diff options
author | amdmi3 <amdmi3@FreeBSD.org> | 2009-01-20 19:57:59 +0800 |
---|---|---|
committer | amdmi3 <amdmi3@FreeBSD.org> | 2009-01-20 19:57:59 +0800 |
commit | 80b8dd700874a99abb5cef334aacf262d322342a (patch) | |
tree | 1d6f4ce5017bcc9cdd39969db46c751e20a84b05 /net-mgmt/coovachilli | |
parent | d7790cc548cbec5617999f31d9ecd80ba6964426 (diff) | |
download | freebsd-ports-gnome-80b8dd700874a99abb5cef334aacf262d322342a.tar.gz freebsd-ports-gnome-80b8dd700874a99abb5cef334aacf262d322342a.tar.zst freebsd-ports-gnome-80b8dd700874a99abb5cef334aacf262d322342a.zip |
CoovaChilli is an access controller
It provides a captive portal / walled garden environment.
Coova builds on the popular features of the now defunct Chillispot.
WWW: http://www.coova.org/
PR: 130357
Submitted by: Sevan Janiyan <venture37 at geeklan dot co dot uk>
Diffstat (limited to 'net-mgmt/coovachilli')
24 files changed, 842 insertions, 0 deletions
diff --git a/net-mgmt/coovachilli/Makefile b/net-mgmt/coovachilli/Makefile new file mode 100644 index 000000000000..5ba2739445e8 --- /dev/null +++ b/net-mgmt/coovachilli/Makefile @@ -0,0 +1,40 @@ +# New ports collection makefile for: CoovaChilli +# Date created: 24 December 2006 +# Whom: Sevan Janiyan <venture37@geeklan.co.uk> +# +# $FreeBSD$ +# + +PORTNAME= coovachilli +PORTVERSION= 1.0.12 +CATEGORIES= net-mgmt +MASTER_SITES= http://ap.coova.org/chilli/ \ + http://www.geeklan.co.uk/files/ \ + http://www.venture37.com/files/ +DISTNAME= coova-chilli-${PORTVERSION} + +MAINTAINER= venture37@geeklan.co.uk +COMMENT= An access controller for wired & wireless clients + +CONFLICTS= chillispot-[0-9]* + +MAN1= chilli_query.1 chilli_radconfig.1 chilli_response.1 +MAN5= chilli.conf.5 chilli-radius.5 +MAN8= chilli.8 + +CONFIGURE_ARGS=-localstatedir=/var +GNU_CONFIGURE= yes +USE_LDCONFIG= yes +USE_RC_SUBR= coovachilli +USE_AUTOTOOLS= automake:19 + +post-install: +.if !defined(NOPORTEXAMPLES) + ${MKDIR} ${EXAMPLESDIR} + ${INSTALL_MAN} ${FILESDIR}/main.conf.sample ${EXAMPLESDIR} + ${INSTALL_MAN} ${FILESDIR}/pf.conf.sample ${EXAMPLESDIR} + ${INSTALL_MAN} ${FILESDIR}/ipfw-config.sample ${EXAMPLESDIR} +.endif + @${CAT} ${PKGMESSAGE} + +.include <bsd.port.mk> diff --git a/net-mgmt/coovachilli/distinfo b/net-mgmt/coovachilli/distinfo new file mode 100644 index 000000000000..4bd4a79197a1 --- /dev/null +++ b/net-mgmt/coovachilli/distinfo @@ -0,0 +1,3 @@ +MD5 (coova-chilli-1.0.12.tar.gz) = 365f46fe79b3d76432544d6bc5f37939 +SHA256 (coova-chilli-1.0.12.tar.gz) = fcd16fc043351e39ef9fc929f3ae83a838305ee14c173c444b8655d415baca68 +SIZE (coova-chilli-1.0.12.tar.gz) = 552537 diff --git a/net-mgmt/coovachilli/files/coovachilli.in b/net-mgmt/coovachilli/files/coovachilli.in new file mode 100644 index 000000000000..e4352114888b --- /dev/null +++ b/net-mgmt/coovachilli/files/coovachilli.in @@ -0,0 +1,25 @@ +#!/bin/sh + +# PROVIDE: coovachilli +# REQUIRE: netif +# BEFORE: pf ipfw +# KEYWORD: nojail +# +# Add the following lines to /etc/rc.conf.local or /etc/rc.conf +# to enable this service: +# +# coovachilli_enable (bool): Set to NO by default. +# Set it to YES to enable coova-chilli. + + +. %%RC_SUBR%% + +name=coovachilli +rcvar=coovachilli_enable + +command=%%PREFIX%%/sbin/chilli +pidfile=/var/run/chilli.pid + +load_rc_config $name + +run_rc_command "$1" diff --git a/net-mgmt/coovachilli/files/ipfw-config.sample b/net-mgmt/coovachilli/files/ipfw-config.sample new file mode 100644 index 000000000000..93829e8f4912 --- /dev/null +++ b/net-mgmt/coovachilli/files/ipfw-config.sample @@ -0,0 +1,71 @@ +network inetrface + +fxp0 : 11.11.11.1 +fxp1 : 10.14.1.254 + +/etc/ipnat.rules + +# NAT +# +map fxp0 192.168.182.0/24 -> 11.11.11.1/32 portmap tcp/udp auto + +-------------------------------------------------------- + +/usr/local/etc/rc.d/ipfw.sh + +#!