?" + fi + return 1 + fi + echo "${name} is running as pid ${rc_pid}" +} + +# reload: support SIGHUP to reparse configuration file +# softrestart: support SIGUSR1 to reconnect without superuser privileges +extra_commands="reload softrestart" +softrestart_cmd="mlvpn_softrestart" + +# pidfile +pidfile="/var/run/${name}.pid" +rc_pid=$(check_pidfile $pidfile ame) + +# command and arguments +procname="%%PREFIX%%/sbin/mlvpn" +command="/usr/sbin/daemon" + +# run this last +stop_cmd="mlvpn_stop" +stop_postcmd="stop_postcmd" +status_cmd="mlvpn_status" + +load_rc_config ${name} + +eval ": \${${name}_enable:=\"NO\"}" +eval ": \${${name}_configfile:=\"/usr/local/etc/mlvpn/${name}.conf\"}" + +configfile="$(eval echo \${${name}_configfile})" +interfaces="$(eval echo \${${name}_if})" + +required_modules= +for i in $interfaces ; do + required_modules="$required_modules${required_modules:+" "}if_${i#if_}" +done + +required_files=${configfile} + +command_args="-f -p ${pidfile} ${procname} --name ${name} --config ${configfile} --user mlvpn" + +run_rc_command "$1" Added: head/net/mlvpn/files/patch-src_config.c ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/net/mlvpn/files/patch-src_config.c Mon May 9 10:57:52 2016 (r414837) @@ -0,0 +1,57 @@ +--- src/config.c.orig 2015-12-28 11:20:16 UTC ++++ src/config.c +@@ -269,6 +269,7 @@ mlvpn_config(int config_file_fd, int fir + } else if (strncmp(lastSection, "filters", 7) != 0) { + char *bindaddr; + char *bindport; ++ uint32_t bindfib = 0; + char *dstaddr; + char *dstport; + uint32_t bwlimit = 0; +@@ -284,6 +285,9 @@ mlvpn_config(int config_file_fd, int fir + _conf_set_str_from_conf( + config, lastSection, "bindport", &bindport, NULL, + "bind port is mandatory in server mode.\n", 1); ++ _conf_set_uint_from_conf( ++ config, lastSection, "bindfib", &bindfib, 0, ++ NULL, 0); + _conf_set_str_from_conf( + config, lastSection, "remotehost", &dstaddr, NULL, + NULL, 0); +@@ -297,6 +301,9 @@ mlvpn_config(int config_file_fd, int fir + _conf_set_str_from_conf( + config, lastSection, "bindport", &bindport, NULL, + NULL, 0); ++ _conf_set_uint_from_conf( ++ config, lastSection, "bindfib", &bindfib, 0, ++ NULL, 0); + _conf_set_str_from_conf( + config, lastSection, "remotehost", &dstaddr, NULL, + "No remote address specified.\n", 1); +@@ -336,6 +343,7 @@ mlvpn_config(int config_file_fd, int fir + tmptun->name); + if ((! mystr_eq(tmptun->bindaddr, bindaddr)) || + (! mystr_eq(tmptun->bindport, bindport)) || ++ (tmptun->bindfib != bindfib) || + (! mystr_eq(tmptun->destaddr, dstaddr)) || + (! mystr_eq(tmptun->destport, dstport))) { + mlvpn_rtun_status_down(tmptun); +@@ -347,6 +355,9 @@ mlvpn_config(int config_file_fd, int fir + if (bindport) { + strlcpy(tmptun->bindport, bindport, sizeof(tmptun->bindport)); + } ++ if (tmptun->bindfib != bindfib) { ++ tmptun->bindfib = bindfib; ++ } + if (dstaddr) { + strlcpy(tmptun->destaddr, dstaddr, sizeof(tmptun->destaddr)); + } +@@ -380,7 +391,7 @@ mlvpn_config(int config_file_fd, int fir + { + log_info("config", "%s tunnel added", lastSection); + mlvpn_rtun_new( +- lastSection, bindaddr, bindport, dstaddr, dstport, ++ lastSection, bindaddr, bindport, bindfib, dstaddr, dstport, + default_server_mode, timeout, fallback_only, + bwlimit, loss_tolerence); + } Added: head/net/mlvpn/files/patch-src_mlvpn.c ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/net/mlvpn/files/patch-src_mlvpn.c Mon May 9 10:57:52 2016 (r414837) @@ -0,0 +1,54 @@ +--- src/mlvpn.c.orig 2015-12-28 11:20:16 UTC ++++ src/mlvpn.c +@@ -597,7 +597,7 @@ mlvpn_rtun_write(EV_P_ ev_io *w, int rev + + mlvpn_tunnel_t * + mlvpn_rtun_new(const char *name, +- const char *bindaddr, const char *bindport, ++ const char *bindaddr, const char *bindport, uint32_t bindfib, + const char *destaddr, const char *destport, + int server_mode, uint32_t timeout, + int fallback_only, uint32_t bandwidth, +@@ -653,6 +653,7 @@ mlvpn_rtun_new(const char *name, + strlcpy(new->bindaddr, bindaddr, sizeof(new->bindaddr)); + if (bindport) + strlcpy(new->bindport, bindport, sizeof(new->bindport)); ++ new->bindfib = bindfib; + if (destaddr) + strlcpy(new->destaddr, destaddr, sizeof(new->destaddr)); + if (destport) +@@ -780,6 +781,7 @@ static int + mlvpn_rtun_start(mlvpn_tunnel_t *t) + { + int ret, fd = -1; ++ int fib = 0; + char *addr, *port; + struct addrinfo hints, *res; + +@@ -788,9 +790,11 @@ mlvpn_rtun_start(mlvpn_tunnel_t *t) + { + addr = t->bindaddr; + port = t->bindport; ++ fib = t->bindfib; + } else { + addr = t->destaddr; + port = t->destport; ++ fib = t->bindfib; + } + + /* Initialize hints */ +@@ -817,6 +821,14 @@ mlvpn_rtun_start(mlvpn_tunnel_t *t) + log_warn(NULL, "%s socket creation error", + t->name); + } else { ++#if defined(HAVE_FREEBSD) || defined(HAVE_OPENBSD) ++ /* Setting SO_SETFIB (fib) supported on FreeBSD and OpenBSD only */ ++ if (setsockopt(fd, SOL_SOCKET, SO_SETFIB, &fib, sizeof(fib)) < 0) ++ { ++ log_warnx(NULL, "Cannot set FIB %d for kernel socket", fib); ++ goto error; ++ } ++#endif + t->fd = fd; + break; + } Added: head/net/mlvpn/files/patch-src_mlvpn.h ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/net/mlvpn/files/patch-src_mlvpn.h Mon May 9 10:57:52 2016 (r414837) @@ -0,0 +1,19 @@ +--- src/mlvpn.h.orig 2015-12-28 11:20:16 UTC ++++ src/mlvpn.h +@@ -138,6 +138,7 @@ typedef struct mlvpn_tunnel_s + char *name; /* tunnel name */ + char bindaddr[MLVPN_MAXHNAMSTR]; /* packets source */ + char bindport[MLVPN_MAXPORTSTR]; /* packets port source (or NULL) */ ++ uint32_t bindfib; /* FIB number to use */ + char destaddr[MLVPN_MAXHNAMSTR]; /* remote server ip (can be hostname) */ + char destport[MLVPN_MAXPORTSTR]; /* remote server port */ + int fd; /* socket file descriptor */ +@@ -193,7 +194,7 @@ int mlvpn_rtun_wrr_reset(struct rtunhead + mlvpn_tunnel_t *mlvpn_rtun_wrr_choose(); + mlvpn_tunnel_t *mlvpn_rtun_choose(); + mlvpn_tunnel_t *mlvpn_rtun_new(const char *name, +- const char *bindaddr, const char *bindport, ++ const char *bindaddr, const char *bindport, uint32_t bindfib, + const char *destaddr, const char *destport, + int server_mode, uint32_t timeout, + int fallback_only, uint32_t bandwidth, Added: head/net/mlvpn/files/patch-src_tuntap__bsd.c ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/net/mlvpn/files/patch-src_tuntap__bsd.c Mon May 9 10:57:52 2016 (r414837) @@ -0,0 +1,11 @@ +--- src/tuntap_bsd.c.orig 2015-12-28 11:20:16 UTC ++++ src/tuntap_bsd.c +@@ -21,7 +21,7 @@ mlvpn_tuntap_read(struct tuntap_s *tunta + mlvpn_tunnel_t *rtun = NULL; + mlvpn_pkt_t *pkt; + ssize_t ret; +- u_char data[DEFAULT_MTU] ++ u_char data[DEFAULT_MTU]; + struct iovec iov[2]; + uint32_t type; + Added: head/net/mlvpn/pkg-descr ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/net/mlvpn/pkg-descr Mon May 9 10:57:52 2016 (r414837) @@ -0,0 +1,6 @@ +MLVPN allow to bond your internet links to increase bandwidth, secure your +internet connection by actively monitoring your links and removing the faulty +ones, without loosing your TCP connections and secure your internet connection +to the aggregation server using cryptography. + +WWW: https://zehome.github.io/MLVPN/ Added: head/net/mlvpn/pkg-plist ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/net/mlvpn/pkg-plist Mon May 9 10:57:52 2016 (r414837) @@ -0,0 +1,5 @@ +sbin/mlvpn +man/man1/mlvpn.1.gz +man/man5/mlvpn.conf.5.gz +@sample(,,600) %%ETCDIR%%/mlvpn.conf.sample +@(,,700) %%ETCDIR%%/mlvpn_updown.sh