From cf319581703bfe2836e7df909dd5f9c0ab0d54e5 Mon Sep 17 00:00:00 2001 From: aurelien Date: Tue, 13 Nov 2012 17:00:03 +0100 Subject: version i686 of the build of end of October 201 --- pcr/anyremote/PKGBUILD | 24 + pcr/anyremote/anyremote.install | 6 + pcr/bup/PKGBUILD | 34 ++ pcr/fwsnort/PKGBUILD | 44 ++ pcr/fwsnort/install_pl.patch | 27 ++ pcr/maruku/PKGBUILD | 24 + pcr/moblock/MoBlock-nfq.sh.patch | 53 +++ pcr/moblock/PKGBUILD | 55 +++ pcr/moblock/config | 30 ++ pcr/moblock/moblock | 70 +++ pcr/moblock/moblock-update | 174 ++++++++ pcr/moblock/moblock.install | 26 ++ pcr/moblock/moblock.logrotate | 11 + pcr/moblock/moblock_0.9_rc2.patch | 912 ++++++++++++++++++++++++++++++++++++++ pcr/moblock/moblock_include.patch | 10 + pcr/oinkmaster/PKGBUILD | 34 ++ pcr/perl-iptables-parse/PKGBUILD | 22 + pcr/python2-fabric/PKGBUILD | 23 + pcr/python2-paramiko/PKGBUILD | 33 ++ pcr/python2-ssh/PKGBUILD | 26 ++ pcr/ruby-haml/PKGBUILD | 35 ++ pcr/ruby-haml/ruby-yard/PKGBUILD | 36 ++ pcr/ruby-libnotify/PKGBUILD | 23 + pcr/ruby-syntax/PKGBUILD | 23 + pcr/ruby-yard/PKGBUILD | 36 ++ pcr/spice-gtk3/PKGBUILD | 38 ++ 26 files changed, 1829 insertions(+) create mode 100644 pcr/anyremote/PKGBUILD create mode 100644 pcr/anyremote/anyremote.install create mode 100644 pcr/bup/PKGBUILD create mode 100644 pcr/fwsnort/PKGBUILD create mode 100644 pcr/fwsnort/install_pl.patch create mode 100644 pcr/maruku/PKGBUILD create mode 100644 pcr/moblock/MoBlock-nfq.sh.patch create mode 100755 pcr/moblock/PKGBUILD create mode 100644 pcr/moblock/config create mode 100755 pcr/moblock/moblock create mode 100755 pcr/moblock/moblock-update create mode 100644 pcr/moblock/moblock.install create mode 100644 pcr/moblock/moblock.logrotate create mode 100644 pcr/moblock/moblock_0.9_rc2.patch create mode 100644 pcr/moblock/moblock_include.patch create mode 100644 pcr/oinkmaster/PKGBUILD create mode 100644 pcr/perl-iptables-parse/PKGBUILD create mode 100644 pcr/python2-fabric/PKGBUILD create mode 100644 pcr/python2-paramiko/PKGBUILD create mode 100644 pcr/python2-ssh/PKGBUILD create mode 100644 pcr/ruby-haml/PKGBUILD create mode 100644 pcr/ruby-haml/ruby-yard/PKGBUILD create mode 100644 pcr/ruby-libnotify/PKGBUILD create mode 100644 pcr/ruby-syntax/PKGBUILD create mode 100644 pcr/ruby-yard/PKGBUILD create mode 100644 pcr/spice-gtk3/PKGBUILD diff --git a/pcr/anyremote/PKGBUILD b/pcr/anyremote/PKGBUILD new file mode 100644 index 000000000..96e030245 --- /dev/null +++ b/pcr/anyremote/PKGBUILD @@ -0,0 +1,24 @@ +# Contributor: Andrea Fagiani +# Contributor: hb +# Contributor: Lisa Denia +# Maintainer : Parabola GNU / Linux-libre Aurelien Desbrieres + +pkgname=anyremote +pkgver=6.0 +pkgrel=1 +pkgdesc="Remote control (console-oriented) through bluetooth or IR connection" +arch=('i686' 'x86_64') +url="http://anyremote.sourceforge.net" +license=('GPL') +depends=('bluez' 'dbus-glib' 'libxtst') +optdepends=("irda-utils: IRDA support") +install=anyremote.install +source=(http://downloads.sourceforge.net/sourceforge/anyremote/$pkgname-$pkgver.tar.gz) + +build() { + cd $srcdir/$pkgname-$pkgver + ./configure --prefix=/usr + make + make DESTDIR=$pkgdir install +} +md5sums=('f39da5df07f3e1a0c59bc3f95347dbe7') diff --git a/pcr/anyremote/anyremote.install b/pcr/anyremote/anyremote.install new file mode 100644 index 000000000..012444ce0 --- /dev/null +++ b/pcr/anyremote/anyremote.install @@ -0,0 +1,6 @@ +post_install () { + echo " + >>>Download the java client for your phone at + >>>http://anyremote.sourceforge.net/dload.html + " +} diff --git a/pcr/bup/PKGBUILD b/pcr/bup/PKGBUILD new file mode 100644 index 000000000..bdc2abeeb --- /dev/null +++ b/pcr/bup/PKGBUILD @@ -0,0 +1,34 @@ +# Contributor: Bram Schoenmakers +# Contributor: henning mueller +# Maintainer : Parabola GNU / Linux-libre Aurélien Desbrières + +# If you'd like to have documentation, please set the variable below to 1. +# This implies installing pandoc, which in turn depends on many Haskell packages. +_havedocs=0 + +pkgname=bup +pkgver=0.25rc1 +_pkgver=0.25-rc1 +pkgrel=2 +pkgdesc="Backup tool using git pack files." +arch=('i686' 'x86_64') +url="http://github.com/apenwarr/bup" +license=('GPL') +depends=('python2-fuse' 'par2cmdline') +[ $_havedocs = 1 ] && makedepends=('haskell-pandoc') +source=("https://github.com/apenwarr/${pkgname}/archive/${pkgname}-${_pkgver}.tar.gz") + +build() { + cd "${srcdir}/${pkgname}-${pkgname}-${_pkgver}" + + find . -name \*.py | xargs sed -i 's:env python:env python2:' + sed -i 's:PYTHON=python:PYTHON=python2:' Makefile + + make +} + +package() { + cd "${srcdir}/${pkgname}-${pkgname}-${_pkgver}" + make DESTDIR=$pkgdir install +} +md5sums=('9d9af10900d84e2951aa64631ff4860d') diff --git a/pcr/fwsnort/PKGBUILD b/pcr/fwsnort/PKGBUILD new file mode 100644 index 000000000..37a863822 --- /dev/null +++ b/pcr/fwsnort/PKGBUILD @@ -0,0 +1,44 @@ +# Contributor: Colin Shea +# Maintainer : Parabola GNU / Linux-libre Aurelien Desbrieres + +pkgname=fwsnort +pkgver=1.6.2 +pkgrel=1 +pkgdesc="application layer IDS/IPS by translating snort rules into iptables" +arch=('any') +url="http://www.cipherdyne.org/fwsnort/" +license=('GPL') +depends=('perl' 'perl-net-ipv4addr' 'perl-iptables-parse' 'iptables' 'net-tools') +makedepends=('wget') +source=(http://www.cipherdyne.org/$pkgname/download/$pkgname-$pkgver.tar.bz2 + 'install_pl.patch') + +build() { + cd "$srcdir/$pkgname-$pkgver" + + mkdir -p $pkgdir/var/log/fwsnort \ + $pkgdir/usr/lib/fwsnort \ + $pkgdir/usr/share/man/man8 \ + $pkgdir/usr/sbin \ + $pkgdir/etc/fwsnort/snort_rules \ + $pkgdir/etc/fwsnort/archive \ + $pkgdir/etc/fwsnort/snort_rules_queue + + patch -p0 -i $srcdir/install_pl.patch + sed -e "/mpath.*man8/s|/usr|$pkgdir&|" \ + -e "/^my\\ \\\$sbin/s|/usr|$pkgdir&|" \ + -i install.pl + + cp fwsnort.conf fwsnort.conf.bak + + sed -e "s|/var/log/fwsnort|$pkgdir&|" \ + -e "s|/usr/lib/fwsnort|$pkgdir&|" \ + -e "s|/etc/fwsnort|$pkgdir&|" \ + ./fwsnort.conf -i + # -S skips installing the perl modules, which we did with packages + echo y | ./install.pl -S + mv -f fwsnort.conf.bak $pkgdir/etc/fwsnort/fwsnort.conf + chmod 755 $pkgdir/usr/sbin/fwsnort +} + +# vim:set ts=2 sw=2 et: diff --git a/pcr/fwsnort/install_pl.patch b/pcr/fwsnort/install_pl.patch new file mode 100644 index 000000000..b9cfb4a33 --- /dev/null +++ b/pcr/fwsnort/install_pl.patch @@ -0,0 +1,27 @@ +--- install.pl 2011-02-05 05:02:38.845785881 -0700 ++++ install2.pl 2011-02-05 05:03:21.350360881 -0700 +@@ -120,10 +120,6 @@ + ### make sure the system binaries are where we think they are. + &check_commands(); + +-### check to make sure we are running as root +-$< == 0 && $> == 0 or die "You need to be root (or equivalent UID 0", +- " account) to install/uninstall fwsnort!\n"; +- + if ($uninstall) { + &uninstall(); + } else { +--- install.pl 2011-01-02 18:38:51.000000000 -0700 ++++ install2.pl 2011-02-05 04:59:01.653910881 -0700 +@@ -471,8 +471,11 @@ + sub check_commands() { + my @path = qw( + /bin ++ /sbin + /usr/bin ++ /usr/sbin + /usr/local/bin ++ /usr/local/sbin + ); + CMD: for my $cmd (keys %cmds) { + unless (-x $cmds{$cmd}) { diff --git a/pcr/maruku/PKGBUILD b/pcr/maruku/PKGBUILD new file mode 100644 index 000000000..a647e5a12 --- /dev/null +++ b/pcr/maruku/PKGBUILD @@ -0,0 +1,24 @@ +# Contributor: Adam Lloyd +# Maintainter : Parabola GNU / Linux-libre Aurelien Desbrieres + +pkgname=maruku +pkgver=0.6.0 +pkgrel=1 +pkgdesc="A Markdown-superset interpreter" +arch=(any) +url="http://maruku.rubyforge.org/" +license=('GPL2') +depends=(ruby ruby-syntax) +makedepends=(rubygems) +source=(http://gems.rubyforge.org/gems/maruku-$pkgver.gem) +noextract=(maruku-$pkgver.gem) +md5sums=('6e2575e43b675eb4e15bbcee0fd1fd29') + +build() { + cd $srcdir + local _gemdir="$(ruby -rubygems -e'puts Gem.default_dir')" + gem install --ignore-dependencies -i "$pkgdir$_gemdir" maruku-$pkgver.gem +} + +# vim:set ts=2 sw=2 et: +md5sums=('6e2575e43b675eb4e15bbcee0fd1fd29') diff --git a/pcr/moblock/MoBlock-nfq.sh.patch b/pcr/moblock/MoBlock-nfq.sh.patch new file mode 100644 index 000000000..f9136c3c7 --- /dev/null +++ b/pcr/moblock/MoBlock-nfq.sh.patch @@ -0,0 +1,53 @@ +--- MoBlock-0.8/MoBlock-nfq.sh.orig 2008-11-30 03:44:02.000000000 -0500 ++++ MoBlock-0.8/MoBlock-nfq.sh 2008-12-01 18:56:15.000000000 -0500 +@@ -3,14 +3,10 @@ + # MoBlock.sh - MoBlock start script + # --------------------------------- + +-ACTIVATE_CHAINS=1 +-WHITE_TCP_IN="" +-WHITE_UDP_IN="" +-WHITE_TCP_OUT="" +-WHITE_UDP_OUT="" +-WHITE_TCP_FORWARD="" +-WHITE_UDP_FORWARD="" ++# Some configuration options have been moved to an external conf file ++# This should make maintenance and upgrading easier + ++. /etc/moblock/config + + PIDF=/var/run/moblock.pid + +@@ -78,6 +74,17 @@ + iptables -I MOBLOCK_FW -p udp --dport $PORT -j ACCEPT + done + ++# For added IP whitelisting support ++ ++for IP in $WHITE_IP_OUT; do ++ iptables -I MOBLOCK_OUT -p all -m iprange --dst-range $IP -j ACCEPT ++done ++for IP in $WHITE_IP_IN; do ++ iptables -I MOBLOCK_IN -p all -m iprange --src-range $IP -j ACCEPT ++done ++for IP in $WHITE_IP_FW; do ++ iptables -I MOBLOCK_FW -p all -m iprange --dst-range $IP -j ACCEPT ++done + + # Loopback traffic fix + +@@ -85,7 +92,8 @@ + iptables -I OUTPUT -p all -o lo -j ACCEPT + + # Here you can change block list and log files +-./moblock -p /etc/guarding.p2p ./moblock.log ++#./moblock -p /etc/guarding.p2p ./moblock.log ++/usr/bin/moblock -p /etc/moblock/banned.list /var/log/moblock.log >/dev/null 2>&1 + + # On exit delete the rules we added + +@@ -108,3 +116,4 @@ + if [ -f $PIDF ]; then + rm $PIDF; + fi ++ diff --git a/pcr/moblock/PKGBUILD b/pcr/moblock/PKGBUILD new file mode 100755 index 000000000..15504d1c1 --- /dev/null +++ b/pcr/moblock/PKGBUILD @@ -0,0 +1,55 @@ +# Contributor: Kevin Edmonds +# Contributor: Filip Wojciechowski, filip at loka dot pl +# Maintainer : Parabola GNU / Linux-libre Aurelien Desbrieres + +pkgname=moblock +pkgver=0.9rc2 +pkgrel=8 +pkgdesc="Console application that blocks connections from/to hosts listed in a file in peerguardian format" +arch=('i686' 'x86_64') +url="http://moblock.berlios.de/" +license=('GPL') +depends=(libnetfilter_queue iptables) +backup=(etc/moblock/config) +install=moblock.install +source=(http://download.berlios.de/moblock/MoBlock-0.8-i586.tar.bz2 \ + moblock_0.9_rc2.patch \ + MoBlock-nfq.sh.patch \ + moblock_include.patch \ + config \ + moblock-update \ + moblock \ + moblock.logrotate) + +build() { + cd $startdir/src/MoBlock-0.8 + + # patch to update moblock to the latest cvs version + patch -Np1 -i ../moblock_0.9_rc2.patch || return 1 + # add IP whitelisting and move configs to a separate conf file + patch -Np1 -i ../MoBlock-nfq.sh.patch || return 1 + # necessary to make moblock build with recent kernels + patch -Np1 -i ../moblock_include.patch || return 1 + + # change the CFLAGS for both i686 and x84_64 builds + sed -i "s#-Wall -O.*-ffast-math#$CFLAGS#g" Makefile + + # build + make || return 1 + + #move the files + install -D -m 755 ./MoBlock-nfq.sh $startdir/pkg/usr/bin/moblock-nfq || return 1 + install -D -m 744 ./moblock $startdir/pkg/usr/bin/moblock || return 1 + install -D -m 755 ../moblock-update $startdir/pkg/usr/bin/moblock-update || return 1 + install -D -m 744 ../moblock $startdir/pkg/etc/rc.d/moblock || return 1 + install -D -m 644 ../config $startdir/pkg/etc/moblock/config || return 1 + install -D -m 644 ../moblock.logrotate $startdir/pkg/etc/logrotate.d/moblock || return 1 +} +md5sums=('199967adb48b153be90db10fe21325c5' + 'e4e33c515677fa53eaca4616591d4e44' + 'e9f3c6b09f5e07dee948450780340ea3' + 'b23b5214965df59632de5cec317ddbde' + '840bb52a99529305e49212a69c9ced8a' + '49a16feb221d4d912cc7200313517f7b' + '1bdc949fcff0ce751a5096e489061513' + 'a8285fd3e68043cd8d21993d3dbbf9d4') diff --git a/pcr/moblock/config b/pcr/moblock/config new file mode 100644 index 000000000..7d7c287cc --- /dev/null +++ b/pcr/moblock/config @@ -0,0 +1,30 @@ +# Original MoBlock configuration options from MoBlock-nfq.sh file +ACTIVATE_CHAINS=1 +WHITE_TCP_IN="" +WHITE_UDP_IN="" +WHITE_TCP_OUT="" # Add "http https" here to prevent moblock from blocking webpages +WHITE_UDP_OUT="" +WHITE_TCP_FORWARD="" +WHITE_UDP_FORWARD="" + +# Added IP whitelisting support +WHITE_IP_IN="" +WHITE_IP_OUT="" +WHITE_IP_FW="" + +# Individual lists can be disabled by prefixing them with '!' +# Bluetack blacklists (http://www.bluetack.co.uk) +BLUETACK=(level1 level2 !level3 !edu ads-trackers-and-bad-pr0n bogon spyware spider Microsoft !proxy hijacked templist !rangetest dshield) + +# blocklist.org lists (currently doesn't work) +#BLOCKLIST=(p2p gov spy ads edu) + +# backup lists (might be outdated) +#PHOENIXLABS=(!p2b.p2b edu.txt spider.txt spyware.txt level1.txt !level2.txt !level3.txt) + +# Change to 'yes' if you want to backup up the old list before writing +# a new one. Only one backup copy will be kept. +BACKUP_OLD_LIST="no" + +# Options passed to wget +WGET_OPTS="-q" diff --git a/pcr/moblock/moblock b/pcr/moblock/moblock new file mode 100755 index 000000000..d88bd2e8d --- /dev/null +++ b/pcr/moblock/moblock @@ -0,0 +1,70 @@ +#!/bin/bash + +. /etc/rc.conf +. /etc/rc.d/functions + +case "$1" in + start) + stat_busy "Starting MoBlock" + if [ ! -f /var/run/moblock.pid ] + then + /usr/bin/moblock-nfq & + if [ $? -gt 0 ] + then + stat_fail + else + add_daemon moblock + stat_done + fi + else + stat_fail + fi + ;; + update) + stat_busy "Updating MoBlock block list..." + error=0 + /usr/bin/moblock-update || error=1 + stat_busy "Updating MoBlock block list" + if [ $error -eq 1 ]; then + stat_fail + else + stat_done + fi + ;; + stats) + stat_busy "Logging stats to /var/log/MoBlock.stats" + PID=`cat /var/run/moblock.pid 2>/dev/null` + if [ ! -z "$PID" ]; then + /bin/kill -USR2 $PID + if [ $? -gt 0 ]; then + stat_fail + else + stat_done + fi + else + stat_fail + fi + ;; + stop) + stat_busy "Stopping MoBlock" + PID=`cat /var/run/moblock.pid 2>/dev/null` + if [ ! -z "$PID" ]; then + /bin/kill $PID + if [ $? -gt 0 ]; then + stat_fail + else + rm_daemon moblock + stat_done + fi + else + stat_fail + fi + ;; + restart) + $0 stop + sleep 2 + $0 start + ;; + *) + echo "usage: $0 {start|stop|restart|update|stats}" +esac diff --git a/pcr/moblock/moblock-update b/pcr/moblock/moblock-update new file mode 100755 index 000000000..aae861d13 --- /dev/null +++ b/pcr/moblock/moblock-update @@ -0,0 +1,174 @@ +#!