/bin/sh + +RULENO="1500" + +EXT_IF="fxp0" +INT_IF="fxp1" + +EXT_IP="11.11.11.1" +#INT_IP="10.14.1.0/24" + +# flush rules +# +ipfw -f flush + +## setup loopback +## +ipfw $RULENO add pass all from any to any via lo0 +ipfw add deny all from any to 127.0.0.0/8 +ipfw add deny ip from 127.0.0.0/8 to any + +# allow related and established on all interfaces +# +ipfw add pass ip from any to any established + +# allow SA connect to me , deny any others use ssh +# +ipfw add pass tcp from 11.11.11.5 to any setup +ipfw add deny tcp from any to ${EXT_IP} 22 + +## allow me (firewall) to access anywhere +## +ipfw add pass tcp from ${EXT_IP} to any setup +ipfw add pass udp from ${EXT_IP} to any keep-state + +## allow tun0 device to connect to anywhere +## +ipfw add pass tcp from any to any via tun0 setup +ipfw add pass udp from any to any via tun0 keep-state + +# allow icmp +# +ipfw add pass icmp from any to any icmptypes 0,3,8,11 + +# allow http , https and dns on internal interface +# +ipfw add pass tcp from any to any 80 via ${INT_IF} setup +ipfw add pass tcp from any to any 443 via ${INT_IF} setup +ipfw add pass udp from any to any 53 via ${INT_IF} keep-state + +# allow tcp port 3990 on internal interface for chillispot redirection +# +ipfw add pass tcp from any to any 3990 via ${INT_IF} setup + +# except for any condition above , reject everything on all interfaces +# +ipfw add deny all from any to any diff --git a/net-mgmt/coovachilli/files/main.conf.sample b/net-mgmt/coovachilli/files/main.conf.sample new file mode 100644 index 000000000000..63978ba62f92 --- /dev/null +++ b/net-mgmt/coovachilli/files/main.conf.sample @@ -0,0 +1,29 @@ +cmdsocket /var/run/chilli.sock +pidfile /var/run/chilli.pid +net 10.1.0.0/255.255.255.0 +uamlisten 10.1.0.1 +uamport 3990 +dhcpif em1 +adminuser chillispot +adminpasswd chillispot +uamallowed coova.org,coova.org,rad01.coova.org,coova.org +uamanydns + +domain lan +dns1 208.67.222.222 +uamhomepage http://10.1.0.1:3990/www/coova.html +wisprlogin https://coova.org/app/uam/auth +wwwdir /usr/local/www/chilli +wwwbin /etc/chilli/wwwsh +locationname "My HotSpot" +radiuslocationname My_HotSpot +radiuslocationid isocc=,cc=,ac=,network=Coova, +radiusserver1 rad01.coova.org +radiusserver2 rad01.coova.org +radiussecret coova-anonymous +radiusauthport 1812 +radiusacctport 1813 +uamserver https://coova.org/app/uam/chilli +radiusnasid nas01 + +papalwaysok diff --git a/net-mgmt/coovachilli/files/patch-conf_Makefile.am b/net-mgmt/coovachilli/files/patch-conf_Makefile.am new file mode 100644 index 000000000000..1d743f6b775e --- /dev/null +++ b/net-mgmt/coovachilli/files/patch-conf_Makefile.am @@ -0,0 +1,32 @@ +--- conf/Makefile.am.orig 2007-08-20 15:05:54.000000000 +0100 ++++ conf/Makefile.am 2008-06-18 01:17:58.000000000 +0100 +@@ -6,15 +6,11 @@ + chilli_SCRIPTS = functions up.sh down.sh + chilli_DATA = defaults + +-initdir = $(sysconfdir)/init.d +-init_SCRIPTS = chilli +- +-EXTRA_DIST = $(init_SCRIPTS:=.in) \ ++EXTRA_DIST = \ + $(chilli_SCRIPTS:=.in) chilli.conf.in defaults.in + + edit = sed \ + -e 's,@SBINDIR\@,$(sbindir),g' \ +- -e 's,@INITDIR\@,$(initrddir),g' \ + -e 's,@VARRUN\@,$(localstatedir)/run,g' \ + -e 's,@ETCCHILLI\@,$(sysconfdir)/chilli,g' \ + -e 's,@SYSCONFDIR\@,$(sysconfdir),g' \ +@@ -35,12 +31,6 @@ + $(edit) down.sh.in >down.sh.tmp + mv down.sh.tmp down.sh + +-chilli: Makefile chilli.in +- rm -f chilli chilli.tmp +- $(edit) chilli.in >chilli.tmp +- chmod +x chilli.tmp +- mv chilli.tmp chilli +- + chilli.conf: Makefile chilli.conf.in + rm -f chilli.conf chilli.conf.tmp + $(edit) chilli.conf.in >chilli.conf.tmp diff --git a/net-mgmt/coovachilli/files/patch-conf_Makefile.in b/net-mgmt/coovachilli/files/patch-conf_Makefile.in new file mode 100644 index 000000000000..7fdc8068cecf --- /dev/null +++ b/net-mgmt/coovachilli/files/patch-conf_Makefile.in @@ -0,0 +1,102 @@ +--- conf/Makefile.in.orig 