diff options
-rw-r--r-- | security/vpnc/Makefile | 32 | ||||
-rw-r--r-- | security/vpnc/files/patch-Makefile | 9 | ||||
-rw-r--r-- | security/vpnc/files/patch-vpnc.c | 2 | ||||
-rw-r--r-- | security/vpnc/files/vpnc.8 | 131 | ||||
-rw-r--r-- | security/vpnc/files/vpnc.sh | 21 | ||||
-rw-r--r-- | security/vpnc/pkg-descr | 2 | ||||
-rw-r--r-- | security/vpnc/pkg-plist | 2 |
7 files changed, 182 insertions, 17 deletions
diff --git a/security/vpnc/Makefile b/security/vpnc/Makefile index ee6befb4465c..80d02e2e3475 100644 --- a/security/vpnc/Makefile +++ b/security/vpnc/Makefile @@ -1,32 +1,50 @@ # New ports collection makefile for: vpnc -# Date created: 15 December 2003 -# Whom: Christian Lackas +# Date created: 15 December 2003 +# Whom: Christian Lackas # # $FreeBSD$ # PORTNAME= vpnc PORTVERSION= 0.2 +PORTREVISION= 1 CATEGORIES= security MASTER_SITES= http://www.unix-ag.uni-kl.de/~massar/vpnc/ DISTNAME= ${PORTNAME}-${PORTVERSION}-rm+zomb-pre6 MAINTAINER= delta@lackas.net -COMMENT= "Client for Cisco 3000 VPN Concentrator" +COMMENT= Client for Cisco 3000 VPN Concentrator LIB_DEPENDS= gcrypt.6:${PORTSDIR}/security/libgcrypt USE_GMAKE= yes +USE_REINPLACE= yes ALL_TARGET= vpnc -INSTALL_TARGET= -post-install: - @${INSTALL_PROGRAM} -m 751 ${WRKSRC}/vpnc ${PREFIX}/sbin/vpnc +MAN8= vpnc.8 + +post-patch: + @${REINPLACE_CMD} -e \ + 's|%%PREFIX%%|${PREFIX}|' ${WRKSRC}/vpnc.c + @${REINPLACE_CMD} -e \ + 's|%%CC%%|${CC}|;s|%%CFLAGS%%|${CFLAGS}|' \ + ${WRKSRC}/Makefile + +do-install: + @${INSTALL_PROGRAM} -m 751 ${WRKSRC}/vpnc ${PREFIX}/sbin @${INSTALL_SCRIPT} -m 755 ${FILESDIR}/vpnc.sh ${PREFIX}/etc/rc.d/vpnc.sh.sample @${INSTALL_DATA} -m 600 ${WRKSRC}/vpnc.conf ${PREFIX}/etc/vpnc.conf.sample + @${INSTALL_MAN} ${FILESDIR}/vpnc.8 ${PREFIX}/man/man8 .if !defined(NOPORTDOCS) ${MKDIR} ${DOCSDIR} - @${INSTALL_DATA} -m 666 ${WRKSRC}/README ${DOCSDIR} + @${INSTALL_DATA} ${WRKSRC}/README ${DOCSDIR} + @${INSTALL_DATA} ${WRKSRC}/ChangeLog ${DOCSDIR} + @${INSTALL_DATA} ${WRKSRC}/TODO ${DOCSDIR} .endif +post-install: + @${CAT} ${PKGMESSAGE} + @${REINPLACE_CMD} -e \ + 's|%%PREFIX%%|${PREFIX}|' ${PREFIX}/etc/rc.d/vpnc.sh.sample + .include <bsd.port.mk> diff --git a/security/vpnc/files/patch-Makefile b/security/vpnc/files/patch-Makefile index 7a9c20e88686..da145b91f127 100644 --- a/security/vpnc/files/patch-Makefile +++ b/security/vpnc/files/patch-Makefile @@ -1,14 +1,15 @@ --- Makefile.orig Sun Nov 2 01:21:39 2003 -+++ Makefile Wed Dec 17 13:08:35 2003 ++++ Makefile Wed Dec 17 09:56:14 2003 @@ -15,14 +15,14 @@ # along with this program; if not, write to the Free Software # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA -CC=gcc -CFLAGS=-W -Wall -O -g '-DVERSION="$(shell cat VERSION)"' $(shell libgcrypt-config --cflags) -+CC?