/bin/bash + +. /etc/moblock/config + +CONF_DIR=/etc/moblock +TEMP_DIR=$(/usr/bin/mktemp -t -d moblock-updateXXXXXXXX) +LIST_FILE=banned.list + +USECOLOR="no" +. /etc/rc.d/functions +PREFIX_REG=" >" +PREFIX_HL="::" + +function extract() +{ + /usr/bin/find $TEMP_DIR -type f -name '*.gz' -o -name '*.zip' |\ + while read N + do + case "$N" in + *.zip) /usr/bin/unzip -oqq "$N" 2>/dev/null + if [ $? -gt 0 ]; then + rm -f "$N" + return 1 + else + rm -f "$N" + fi + ;; + *.gz) /bin/gunzip -f "$N" 2>/dev/null + if [ $? -gt 0 ]; then + rm -f "$N" + return 1 + fi + ;; + *) continue + ;; + esac + done + return 0 +} + +cd $TEMP_DIR + +printf "${C_SEPARATOR} ------------------------------\n" +printhl "Downloading and extracting files:\n" + +# Bluetack lists (with fallback) +for i in ${BLUETACK[@]} +do + if [ $(echo $i | /bin/grep '^[^\!]' | /usr/bin/wc -l) -eq 1 ]; then + stat_busy "BLUETACK '${i}'... " + /usr/bin/wget ${WGET_OPTS} "http://www.bluetack.co.uk/config/${i}.gz" && extract + if [ $? -gt 0 ] || [ ! -f ${i} ]; then + stat_fail + bfile=$i + if [ "$bfile" = "ads-trackers-and-bad-pr0n" ]; then + bfile="ads" + elif [ "$bfile" = "Microsoft" ];then + bfile="microsoft" + fi + stat_busy "[!!] BLUETACK '${i}' (fallback link)... " + /usr/bin/wget ${WGET_OPTS} "http://list.iblocklist.com/?list=bt_${bfile%%-*}" -O "${i}.gz" && extract + if [ $? -gt 0 ]; then + stat_fail + else + stat_done + fi + else + stat_done + fi + fi +done + +# Blocklist lists +for i in ${BLOCKLIST[@]} +do + if [ $(echo $i | /bin/grep '^[^\!]' | /usr/bin/wc -l) -eq 1 ]; then + stat_busy "BLOCKLIST '${i}'... " + /usr/bin/wget ${WGET_OPTS} "blocklist.org/${i}.p2b.gz" && extract + if [ $? -gt 0 ]; then + stat_fail + else + stat_done + fi + fi +done + +# Old phoenixlabs.org lists +for i in ${PHOENIXLABS[@]} +do + if [ $(echo $i | /bin/grep '^[^\!]' | /usr/bin/wc -l) -eq 1 ]; then + stat_busy "PHOENIXLABS '${i}'... " + /usr/bin/wget ${WGET_OPTS} "fox.phoenixlabs.org/${i}" && extract + if [ $? -gt 0 ]; then + stat_fail + else + stat_done + fi + fi +done + +if [ $(/bin/cat "$TEMP_DIR"/* | /usr/bin/wc -l) -eq 0 ]; then + printf "\n" + printhl "ERROR: No files were downloaded" + printf "${C_SEPARATOR} ------------------------------\n" + exit 1 +fi + +# Check files +printsep +printhl "Checking integrity of downloaded files:\n" + +/usr/bin/find -type f | while read N +do + stat_busy "File '$(echo $N | /bin/awk -F/ '{print $NF}')'... " + scan1=$(/bin/cat "$N" | /usr/bin/wc -l) + scan2=$(/bin/egrep -o ":[0-9]*\.[0-9]*\.[0-9]*\.[0-9]*-[0-9]*\.[0-9]*\.[0-9]*\.[0-9]*" "$N" | /usr/bin/wc -l) + if [ $scan1 -eq $scan2 ]; then + stat_done + else + if [ $scan2 -gt 0 ]; then + if [ $scan1 -gt $scan2 ]; then + stat_append "$(($scan1-$scan2)) of $scan1 entries failed validation; keeping the file" + stat_done + fi + else + stat_fail + stat_busy "[!!] Removing corrupted file... " + rm "$N" 2>/dev/null + if [ $? -gt 0 ]; then + stat_fail + exit 1 + else + stat_done + fi + fi + fi +done + +printsep +printhl "Saving the list:\n" + +# Make backup +if [ "$BACKUP_OLD_LIST" = "yes" ] && [ -f "$CONF_DIR"/"$LIST_FILE" ]; then + stat_busy "Backing up old list to '$CONF_DIR/$LIST_FILE.gz'... " + /bin/gzip -f "$CONF_DIR"/"$LIST_FILE" 2>/dev/null + if [ $? -gt 0 ]; then + stat_fail + else + stat_done + fi +fi + +# Save the list +stat_busy "Saving new list to '$CONF_DIR/$LIST_FILE'... " +/bin/cat "$TEMP_DIR"/* > "$CONF_DIR"/"$LIST_FILE" 2>&1 +if [ $? -gt 0 ]; then + stat_fail + exit 1 +else + stat_done + printf "\n" + printhl "Saved `cat "$CONF_DIR"/"$LIST_FILE" | wc -l` ranges" + printf "${C_SEPARATOR} ------------------------------\n" +fi + +rm -rf "$TEMP_DIR" + +# Restart MoBlock +if [ -f /var/run/moblock.pid ]; then + /bin/kill -HUP `cat /var/run/moblock.pid` >/dev/null 2>&1 +fi + +exit 0 + diff --git a/pcr/moblock/moblock.install b/pcr/moblock/moblock.install new file mode 100644 index 000000000..6afe1d5d9 --- /dev/null +++ b/pcr/moblock/moblock.install @@ -0,0 +1,26 @@ +post_install() { + #clean up after an old hack + if [ -h /usr/lib/libnfnetlink.so.1 ]; then + rm /usr/lib/libnfnetlink.so.1 + fi + echo "" + echo ">>> moblock-update script no longer uses /var/spool/moblock" + echo ">>> as a temporary directory. You can safely delete it." + echo "" +} + +post_upgrade() { + #clean up after an old hack + if [ -h /usr/lib/libnfnetlink.so.1 ]; then + rm /usr/lib/libnfnetlink.so.1 + fi + echo "" + echo ">>> moblock-update script no longer uses /var/spool/moblock" + echo ">>> as a temporary directory. You can safely delete it." + echo "" +} + +op=$1 +shift +$op $* + diff --git a/pcr/moblock/moblock.logrotate b/pcr/moblock/moblock.logrotate new file mode 100644 index 000000000..6ed64bb81 --- /dev/null +++ b/pcr/moblock/moblock.logrotate @@ -0,0 +1,11 @@ +"/var/log/moblock.log" /var/log/MoBlock.stats { + daily + missingok + notifempty + sharedscripts + postrotate + /usr/bin/test -f /var/run/moblock.pid && /bin/kill -HUP `cat /var/run/moblock.pid 2>/dev/null` 2>/dev/null || exit 0 + endscript + compress +} + diff --git