2008-06-08 05:49:09.000000000 +0100 ++++ conf/Makefile.in 2008-06-18 01:17:58.000000000 +0100 +@@ -46,11 +46,10 @@ + mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs + CONFIG_HEADER = $(top_builddir)/config.h + CONFIG_CLEAN_FILES = +-am__installdirs = "$(DESTDIR)$(chillidir)" "$(DESTDIR)$(initdir)" \ +- "$(DESTDIR)$(chillidir)" "$(DESTDIR)$(sysconfdir)" ++am__installdirs = "$(DESTDIR)$(chillidir)" "$(DESTDIR)$(chillidir)" \ ++ "$(DESTDIR)$(sysconfdir)" + chilliSCRIPT_INSTALL = $(INSTALL_SCRIPT) +-initSCRIPT_INSTALL = $(INSTALL_SCRIPT) +-SCRIPTS = $(chilli_SCRIPTS) $(init_SCRIPTS) ++SCRIPTS = $(chilli_SCRIPTS) + SOURCES = + DIST_SOURCES = + am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; +@@ -163,14 +162,11 @@ + chillidir = $(sysconfdir)/chilli + chilli_SCRIPTS = functions up.sh down.sh + chilli_DATA = defaults +-initdir = $(sysconfdir)/init.d +-init_SCRIPTS = chilli +-EXTRA_DIST = $(init_SCRIPTS:=.in) \ ++EXTRA_DIST = \ + $(chilli_SCRIPTS:=.in) chilli.conf.in defaults.in + + edit = sed \ + -e 's,@SBINDIR\@,$(sbindir),g' \ +- -e 's,@INITDIR\@,$(initrddir),g' \ + -e 's,@VARRUN\@,$(localstatedir)/run,g' \ + -e 's,@ETCCHILLI\@,$(sysconfdir)/chilli,g' \ + -e 's,@SYSCONFDIR\@,$(sysconfdir),g' \ +@@ -227,25 +223,6 @@ + echo " rm -f '$(DESTDIR)$(chillidir)/$$f'"; \ + rm -f "$(DESTDIR)$(chillidir)/$$f"; \ + done +-install-initSCRIPTS: $(init_SCRIPTS) +- @$(NORMAL_INSTALL) +- test -z "$(initdir)" || $(mkdir_p) "$(DESTDIR)$(initdir)" +- @list='$(init_SCRIPTS)'; for p in $$list; do \ +- if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ +- if test -f $$d$$p; then \ +- f=`echo "$$p" | sed 's|^.*/||;$(transform)'`; \ +- echo " $(initSCRIPT_INSTALL) '$$d$$p' '$(DESTDIR)$(initdir)/$$f'"; \ +- $(initSCRIPT_INSTALL) "$$d$$p" "$(DESTDIR)$(initdir)/$$f"; \ +- else :; fi; \ +- done +- +-uninstall-initSCRIPTS: +- @$(NORMAL_UNINSTALL) +- @list='$(init_SCRIPTS)'; for p in $$list; do \ +- f=`echo "$$p" | sed 's|^.*/||;$(transform)'`; \ +- echo " rm -f '$(DESTDIR)$(initdir)/$$f'"; \ +- rm -f "$(DESTDIR)$(initdir)/$$f"; \ +- done + + mostlyclean-libtool: + -rm -f *.lo +@@ -328,7 +305,7 @@ + check: check-am + all-am: Makefile $(SCRIPTS) $(DATA) + installdirs: +- for dir in "$(DESTDIR)$(chillidir)" "$(DESTDIR)$(initdir)" "$(DESTDIR)$(chillidir)" "$(DESTDIR)$(sysconfdir)"; do \ ++ for dir in "$(DESTDIR)$(chillidir)" "$(DESTDIR)$(chillidir)" "$(DESTDIR)$(sysconfdir)"; do \ + test -z "$$dir" || $(mkdir_p) "$$dir"; \ + done + install: install-am +@@ -373,8 +350,7 @@ + + info-am: + +-install-data-am: install-chilliDATA install-chilliSCRIPTS \ +- install-initSCRIPTS ++install-data-am: install-chilliDATA install-chilliSCRIPTS + + install-exec-am: install-sysconfDATA + +@@ -401,20 +377,20 @@ + ps-am: + + uninstall-am: uninstall-chilliDATA uninstall-chilliSCRIPTS \ +- uninstall-info-am uninstall-initSCRIPTS uninstall-sysconfDATA ++ uninstall-info-am uninstall-sysconfDATA + + .PHONY: all all-am check check-am clean clean-generic clean-libtool \ + distclean distclean-generic distclean-libtool distdir dvi \ + dvi-am html html-am info info-am install install-am \ + install-chilliDATA install-chilliSCRIPTS install-data \ + install-data-am install-exec install-exec-am install-info \ +- install-info-am install-initSCRIPTS install-man install-strip \ ++ install-info-am install-man install-strip \ + install-sysconfDATA installcheck installcheck-am installdirs \ + maintainer-clean maintainer-clean-generic mostlyclean \ + mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ + uninstall uninstall-am uninstall-chilliDATA \ + uninstall-chilliSCRIPTS uninstall-info-am \ +- uninstall-initSCRIPTS uninstall-sysconfDATA ++ uninstall-sysconfDATA + + + functions: Makefile functions.in diff --git a/net-mgmt/coovachilli/files/patch-conf_down.sh.in b/net-mgmt/coovachilli/files/patch-conf_down.sh.in new file