=gcc -+CFLAGS+=-W -Wall -O -g '-DVERSION="$(shell cat VERSION)"' $(shell libgcrypt-config --cflags) - LDFLAGS=-g $(shell libgcrypt-config --libs) +-LDFLAGS=-g $(shell libgcrypt-config --libs) ++CC=%%CC%% ++CFLAGS=-W -Wall %%CFLAGS%% '-DVERSION="$(shell cat VERSION)"' $(shell libgcrypt-config --cflags) ++LDFLAGS=$(shell libgcrypt-config --libs) ifeq ($(shell uname -s), Linux) SYSDEP=sysdep-linux.o diff --git a/security/vpnc/files/patch-vpnc.c b/security/vpnc/files/patch-vpnc.c index c2e6ff968479..94d812863690 100644 --- a/security/vpnc/files/patch-vpnc.c +++ b/security/vpnc/files/patch-vpnc.c @@ -5,7 +5,7 @@ read_config_file (argv[i], config, 0); - read_config_file ("/etc/vpnc.conf", config, 1); -+ read_config_file ("/usr/local/etc/vpnc.conf", config, 1); ++ read_config_file ("%%PREFIX%%/etc/vpnc.conf", config, 1); if (!config[CONFIG_IKE_DH]) config[CONFIG_IKE_DH] = "dh2"; diff --git a/security/vpnc/files/vpnc.8 b/security/vpnc/files/vpnc.8 new file mode 100644 index 000000000000..65ad094a1334 --- /dev/null +++ b/security/vpnc/files/vpnc.8 @@ -0,0 +1,131 @@ +.\" Process this file with +.\" groff -man -Tascii vpnc.8 +.\" +.TH VPNC 8 "December 2003" FreeBSD "vpnc" +.SH NAME +vpnc \- Client for Cisco 3000 VPN Concentrator +.SH SYNOPSIS +.B vpnc [ --gateway +.I IP-or-hostname +.B ] [ --id +.I IPSec group Id +.B ] [ --username +.I name +.B ] [ --ifname +.I name +.B ] [ --local-port +.I port number +.B ] [ --pid-file +.I filename +.B ] [ --dh +.I IKE DH group +.B ] [ --pfs +.I PFS group +.B ] [ --non-inter ] [ --debug ] [ --no-detach ] [ --print-config ] +.SH DESCRIPTION +.B vpnc +is a VPN client for the Cisco 3000 VPN Concentrator, +creating a IPSec-like connection as a tunneling +network device for the local system. It uses the +TUN/TAP driver in Linux kernel 2.4 and above and +device +.BR tun (4) +on BSD. + +The vpnc daemon by it self does not set any routes. The user +has to do it on its own, e.g. for a full tunnel under FreeBSD + +.RS +.PD 0 +route add -host VPNGATEWAY ROUTER +.P +route delete default +.P +route add default -interface tun0 +.PD +.RE +.SH CONFIGURATION +The daemon reads configuration data from the following places: +.PD 0 +.IP "- command line options" +.IP "- config file(s) specified on the command line" +.IP "- PREFIX/etc/vpnc.conf" +.IP "- prompting the user if not found above" +.PD +.SH OPTIONS +.IP "--gateway IP-or-hostname" +IP address or hostname of the VPN gateway +.IP "--id IPSec group Id" +ID of the IPSec group +.IP "--username name" +your user credentials +.IP "--ifname name" +name of the tun-interface to use +.IP "--local-port port number" +use this port for the connection <0-65535>, use 0 for random +.IP "--pid-file filename" +store the pid of background process there +.IP "--dh IKE DH group" +name of the IKE DH Group <dh1/dh2/dh5> +.IP "--pfs PFS group" +Perfect Forward Secrecy <nopfs/dh1/dh2/dh5> +.IP "--non-inter" +non interactive mode, don't ask any questions +.IP "--debug nr" +set debugging level <0/1/2/3/99> +.IP "--no-detach" +do not send daemon to background +.IP "--print-config" +prints