a/pcr/moblock/moblock_0.9_rc2.patch b/pcr/moblock/moblock_0.9_rc2.patch new file mode 100644 index 000000000..69994ffe8 --- /dev/null +++ b/pcr/moblock/moblock_0.9_rc2.patch @@ -0,0 +1,912 @@ +diff -Naur MoBlock-0.8_orig/Changelog MoBlock-0.8/Changelog +--- MoBlock-0.8_orig/Changelog 2006-03-22 12:44:31.000000000 -0500 ++++ MoBlock-0.8/Changelog 2008-02-10 11:56:08.000000000 -0500 +@@ -4,6 +4,23 @@ + + --- + ++0.9: - fix for kernel 2.6.23 ++ - support for MARKing packets instead of DROPping or ++ ACCEPTing ++ - example start script that REJECTs packets instead of ++ DROPping. ++ - Integrated a patch from David Walluck for proper loading ++ of p2b files (version 2) ++ - command line options for logging to syslog, stdout ++ and log timestamping ++ - fixed loading pg1 lists with comments (lines starting ++ with '#') ++ - fixed a bug in ranges merge ++ - applied patch 2223 by badfish99: "IPs logged with bytes ++ reversed on big-endian m/c" ++ ++--- ++ + 0.8: - support for NFQUEUE-ing from iptables FORWARD chain (thx to + hyakki for suggestions and testing!) + - included patches from Maximilian Mehnert to support log file +diff -Naur MoBlock-0.8_orig/Makefile MoBlock-0.8/Makefile +--- MoBlock-0.8_orig/Makefile 2006-03-22 12:44:31.000000000 -0500 ++++ MoBlock-0.8/Makefile 2007-11-22 08:10:44.000000000 -0500 +@@ -1,4 +1,3 @@ +- + # To use the old-soon-to-be-deprecated libipq interface + # uncomment the following line and comment the NFQUEUE one, + # then comment the gcc line with netfilter_queue and +@@ -7,7 +6,7 @@ + #QUEUE_LIB=LIBIPQ + QUEUE_LIB=NFQUEUE + +-CFLAGS=-Wall -O2 -march=i586 -mtune=i686 -fomit-frame-pointer -ffast-math \ ++CFLAGS=-Wall -O3 -march=i586 -mtune=i686 -fomit-frame-pointer -ffast-math \ + -D_GNU_SOURCE -D$(QUEUE_LIB) -L/usr/include/libipq + CC=gcc + +diff -Naur MoBlock-0.8_orig/MoBlock-nfq-reject.sh MoBlock-0.8/MoBlock-nfq-reject.sh +--- MoBlock-0.8_orig/MoBlock-nfq-reject.sh 1969-12-31 19:00:00.000000000 -0500 ++++ MoBlock-0.8/MoBlock-nfq-reject.sh 2007-11-22 08:10:44.000000000 -0500 +@@ -0,0 +1,104 @@ ++#!/bin/sh ++# ++# MoBlock.sh - MoBlock start script ++# --------------------------------- ++ ++ACTIVATE_CHAINS=1 ++WHITE_TCP_IN="" ++WHITE_UDP_IN="" ++WHITE_TCP_OUT="" ++WHITE_UDP_OUT="" ++WHITE_TCP_FORWARD="" ++WHITE_UDP_FORWARD="" ++REJECT_MARK="10" ++ ++PIDF=/var/run/moblock.pid ++ ++FNAME=`basename $0 .sh` ++MODE=`echo $FNAME|awk -F- '{print $2}'` ++ ++if [ -f $PIDF ]; then ++ PID=`cat $PIDF` ++ if [ `ps -p $PID|wc -l` -gt 1 ]; then ++ echo "$0: $PIDF exists and processs seems to be running. Exiting." ++ exit 1; ++ fi; ++fi; ++ ++if [ $MODE == "ipq" ]; then ++ modprobe ip_queue ++ TARGET="QUEUE" ++elif [ $MODE == "nfq" ]; then ++ modprobe ipt_NFQUEUE ++ TARGET="NFQUEUE" ++fi; ++ ++modprobe ipt_state ++ ++# Filter all traffic, edit for your needs ++ ++iptables -N MOBLOCK_IN ++iptables -N MOBLOCK_OUT ++iptables -N MOBLOCK_FW ++ ++if [ $ACTIVATE_CHAINS -eq 1 ]; then ++ iptables -I INPUT -p all -m state --state NEW -j MOBLOCK_IN ++ iptables -I OUTPUT -p all -m state --state NEW -j MOBLOCK_OUT ++ iptables -I FORWARD -p all -m state --state NEW -j MOBLOCK_FW ++fi; ++ ++ ++iptables -I MOBLOCK_IN -p all -j $TARGET ++ ++iptables -I MOBLOCK_OUT -p all -j $TARGET ++ ++iptables -I MOBLOCK_FW -p all -j $TARGET ++ ++for PORT in $WHITE_TCP_OUT; do ++ iptables -I MOBLOCK_OUT -p tcp --dport $PORT -j ACCEPT ++done ++for PORT in $WHITE_UDP_OUT; do ++ iptables -I MOBLOCK_OUT -p udp --dport $PORT -j ACCEPT ++done ++ ++for PORT in $WHITE_TCP_IN; do ++ iptables -I MOBLOCK_IN -p tcp --dport $PORT -j ACCEPT ++done ++for PORT in $WHITE_UDP_IN; do ++ iptables -I MOBLOCK_IN -p udp --dport $PORT -j ACCEPT ++done ++ ++for PORT in $WHITE_TCP_FORWARD; do ++ iptables -I MOBLOCK_FW -p tcp --dport $PORT -j ACCEPT ++done ++for PORT in $WHITE_UDP_FORWARD; do ++ iptables -I MOBLOCK_FW -p udp --dport $PORT -j ACCEPT ++done ++ ++iptables -I OUTPUT -p all -m state --state NEW -m mark --mark $REJECT_MARK -j REJECT ++iptables -I FORWARD -p all -m state --state NEW -m mark --mark $REJECT_MARK -j REJECT ++ ++# Here you can change block list and log files ++./moblock -d /etc/ipfilter.dat -t -s -r $REJECT_MARK ./moblock.log ++ ++# On exit delete the rules we added ++ ++if [ $ACTIVATE_CHAINS -eq 1 ]; then ++ iptables -D INPUT -p all -m state --state NEW -j MOBLOCK_IN ++ iptables -D OUTPUT -p all -m state --state NEW -j MOBLOCK_OUT ++ iptables -D FORWARD -p all -m state --state NEW -j MOBLOCK_FW ++fi; ++ ++iptables -D OUTPUT -p all -m state --state NEW -m mark --mark $REJECT_MARK -j REJECT ++iptables -D FORWARD -p all -m state --state NEW -m mark --mark $REJECT_MARK -j REJECT ++ ++iptables -F MOBLOCK_IN ++iptables -X MOBLOCK_IN ++iptables -F MOBLOCK_OUT ++iptables -X MOBLOCK_OUT ++iptables -F MOBLOCK_FW ++iptables -X MOBLOCK_FW ++ ++if [ -f $PIDF ]; then ++ rm $PIDF; ++fi +diff -Naur