mode 100644 index 000000000000..99fa881ce053 --- /dev/null +++ b/net-mgmt/coovachilli/files/patch-conf_down.sh.in @@ -0,0 +1,11 @@ +--- conf/down.sh.in.orig 2009-01-10 18:04:37.000000000 +0000 ++++ conf/down.sh.in 2009-01-10 18:04:52.000000000 +0000 +@@ -5,8 +5,5 @@ + + . @ETCCHILLI@/functions + +-[ -e "@VARRUN@/chilli.iptables" ] && sh @VARRUN@/chilli.iptables 2>/dev/null +-rm -f @VARRUN@/chilli.iptables 2>/dev/null +- + # site specific stuff optional + [ -e @ETCCHILLI@/ipdown.sh ] && . @ETCCHILLI@/ipdown.sh diff --git a/net-mgmt/coovachilli/files/patch-conf_functions.in b/net-mgmt/coovachilli/files/patch-conf_functions.in new file mode 100644 index 000000000000..cd399b3c6799 --- /dev/null +++ b/net-mgmt/coovachilli/files/patch-conf_functions.in @@ -0,0 +1,19 @@ +--- conf/functions.in.orig 2009-01-10 17:55:30.000000000 +0000 ++++ conf/functions.in 2009-01-10 17:56:42.000000000 +0000 +@@ -4,7 +4,6 @@ + # Licensed under GPL. See http://coova.org/ + # + +-IPTABLES=/sbin/iptables + IFCONFIG=/sbin/ifconfig + + CHILLI=@ETCCHILLI@ +@@ -22,8 +21,6 @@ + [ -f $CHILLI/defaults ] && . $CHILLI/defaults + [ -f $CHILLI/config ] && . $CHILLI/config + +-[ -f /etc/sysconfig/chilli ] && . /etc/sysconfig/chilli +- + HS_UAMPORT=${HS_UAMPORT:-3990} + HS_RADIUS=${HS_RADIUS:-$HS_UAMSERVER} + HS_RADSECRET=${HS_RADSECRET:-$HS_UAMSECRET} diff --git a/net-mgmt/coovachilli/files/patch-conf_up.sh.in b/net-mgmt/coovachilli/files/patch-conf_up.sh.in new file mode 100644 index 000000000000..81a5e98918dc --- /dev/null +++ b/net-mgmt/coovachilli/files/patch-conf_up.sh.in @@ -0,0 +1,55 @@ +--- conf/up.sh.in.orig 2009-01-10 17:54:55.000000000 +0000 ++++ conf/up.sh.in 2009-01-10 18:03:23.000000000 +0000 +@@ -5,52 +5,5 @@ + + . @ETCCHILLI@/functions + +-[ -e "@VARRUN@/chilli.iptables" ] && sh @VARRUN@/chilli.iptables 2>/dev/null +-rm -f @VARRUN@/chilli.iptables 2>/dev/null +- +-IF=$(basename $DEV) +- +-ipt() { +- opt=$1; shift +- echo "iptables -D $*" >> @VARRUN@/chilli.iptables +- iptables $opt $* +-} +- +-ipt_in() { +- ipt -A INPUT -i $IF $* +-} +- +-[ -n "$DHCPIF" ] && { +- +- [ -n "$UAMPORT" -a "$UAMPORT" != "0" ] && \ +- ipt_in -p tcp -m tcp --dport $UAMPORT --dst $ADDR -j ACCEPT +- +- [ -n "$UAMUIPORT" -a "$UAMUIPORT" != "0" ] && \ +- ipt_in -p tcp -m tcp --dport $UAMUIPORT --dst $ADDR -j ACCEPT +- +- [ -n "HS_TCP_PORTS" ] && { +- for port in $HS_TCP_PORTS; do +- ipt_in -p tcp -m tcp --dport $port --dst $ADDR -j ACCEPT +- done +- } +- +- ipt_in -p udp -d 255.255.255.255 --destination-port 67:68 -j ACCEPT +- ipt_in -p udp --dst $ADDR --dport 53 -j ACCEPT +- +- ipt -A INPUT -i $IF --dst $ADDR -j DROP +- ipt -A INPUT -i $IF -j DROP +- +- ipt -I FORWARD -i $DHCPIF -j DROP +- ipt -I FORWARD -o $DHCPIF -j DROP +- ipt -I FORWARD -i $IF -j ACCEPT +- ipt -I FORWARD -o $IF -j ACCEPT +- +- [ "$HS_LAN_ACCESS" != "on" -a "$HS_LAN_ACCESS" != "allow" ] && \ +- ipt -I FORWARD -i $IF -o \! $HS_WANIF -j DROP +- +- [ "$HS_LOCAL_DNS" = "on" ] && \ +- ipt -I PREROUTING -t nat -i $IF -p udp --dport 53 -j DNAT --to-destination $ADDR +-} +- + # site specific stuff optional + [ -e @ETCCHILLI@/ipup.sh ] && . @ETCCHILLI@/ipup.sh diff --git a/net-mgmt/coovachilli/files/patch-coova-chilli.spec.in b/net-mgmt/coovachilli/files/patch-coova-chilli.spec.in new file mode 100644 index 000000000000..b52d4e242e98 --- /dev/null +++ b/net-mgmt/coovachilli/files/patch-coova-chilli.spec.in @@ -0,0 +1,10 @@ +--- coova-chilli.spec.in.orig 2008-06-18 01:17:20.000000000 +0100 ++++ coova-chilli.spec.in 2008-06-18 01:17:28.000000000 +0100 +@@ -51,7 +51,6 @@ + %defattr(-,root,root) + %{_sbindir}/* + %{_libdir}/*.so* +-%{_sysconfdir}/init.d/chilli + %doc AUTHORS COPYING ChangeLog INSTALL README doc/dictionary.chillispot doc/hotspotlogin.cgi + %config %{_sysconfdir}/chilli.conf + %config(noreplace) %{_sysconfdir}/chilli/defaults diff --git