your configuration; output can be used as vpnc.conf + +.SH FILES +.I PREFIX/etc/vpnc.conf +.RS +The default configuration file. See +.BR EXAMPLES +for further details. +.RE + +.SH EXAMPLES +This is an example vpnc.conf: + +.RS +.PD 0 +IKE DH Group dh2 +.P +Perfect Forward Secrecy nopfs +.P +IPSec gateway vpn.rwth-aachen.de +.P +IPSec ID MoPS +.P +IPSec secret mopsWLAN +.P +Xauth username abcdef +.P +Xauth passwort 123456 +.PD +.RE + +The values start exactly one space after the keywords, and run to the end of +line. This lets you put any kind of weird character (except EOL and NUL) in +your strings, but it does mean you can't add comments after a string, or spaces +before them. + +See also the +.B --print-config +option to generate a config file. + +.SH TODO +Re-keying is no implemented yet (default rekey-intervall is 8 hours). + +.SH AUTHOR +This man-page has been written by Christian Lackas <delta(at)lackas.net>, +based on the Debian man-page +by Eduard Bloch <blade(at)debian.org> and the vpnc README by +Maurice Massar <vpnc(at)unix-ag.uni-kl.de> + +.SH "SEE ALSO" +.BR tun (4), +.BR route (1), +.BR http://www.unix-ag.uni-kl.de/~massar/vpnc/ diff --git a/security/vpnc/files/vpnc.sh b/security/vpnc/files/vpnc.sh index 63c9240e3c5a..031d2ed3917d 100644 --- a/security/vpnc/files/vpnc.sh +++ b/security/vpnc/files/vpnc.sh @@ -1,12 +1,25 @@ -#!/bin/sh +#! /bin/sh + +PREFIX=%%PREFIX%% +PIDFILE=/var/run/vpnc.pid + +# change these variables and activate comments +# below to get a full tunnel +VPNGATEWAY=vpn.rwth-aachen.de +ROUTER=192.168.111.2 case "$1" in start) - [ -x /usr/local/sbin/vpnc ] && /usr/local/sbin/vpnc && echo -n ' vpnc' + [ -x ${PREFIX}/sbin/vpnc ] && ${PREFIX}/sbin/vpnc --pid-file ${PIDFILE} && + # route add -host ${VPNGATEWAY} ${ROUTER} + # route delete default && + # route add default -interface tun0 && + echo -n ' vpnc' ;; stop) - # - kill + kill `cat ${PIDFILE}` + # route delete default && + # route add default ${ROUTER} ;; *) echo "Usage: `basename $0` {start|stop}" >&2 diff --git a/security/vpnc/pkg-descr b/security/vpnc/pkg-descr index 150e15c85dfe..76383a7dfdf1 100644 --- a/security/vpnc/pkg-descr +++ b/security/vpnc/pkg-descr @@ -3,6 +3,6 @@ VPNC - Client for Cisco 3000 VPN Concentrator A VPN client compatible with Cisco's EasyVPN equipment. Supports IPSec (ESP) with Mode Configuration and Xauth. Supports only shared-secret IPSec authentication, 3DES, MD5, and IP tunneling. -It runs entirely in userspace +It runs entirely in userspace. WWW: http://www.unix-ag.uni-kl.de/~massar/vpnc/ diff --git a/security/vpnc/pkg-plist b/security/vpnc/pkg-plist index 36c695b88192..b06165543ad6 100644 --- a/security/vpnc/pkg-plist +++ b/security/vpnc/pkg-plist @@ -2,4 +2,6 @@ sbin/vpnc etc/vpnc.conf.sample etc/rc.d/vpnc.sh.sample %%PORTDOCS%%%%DOCSDIR%%/README +%%PORTDOCS%%%%DOCSDIR%%/ChangeLog +%%PORTDOCS%%%%DOCSDIR%%/TODO %%PORTDOCS%%@dirrm %%DOCSDIR%% |