MoBlock-0.8_orig/MoBlock.c MoBlock-0.8/MoBlock.c +--- MoBlock-0.8_orig/MoBlock.c 2006-03-22 12:44:31.000000000 -0500 ++++ MoBlock-0.8/MoBlock.c 2008-02-10 11:56:08.000000000 -0500 +@@ -35,6 +35,8 @@ + #include + #include + #include ++#include ++#include + + // in Makefile define LIBIPQ to use soon-to-be-deprecated ip_queue, + // NFQUEUE for ipt_NFQUEUE (from kernel 2.6.14) +@@ -46,7 +48,7 @@ + #include + #endif + +-#define MB_VERSION "0.8" ++#define MB_VERSION "0.9rc2" + + #define BUFSIZE 2048 + #define PAYLOADSIZE 21 +@@ -58,6 +60,9 @@ + #define SRC_ADDR(payload) (*(in_addr_t *)((payload)+12)) + #define DST_ADDR(payload) (*(in_addr_t *)((payload)+16)) + ++#define likely(x) __builtin_expect((x),1) ++#define unlikely(x) __builtin_expect((x),0) ++ + // rbt datatypes/functions + + typedef enum { +@@ -96,7 +101,8 @@ + char filename[100]; + } blocklist_info; + +-int merged_ranges=0, skipped_ranges=0; ++u_int32_t merged_ranges=0, skipped_ranges=0, accept_mark=0, reject_mark=0; ++u_int8_t log2syslog=0, log2file=0, log2stdout=0, timestamp=0; + + #ifdef LIBIPQ + static void die(struct ipq_handle *h) +@@ -112,11 +118,13 @@ + static char buf[2][ sizeof("aaa.bbb.ccc.ddd") ]; + static short int index=0; + ++ ip = ntohl(ip); ++ + sprintf(buf[index],"%d.%d.%d.%d", +- (ip) & 0xff, +- (ip >> 8) & 0xff, ++ (ip >> 24) & 0xff, + (ip >> 16) & 0xff, +- (ip >> 24) & 0xff); ++ (ip >> 8) & 0xff, ++ (ip) & 0xff); + + if (index) { + index=0; +@@ -134,10 +142,38 @@ + fflush(stdout); + } + ++void log_action(char *msg) ++{ ++ char timestr[30]; ++ time_t tv; ++ ++ if (timestamp) { ++ tv = time(NULL); ++ strncpy(timestr, ctime(&tv), 19); ++ timestr[19] = '\0'; ++ strcat(timestr, "| "); ++ } ++ else strcpy(timestr, ""); ++ ++ if (log2syslog) { ++ syslog(LOG_INFO, msg); ++ } ++ ++ if (log2file) { ++ fprintf(logfile,"%s%s",timestr,msg); ++ fflush(logfile); ++ } ++ ++ if (log2stdout) { ++ fprintf(stdout,"%s%s",timestr,msg); ++ } ++} ++ + inline void ranged_insert(char *name,char *ipmin,char *ipmax) + { + recType tmprec; + int ret; ++ char msgbuf[255]; + + if ( strlen(name) > (BNAME_LEN-1) ) { + strncpy(tmprec.blockname, name, BNAME_LEN); +@@ -149,10 +185,11 @@ + if ( (ret=insert(ntohl(inet_addr(ipmin)),&tmprec)) != STATUS_OK ) + switch(ret) { + case STATUS_MEM_EXHAUSTED: +- fprintf(logfile,"Error inserting range, MEM_EXHAUSTED.\n"); ++ log_action("Error inserting range, MEM_EXHAUSTED.\n"); + break; + case STATUS_DUPLICATE_KEY: +- fprintf(logfile,"Duplicated range ( %s )\n",name); ++ sprintf(msgbuf,"Duplicated range ( %s )\n",name); ++ log_action(msgbuf); + break; + case STATUS_MERGED: + merged_ranges++; +@@ -161,8 +198,9 @@ + skipped_ranges++; + break; + default: +- fprintf(logfile,"Unexpected return value from ranged_insert()!\n"); +- fprintf(logfile,"Return value was: %d\n",ret); ++ log_action("Unexpected return value from ranged_insert()!\n"); ++ sprintf(msgbuf,"Return value was: %d\n",ret); ++ log_action(msgbuf); + break; + } + } +@@ -177,15 +215,19 @@ + regex_t regmain; + regmatch_t matches[4]; + int i; ++ char msgbuf[255]; + + regcomp(®main, "^(.*)[:]([0-9.]*)[-]([0-9.]*)$", REG_EXTENDED); + + fp=fopen(filename,"r"); + if ( fp == NULL ) { +- fprintf(logfile,"Error opening %s, aborting...\n", filename); ++ sprintf(msgbuf,"Error opening %s, aborting...\n", filename); ++ log_action(msgbuf); + exit(-1); + } + while ( (count=getline(&line,&len,fp)) != -1 ) { ++ if ( line[0] == '#' ) //comment line, skip ++ continue; + for(i=count-1; i>=0; i--) { + if ((line[i] == '\r') || (line[i] == '\n') || (line[i] == ' ')) { + line[i] = 0; +@@ -207,36 +249,78 @@ + line+matches[3].rm_so); + ntot++; + } else { +- fprintf(logfile,"Short guarding.p2p line %s, skipping it...\n", line); ++ sprintf(msgbuf,"Short guarding.p2p line %s, skipping it...\n", line); ++ log_action(msgbuf); + } + } + if (line) + free(line); + fclose(fp); +- fprintf(logfile,"Ranges loaded: %d\n",ntot); +- printf("* Ranges loaded: %d\n",ntot); ++ sprintf(msgbuf, "* Ranges loaded: %d\n", ntot); ++ log_action(msgbuf); ++ if ( !log2stdout ) ++ printf(msgbuf); + } + +-void loadlist_pg2(char *filename) // experimental, no check for list sanity ++void loadlist_pg2(char *filename) // supports only v2 files + { + FILE *fp; +- int i,retval,ntot=0; +- char name[100],ipmin[16]; // hope we don't have a list with longer names... ++ int i, j, c, retval=0, ntot=0; ++ char name[100],ipmin[16], msgbuf[255]; // hope we don't have a list with longer names... + uint32_t start_ip, end_ip; + struct in_addr startaddr,endaddr; ++ size_t s; + + fp=fopen(filename,"r"); + if ( fp == NULL ) { +- fprintf(logfile,"Error opening %s, aborting...\n", filename); ++ sprintf(msgbuf, "Error opening %s, aborting...\n", filename); ++ log_action(msgbuf); + exit(-1); + } + +- fgetc(fp); // skip first 4 bytes, don't know what they are +- fgetc(fp); +- fgetc(fp); +- retval=fgetc(fp); ++ for (j=0; j<4; j++) { ++ c=fgetc(fp); ++ if ( c != 0xff ) { ++ sprintf(msgbuf,"Byte %d: 0x%x != 0xff, aborting...