a/net-mgmt/coovachilli/files/patch-src_chilli.c b/net-mgmt/coovachilli/files/patch-src_chilli.c new file mode 100644 index 000000000000..7b22a7e1b48c --- /dev/null +++ b/net-mgmt/coovachilli/files/patch-src_chilli.c @@ -0,0 +1,31 @@ +diff -urN src/chilli.c.orig src/chilli.c +--- src/chilli.c.orig 2008-06-28 17:38:35.000000000 +0100 ++++ src/chilli.c 2008-06-29 16:17:48.000000000 +0100 +@@ -3422,7 +3422,6 @@ + exit(1); + } + +- /*tun_setaddr(tun, &options.dhcplisten, &options.net, &options.mask);*/ + tun_setaddr(tun, &options.dhcplisten, &options.dhcplisten, &options.mask); + tun_set_cb_ind(tun, cb_tun_ind); + +@@ -3638,8 +3637,7 @@ + mainclock = time(0); + + if ((msgresult = +- TEMP_FAILURE_RETRY(msgrcv(redir->msgid, (struct msgbuf *)&msg, +- sizeof(msg.mdata), 0, IPC_NOWAIT))) == -1) { ++ TEMP_FAILURE_RETRY(msgrcv(redir->msgid, (void *)&msg, sizeof(msg.mdata), 0, IPC_NOWAIT))) == -1) { + if ((errno != EAGAIN) && (errno != ENOMSG)) + log_err(errno, "msgrcv() failed!"); + } +@@ -3669,7 +3667,7 @@ + + #elif defined (__FreeBSD__) || defined (__APPLE__) || defined (__OpenBSD__) + +- if (net_isset(&dhcp->ipif, &fds) && dhcp_decaps(dhcp) < 0) ++ if (net_isset(&dhcp->ipif, &fds) && dhcp_receive(dhcp) < 0) + log_err(0, "dhcp_decaps() failed!"); + + #endif + diff --git a/net-mgmt/coovachilli/files/patch-src_dhcp.c b/net-mgmt/coovachilli/files/patch-src_dhcp.c new file mode 100644 index 000000000000..01ef87ce17a6 --- /dev/null +++ b/net-mgmt/coovachilli/files/patch-src_dhcp.c @@ -0,0 +1,40 @@ +diff -urN src/dhcp.c.orig src/dhcp.c +--- src/dhcp.c.orig 2008-06-28 17:38:35.000000000 +0100 ++++ src/dhcp.c 2008-06-29 16:17:48.000000000 +0100 +@@ -625,7 +625,7 @@ + } + + /** +- * dhcp_se() ++ * dhcp_set() + * Set dhcp parameters which can be altered at runtime. + **/ + int +@@ -713,7 +713,7 @@ + int dhcp_nakDNS(struct dhcp_conn_t *conn, struct pkt_ippacket_t *pack, size_t len) { + struct dhcp_t *this = conn->parent; + struct pkt_udphdr_t *udph = (struct pkt_udphdr_t *)pack->payload; +- struct dns_packet_t *dnsp = (struct dns_packet_t *)((char*)pack->payload + sizeof(struct pkt_udphdr_t)); ++ /*struct dns_packet_t *dnsp = (struct dns_packet_t *)((char*)pack->payload + sizeof(struct pkt_udphdr_t));*/ + struct dns_fullpacket_t answer; + + memcpy(&answer, pack, len); +@@ -1023,7 +1023,7 @@ + struct dhcp_t *this = conn->parent; + struct pkt_tcphdr_t *tcph = (struct pkt_tcphdr_t *)pack->payload; + struct pkt_udphdr_t *udph = (struct pkt_udphdr_t *)pack->payload; +- size_t len = *plen; ++ /*size_t len = *plen;*/ + int i; + + /* Allow localhost through network... */ +@@ -2592,7 +2592,7 @@ + struct pkt_ethhdr_t *ethhdr; + + if (this->rbuf_offset == this->rbuf_len) { +- length = read(this->ipif.fd, this->rbuf, this->rbuf_max); ++ length = net_read(&this->ipif, this->rbuf, this->rbuf_max); + + if (length <= 0) + return length; + diff --git a/net-mgmt/coovachilli/files/patch-src_main-query.c b/net-mgmt/coovachilli/files/patch-src_main-query.c new file mode 100644 index 000000000000..3c039694d76f --- /dev/null +++ b/net-mgmt/coovachilli/files/patch-src_main-query.c @@ -0,0 +1,19 @@ +diff -urN src/main-query.c.orig src/main-query.c +--- src/main-query.c.orig 2008-06-28 17:38:35.000000000 +0100 ++++ src/main-query.c 2008-06-29 16:17:48.000000000 +0100 +@@ -304,7 +304,13 @@ + + remote.sun_family = AF_UNIX; + strcpy(remote.sun_path, cmdsock); +- len = strlen(remote.sun_path) + sizeof(remote.sun_family); ++ ++#if defined (__FreeBSD__) || defined (__APPLE__) || defined (__OpenBSD__) ++ remote.sun_len = strlen(remote.sun_path) + 1; ++#endif ++ ++ len = offsetof(struct sockaddr_un, sun_path) + strlen(remote.sun_path); ++ + if (connect(s, (struct sockaddr *)&remote, len) == -1) { + perror("connect"); + exit(1); + diff --git a/net-mgmt/coovachilli/files/patch-src_msgstat.c b/net-mgmt/coovachilli/files/patch-src_msgstat.c