\n", j+1, c); ++ log_action(msgbuf); ++ fclose(fp); ++ exit(-1); ++ } ++ } ++ ++ c=fgetc(fp); ++ if ( c != 'P' ) { ++ sprintf(msgbuf,"Byte 5: %c != P, aborting...\n", c); ++ log_action(msgbuf); ++ fclose(fp); ++ exit(-1); ++ } ++ ++ c=fgetc(fp); ++ if ( c != '2' ) { ++ sprintf(msgbuf,"Byte 6: %c != 2, aborting...\n", c); ++ log_action(msgbuf); ++ fclose(fp); ++ exit(-1); ++ } + +- while ( retval != EOF ) { ++ c=fgetc(fp); ++ if ( c != 'B' ) { ++ sprintf(msgbuf,"Byte 7: %c != B, aborting...\n", c); ++ log_action(msgbuf); ++ fclose(fp); ++ exit(-1); ++ } ++ ++ c=fgetc(fp); ++ if ( c != 0x02 ) { ++ sprintf(msgbuf,"Byte 8: version: %d != 2, aborting...\n", c); ++ log_action(msgbuf); ++ fclose(fp); ++ exit(-1); ++ } ++ ++ do { + i=0; + do { + name[i]=fgetc(fp); +@@ -244,9 +328,22 @@ + } while ( name[i-1] != 0x00 && name[i-1] != EOF); + if ( name[i-1] != EOF ) { + name[i-1]='\0'; +- fread(&start_ip,4,1,fp); +- fread(&end_ip,4,1,fp); +- startaddr.s_addr=start_ip; ++ s=fread(&start_ip,4,1,fp); ++ if ( s != 1 ) { ++ sprintf(msgbuf,"Failed to read start IP: %d != 1, aborting...\n", (int)s); ++ log_action(msgbuf); ++ fclose(fp); ++ exit(-1); ++ } ++ s=fread(&end_ip,4,1,fp); ++ if ( s != 1 ) { ++ sprintf(msgbuf,"Failed to read end IP: %d != 1, aborting...\n", (int)s); ++ log_action(msgbuf); ++ fclose(fp); ++ exit(-1); ++ } ++ ++ startaddr.s_addr=start_ip; + endaddr.s_addr=end_ip; + strcpy(ipmin,inet_ntoa(startaddr)); + ranged_insert(name,ipmin,inet_ntoa(endaddr)); +@@ -255,22 +352,25 @@ + else { + retval=EOF; + } +- } ++ } while ( retval != EOF ); + fclose(fp); +- fprintf(logfile,"Ranges loaded: %d\n",ntot); +- printf("* Ranges loaded: %d\n",ntot); ++ sprintf(msgbuf, "* Ranges loaded: %d\n",ntot); ++ log_action(msgbuf); ++ if ( !log2stdout ) ++ printf(msgbuf); + } + + void loadlist_dat(char *filename) + { + FILE *fp; + int ntot=0; +- char readbuf[200], *name, start_ip[16], end_ip[16]; ++ char readbuf[200], *name, start_ip[16], end_ip[16], msgbuf[255]; + unsigned short ip1_0, ip1_1, ip1_2, ip1_3, ip2_0, ip2_1, ip2_2, ip2_3; + + fp=fopen(filename,"r"); + if ( fp == NULL ) { +- fprintf(logfile,"Error opening %s, aborting...\n", filename); ++ sprintf(msgbuf,"Error opening %s, aborting...\n", filename); ++ log_action(msgbuf); + exit(-1); + } + +@@ -286,38 +386,45 @@ + ntot++; + } + fclose(fp); +- fprintf(logfile,"Ranges loaded: %d\n",ntot); +- printf("* Ranges loaded: %d\n",ntot); ++ sprintf(msgbuf, "* Ranges loaded: %d\n", ntot); ++ log_action(msgbuf); ++ if ( !log2stdout ) ++ printf(msgbuf); + } + + void reopen_logfile(void) + { ++ char msgbuf[255]; ++ + if (logfile != NULL) { + fclose(logfile); + logfile=NULL; + } + logfile=fopen(logfile_name,"a"); + if (logfile == NULL) { +- fprintf(stderr, "Unable to open logfile %s\n", logfile_name); ++ sprintf(msgbuf, "Unable to open logfile %s\n", logfile_name); ++ log_action(msgbuf); + exit(-1); + } +- fprintf(logfile, "Reopening logfile.\n"); ++ log_action("Reopening logfile.\n"); + } + + void my_sahandler(int sig) + { ++ char msgbuf[255]; ++ + switch( sig ) { + case SIGUSR1: +- fprintf(logfile,"Got SIGUSR1! Dumping stats...\n"); ++ log_action("Got SIGUSR1! Dumping stats...\n"); + ll_show(logfile); + reopen_logfile(); + break; + case SIGUSR2: +- fprintf(logfile,"Got SIGUSR2! Dumping stats to /var/log/MoBlock.stats\n"); ++ log_action("Got SIGUSR2! Dumping stats to /var/log/MoBlock.stats\n"); + ll_log(); + break; + case SIGHUP: +- fprintf(logfile,"\nGot SIGHUP! Dumping and resetting stats, reloading blocklist\n\n"); ++ log_action("Got SIGHUP! Dumping and resetting stats, reloading blocklist\n"); + ll_log(); + ll_clear(); // clear stats list + destroy_tree(); // clear loaded ranges +@@ -332,17 +439,18 @@ + loadlist_pg2(blocklist_info.filename); + break; + default: +- fprintf(logfile,"Unknown blocklist type while reloading list, contact the developer!\n"); ++ log_action("Unknown blocklist type while reloading list, contact the developer!\n"); + break; + } + reopen_logfile(); + break; + case SIGTERM: +- fprintf(logfile,"Got SIGTERM! Dumping stats and exiting.\n"); ++ log_action("Got SIGTERM! Dumping stats and exiting.