new file mode 100644 index 000000000000..0778677b6e87 --- /dev/null +++ b/net-mgmt/coovachilli/files/patch-src_msgstat.c @@ -0,0 +1,88 @@ +diff -urN src/msgstat.c.orig src/msgstat.c +--- src/msgstat.c.orig 1970-01-01 01:00:00.000000000 +0100 ++++ src/msgstat.c 2008-06-29 16:17:48.000000000 +0100 +@@ -0,0 +1,83 @@ ++#include <stdio.h> ++#include <sys/types.h> ++#include <sys/ipc.h> ++#include <sys/msg.h> ++#include <errno.h> ++ ++ ++main() ++{ ++ int uid, gid, mode, bytes; ++ int rtrn, msqid, command, choice; ++ struct msqid_ds msqid_ds, *buf; ++ ++ buf = &msqid_ds; ++ ++ printf("Enter the msqid: "); ++ scanf("%i", &msqid); ++ ++ printf("\n1 = IPC_STAT\n2 = IPC_SET\n3 = IPC_RMID\n"); ++ printf("Enter command number: "); ++ scanf("%i", &command); ++ ++ printf("\n\nmsqid = %d, command = %d\n", msqid, command); ++ ++ switch (command) { ++ case 1: ++ rtrn = msgctl(msqid, IPC_STAT, buf); ++ if (rtrn != -1) { ++ printf("User %d, group %d, perms 0%o\n", ++ buf->msg_perm.uid, buf->msg_perm.gid, ++ buf->msg_perm.mode); ++ printf("cbytes: %d, qnum: %d, qbytes %d\n", ++ buf->msg_cbytes, buf->msg_qnum, ++ buf->msg_qbytes); ++ } ++ break; ++ ++ case 2: ++ rtrn = msgctl(msqid, IPC_STAT, buf); ++ if (rtrn == -1) ++ break; ++ printf("\n1 = uid, 2 = gid, 3 = mode, 4 = qbytes\n"); ++ printf("Number of field to change: "); ++ scanf("%i", &choice); ++ switch (choice) { ++ case 1: ++ printf("\nUser id: "); ++ scanf("%i", &uid); ++ buf->msg_perm.uid = uid; ++ printf("User = %d\n", buf->msg_perm.uid); ++ break; ++ case 2: ++ printf("\nGroup id: "); ++ scanf("%i", &gid); ++ buf->msg_perm.gid = gid; ++ printf("Group = %d\n", buf->msg_perm.gid); ++ break; ++ case 3: ++ printf("\nMode: "); ++ scanf("%i", &mode); ++ buf->msg_perm.mode = mode; ++ printf("Mode = 0%o\n", buf->msg_perm.mode); ++ break; ++ case 4: ++ printf("\nQbytes: "); ++ scanf("%i", &bytes); ++ buf->msg_qbytes = bytes; ++ printf("Qbytes = %d\n", buf->msg_qbytes); ++ break; ++ } ++ rtrn = msgctl(msqid, IPC_SET, buf); ++ break; ++ ++ case 3: ++ rtrn = msgctl(msqid, IPC_RMID, NULL); ++ break; ++ } ++ ++ if (rtrn == -1) ++ perror("msgctl"); ++ ++ exit(0); ++} + diff --git a/net-mgmt/coovachilli/files/patch-src_redir.c b/net-mgmt/coovachilli/files/patch-src_redir.c new file mode 100644 index 000000000000..7fd9c3839040 --- /dev/null +++ b/net-mgmt/coovachilli/files/patch-src_redir.c @@ -0,0 +1,24 @@ +diff -urN src/redir.c.orig src/redir.c +--- src/redir.c.orig 2008-06-28 17:38:35.000000000 +0100 ++++ src/redir.c 2008-06-29 16:17:48.000000000 +0100 +@@ -479,7 +479,7 @@ + + if ((conn->s_params.flags & REQUIRE_UAM_SPLASH) && + conn->s_params.url[0]) { +- redir_url = conn->s_params.url; ++ redir_url = (char *)conn->s_params.url; + } + + bassignformat(str, "%s%cres=%s&uamip=%s&uamport=%d", +@@ -1939,8 +1939,8 @@ + msg.mdata.addr = address->sin_addr; \ + memcpy(&msg.mdata.params, &conn.s_params, sizeof(msg.mdata.params)); \ + memcpy(&msg.mdata.redir, &conn.s_state.redir, sizeof(msg.mdata.redir)); \ +- if (msgsnd(redir->msgid, (struct msgbuf *)&msg, sizeof(msg.mdata), 0) < 0) { \ +- log_err(errno, "msgsnd() failed!"); \ ++ if (msgsnd(redir->msgid, (void *)&msg, sizeof(msg.mdata), 0) < 0) { \ ++ log_err(errno, "msgsnd() failed! msgid=%d type=%d len=%d", redir->msgid, msg.mtype, sizeof(msg.mdata)); \ + redir_close(infd, outfd); \ + } + + diff --git a/net-mgmt/coovachilli/files/patch-src_redir.h b/net-mgmt/coovachilli/files/patch-src_redir.h new file mode 100644 index 000000000000..ce8914c770ad --- /dev/null +++ b/net-mgmt/coovachilli/files/patch-src_redir.h @@ -0,0 +1,29 @@ +diff -urN src/redir.h src/redir.h +--- src/redir.h.orig 2008-06-28 17:38:35.000000000 +0100 ++++ src/redir.h 2008-06-29 16:17:48.000000000 +0100 +@@ -124,17 +124,18 @@ + struct redir_conn_t *conn); + }; + ++struct redir_msg_data { ++ uint16_t opt; ++ struct in_addr addr; ++ struct redir_state redir; ++ struct session_params params; ++} __attribute__((packed)); ++ + struct redir_msg_t { + long mtype; +- struct redir_msg_data { +- uint16_t opt; +- struct in_addr addr; +- struct redir_state redir; +- struct session_params params; +- } mdata; ++ struct redir_msg_data mdata; + }; + +- + int redir_new(struct redir_t **redir, struct in_addr *addr, int port, int uiport); + + diff --git a/net-mgmt/coovachilli/files/patch-src_system.h b/net-mgmt/coovachilli/files/patch-src_system.h new file mode 100644 index 000000000000..c6e5206376fe --- /dev/null +++ b/net-mgmt/coovachilli/files/patch-src_system.h @@ -0,0 +1,13 @@ +diff -urN src/system.h.orig src/system.h +--- src/system.h.orig 2008-06-28 17:38:35.000000000 +0100 ++++ src/system.h 2008-06-29 16:17:48.000000000 +0100 +@@ -191,6 +191,8 @@ + }) + #endif + ++#define offsetof(TYPE, MEMBER) ((int)&((TYPE *)0)->MEMBER) ++ + #include "bstrlib.h" + + #endif + diff --git a/net-mgmt/coovachilli/files/patch-src_tun.c b/net-mgmt/coovachilli/files/patch-src_tun.c new file mode 100644 index 000000000000..bd5318dc89e2 --- /dev/null +++ b/net-mgmt/coovachilli/files/patch-src_tun.c @@ -0,0 +1,88 @@ +diff -urN src/tun.c.orig src/tun.c +--- src/tun.c.orig 2008-06-28 17:38:35.000000000 +0100 ++++ src/tun.c 2008-06-29 16:17:48.000000000 +0100 +@@ -1,7 +1,7 @@ + /* + * Tunnel Interface Functions. + * Copyright (C) 2002, 2003, 2004 Mondru AB. +- * Copyright (c) 2006-2007 David Bird <david@coova.com> ++ * Copyright (c) 2006-2008 David Bird <david@coova.com> + * + * The contents of this file may be used under the terms of the GNU + * General Public License Version 2, provided that the above copyright +@@ -226,7 +226,7 @@ + return 0; + } + +-int tun_gifindex(struct tun_t *this, int *index) { ++int tun_gifindex(struct tun_t *this, uint32_t *index) { + struct ifreq ifr; + int fd; + +@@ -423,7 +423,7 @@ + return 0; + } + +-static int tuntap_interface(struct _net_interface *netif) { ++int tuntap_interface(struct _net_interface *netif) { + #if defined(__linux__) + struct ifreq ifr; + +@@ -443,7 +443,6 @@ + #error "Unknown platform!" + #endif + +- + #if defined(__linux__) + /* Open the actual tun device */ + if ((netif->fd = open("/dev/net/tun", O_RDWR)) < 0) { +@@ -520,7 +519,6 @@ + /* Find suitable device */ + for (devnum = 0; devnum < 255; devnum++) { /* TODO 255 */ + snprintf(devname, sizeof(devname), "/dev/tun%d", devnum); +- devname[sizeof(devname)] = 0; + if ((netif->fd = open(devname, O_RDWR)) >= 0) break; + if (errno != EBUSY) break; + } +@@ -530,7 +528,6 @@ + } + + snprintf(netif->devname, sizeof(netif->devname), "tun%d", devnum); +- netif->devname[sizeof(netif->devname)-1] = 0; + + /* The tun device we found might have "old" IP addresses allocated */ + /* We need to delete those. This problem is not present on Linux */ +@@ -538,13 +535,11 @@ + memset(&areq, 0, sizeof(areq)); + + /* Set up interface name */ +- strncpy(areq.ifra_name, netif->devname, IFNAMSIZ); +- areq.ifra_name[IFNAMSIZ-1] = 0; /* Make sure to terminate */ ++ strncpy(areq.ifra_name, netif->devname, sizeof(areq.ifra_name)); + + /* Create a channel to the NET kernel. */ + if ((fd = socket(AF_INET, SOCK_DGRAM, 0)) < 0) { +- log_err(errno, +- "socket() failed"); ++ log_err(errno,"socket() failed"); + return -1; + } + +@@ -703,14 +698,15 @@ + + if (this->cb_ind) + return this->cb_ind(this, &packet, sbuf.len); +- + return 0; + + #endif + } + ++/* + static uint32_t dnatip[1024]; + static uint16_t dnatport[1024]; ++*/ + + int tun_encaps(struct tun_t *tun, void *pack, size_t len, int idx) { + + diff --git a/net-mgmt/coovachilli/files/patch-www_Makefile.am b/net-mgmt/coovachilli/files/patch-www_Makefile.am new file mode 100644 index 000000000000..6cbfd9970d29 --- /dev/null +++ b/net-mgmt/coovachilli/files/patch-www_Makefile.am @@ -0,0 +1,11 @@ +--- www/Makefile.am.orig 2008-06-29 17:44:26.000000000 +0000 ++++ www/Makefile.am 2008-06-29 17:44:48.000000000 +0000 +@@ -3,7 +3,7 @@ + chillidir = $(sysconfdir)/chilli + chilli_SCRIPTS = wwwsh + +-wwwdir = $(chillidir)/www ++wwwdir = $(prefix)/www/chilli + + wwwDATAFILES = \ + chillijs.chi chillijs.chi.sh chilliform.chi chilliform.chi.sh \ diff --git a/net-mgmt/coovachilli/files/pf.conf.sample b/net-mgmt/coovachilli/files/pf.conf.sample new file mode 100644 index 000000000000..73a3d9cd2ab2 --- /dev/null +++ b/net-mgmt/coovachilli/files/pf.conf.sample @@ -0,0 +1,47 @@ +# +# Basic Chillispot PF Config +# A tweak of Example 1 from the PF FAQ +# http://www.openbsd.org/faq/pf/example1.html +# By Venture37 +# venture37@geeklan.co.uk +# http://www.geeklan.co.uk + +# macros +int_if = "ral0" +ext_if = "fxp0" +chilli_if = "tun0" + +tcp_services = "{ 22, 113 }" +icmp_types = "echoreq" + +priv_nets = "{ 127.0.0.0/8, 192.168.0.0/16, 172.16.0.0/12, 10.0.0.0/8 }" + +# options +set block-policy return +set loginterface $ext_if + +# scrub +scrub in all + +# nat/rdr +nat on $ext_if from $chilli_if:network to any -> ($ext_if) + +# filter rules +block all + +pass quick on lo0 all + +block drop in quick on $ext_if from $priv_nets to any +block drop out quick on $ext_if from any to $priv_nets +block drop on $int_if all + +pass in on $ext_if inet proto tcp from any to ($ext_if) \ + port $tcp_services flags S/SA keep state + +pass in inet proto icmp all icmp-type $icmp_types keep state + +pass in on $chilli_if from $chilli_if:network to any keep state +pass out on $chilli_if from any to $chilli_if:network keep state + +pass out on $ext_if proto tcp all modulate state flags S/SA +pass out on $ext_if proto { udp, icmp } all keep state diff --git a/net-mgmt/coovachilli/pkg-descr b/net-mgmt/coovachilli/pkg-descr new file mode 100644 index 000000000000..93ef8851365e --- /dev/null +++ b/net-mgmt/coovachilli/pkg-descr @@ -0,0 +1,5 @@ +CoovaChilli is an access controller +It provides a captive portal / walled garden environment. +Coova builds on the popular features of the now defunct Chillispot. + +WWW: http://www.coova.org/ diff --git a/net-mgmt/coovachilli/pkg-message b/net-mgmt/coovachilli/pkg-message new file mode 100644 index 000000000000..07c30db4059a --- /dev/null +++ b/net-mgmt/coovachilli/pkg-message @@ -0,0 +1,11 @@ +| Add coovachilli_enable="YES" to /etc/rc.conf +| +| You'll need to tweak your kernel settings +| add the following to /boot/loader.conf +| kern.ipc.msgseg=16000 +| kern.ipc.msgmnb=16000 +| +| Sample config files located in %%EXAMPLESDIR%% +| copy the sample main.conf file to your +| chilli directory & create an empty +| hs.conf & local.conf to get going. diff --git a/net-mgmt/coovachilli/pkg-plist b/net-mgmt/coovachilli/pkg-plist new file mode 100644 index 000000000000..763bf703d54c --- /dev/null +++ b/net-mgmt/coovachilli/pkg-plist @@ -0,0 +1,39 @@ +@stopdaemon coovachilli +etc/chilli.conf +etc/chilli/defaults +etc/chilli/down.sh +etc/chilli/functions +etc/chilli/up.sh +www/chilli/ChilliLibrary.js +www/chilli/chilliController.js +www/chilli/chilliform.chi +www/chilli/chilliform.chi.sh +www/chilli/chillijs.chi +www/chilli/chillijs.chi.sh +www/chilli/config.sh +www/chilli/coova.html +www/chilli/coova.jpg +www/chilli/coova.png +www/chilli/json_html.tmpl +www/chilli/openid.gif +www/chilli/wait.gif +etc/chilli/wwwsh +lib/libbstring.a +lib/libbstring.la +lib/libbstring.so +lib/libbstring.so.0 +lib/libchilli.a +lib/libchilli.la +lib/libchilli.so +lib/libchilli.so.0 +sbin/chilli +sbin/chilli_query +sbin/chilli_radconfig +sbin/chilli_response +sbin/test_radius +@dirrm www/chilli +@dirrm etc/chilli +%%PORTEXAMPLES%%%%EXAMPLESDIR%%/pf.conf.sample +%%PORTEXAMPLES%%%%EXAMPLESDIR%%/ipfw-config.sample +%%PORTEXAMPLES%%%%EXAMPLESDIR%%/main.conf.sample +%%PORTEXAMPLES%%@dirrm %%EXAMPLESDIR%% |