\n"); + ll_log(); + exit(0); + default: +- fprintf(logfile,"Received signal = %d but not handled\n",sig); ++ sprintf(msgbuf,"Received signal = %d but not handled\n",sig); ++ log_action(msgbuf); + break; + } + } +@@ -378,7 +486,7 @@ + { + int id=0, status=0; + struct nfqnl_msg_packet_hdr *ph; +- char *payload; ++ char *payload, msgbuf[255]; + recType tmprec; + + ph = nfq_get_msg_packet_hdr(nfa); +@@ -389,34 +497,78 @@ + switch (ph->hook) { + case NF_IP_LOCAL_IN: + if ( find(ntohl(SRC_ADDR(payload)),&tmprec) == STATUS_OK ) { ++ // we drop the packet instead of rejecting ++ // we don't want the other host to know we are alive + status=nfq_set_verdict(qh, id, NF_DROP, 0, NULL); +- fprintf(logfile,"Blocked IN: %s,hits: %d,SRC: %s\n",tmprec.blockname,tmprec.hits,ip2str(SRC_ADDR(payload))); +- } else status = nfq_set_verdict(qh, id, NF_ACCEPT, 0, NULL); ++ sprintf(msgbuf,"Blocked IN: %s,hits: %d,SRC: %s\n",tmprec.blockname,tmprec.hits,ip2str(SRC_ADDR(payload))); ++ log_action(msgbuf); ++ } ++ else if ( unlikely(accept_mark) ) { ++ // we set the user-defined accept_mark and set NF_REPEAT verdict ++ // it's up to other iptables rules to decide what to do with this marked packet ++ status = nfq_set_verdict_mark(qh, id, NF_REPEAT, accept_mark, 0, NULL); ++ } ++ else { ++ // no accept_mark, just NF_ACCEPT the packet ++ status = nfq_set_verdict(qh, id, NF_ACCEPT, 0, NULL); ++ } + break; + case NF_IP_LOCAL_OUT: + if ( find(ntohl(DST_ADDR(payload)),&tmprec) == STATUS_OK ) { +- status=nfq_set_verdict(qh, id, NF_DROP, 0, NULL); +- fprintf(logfile,"Blocked OUT: %s,hits: %d,DST: %s\n",tmprec.blockname,tmprec.hits,ip2str(DST_ADDR(payload))); +- } else status = nfq_set_verdict(qh, id, NF_ACCEPT, 0, NULL); ++ if ( likely(reject_mark) ) { ++ // we set the user-defined reject_mark and set NF_REPEAT verdict ++ // it's up to other iptables rules to decide what to do with this marked packet ++ status = nfq_set_verdict_mark(qh, id, NF_REPEAT, reject_mark, 0, NULL); ++ } ++ else { ++ status = nfq_set_verdict(qh, id, NF_DROP, 0, NULL); ++ } ++ sprintf(msgbuf,"Blocked OUT: %s,hits: %d,DST: %s\n",tmprec.blockname,tmprec.hits,ip2str(DST_ADDR(payload))); ++ log_action(msgbuf); ++ } ++ else if ( unlikely(accept_mark) ) { ++ // we set the user-defined accept_mark and set NF_REPEAT verdict ++ // it's up to other iptables rules to decide what to do with this marked packet ++ status = nfq_set_verdict_mark(qh, id, NF_REPEAT, accept_mark, 0, NULL); ++ } ++ else { ++ // no accept_mark, just NF_ACCEPT the packet ++ status = nfq_set_verdict(qh, id, NF_ACCEPT, 0, NULL); ++ } + break; + case NF_IP_FORWARD: + if ( find2(ntohl(SRC_ADDR(payload)), ntohl(DST_ADDR(payload)), &tmprec) == STATUS_OK ) { +- status=nfq_set_verdict(qh, id, NF_DROP, 0, NULL); +- fprintf(logfile,"Blocked FWD: %s,hits: %d,SRC: %s, DST: %s\n", ++ if ( likely(reject_mark) ) { ++ // we set the user-defined reject_mark and set NF_REPEAT verdict ++ // it's up to other iptables rules to decide what to do with this marked packet ++ status = nfq_set_verdict_mark(qh, id, NF_REPEAT, reject_mark, 0, NULL); ++ } ++ else { ++ status = nfq_set_verdict(qh, id, NF_DROP, 0, NULL); ++ } ++ sprintf(msgbuf,"Blocked FWD: %s,hits: %d,SRC: %s, DST: %s\n", + tmprec.blockname, tmprec.hits, ip2str(SRC_ADDR(payload)), ip2str(DST_ADDR(payload))); +- fflush(logfile); +- } else status = nfq_set_verdict(qh, id, NF_ACCEPT, 0, NULL); ++ log_action(msgbuf); ++ } ++ else if ( unlikely(accept_mark) ) { ++ // we set the user-defined accept_mark and set NF_REPEAT verdict ++ // it's up to other iptables rules to decide what to do with this marked packet ++ status = nfq_set_verdict_mark(qh, id, NF_REPEAT, accept_mark, 0, NULL); ++ } ++ else { ++ // no accept_mark, just NF_ACCEPT the packet ++ status = nfq_set_verdict(qh, id, NF_ACCEPT, 0, NULL); ++ } + break; + default: +- fprintf(logfile,"Not NF_LOCAL_IN/OUT/FORWARD packet!\n"); ++ log_action("Not NF_LOCAL_IN/OUT/FORWARD packet!\n"); + break; + } + } + else { +- fprintf(logfile,"NFQUEUE: can't get msg packet header.\n"); ++ log_action("NFQUEUE: can't get msg packet header.\n"); + return(1); // from nfqueue source: 0 = ok, >0 = soft error, <0 hard error + } +- fflush(logfile); + return(0); + } + #endif +@@ -492,46 +644,48 @@ + struct nfq_q_handle *qh; + struct nfnl_handle *nh; + int fd,rv; +- char buf[BUFSIZE]; ++ char buf[BUFSIZE], msgbuf[255]; + + h = nfq_open(); + if (!h) { +- fprintf(logfile, "Error during nfq_open()\n"); ++ log_action("Error during nfq_open()\n"); + exit(-1); + } + + if (nfq_unbind_pf(h, AF_INET) < 0) { +- fprintf(logfile, "error during nfq_unbind_pf()\n"); +- exit(-1); ++ log_action("error during nfq_unbind_pf()\n"); ++ //exit(-1); + } + + if (nfq_bind_pf(h, AF_INET) < 0) { +- fprintf(logfile, "Error during nfq_bind_pf()\n"); ++ log_action("Error during nfq_bind_pf()\n"); + exit(-1); + } + +- fprintf(logfile,"NFQUEUE: binding to queue '%hd'\n", queuenum); ++ sprintf(msgbuf,"NFQUEUE: binding to queue '%hd'\n", queuenum); ++ log_action(msgbuf); + qh = nfq_create_queue(h, queuenum, &nfqueue_cb, NULL); + if (!qh) { +- fprintf(logfile, "error during nfq_create_queue()\n"); ++ log_action("error during nfq_create_queue()\n"); + exit(-1); + } + + if (nfq_set_mode(qh, NFQNL_COPY_PACKET, PAYLOADSIZE) < 0) { +- fprintf(logfile, "can't set packet_copy mode\n"); ++ log_action("can't set packet_copy mode\n"); + exit(-1); + } + + nh = nfq_nfnlh(h); + fd = nfnl_fd(nh); + +- while ((rv = recv(fd, buf, sizeof(buf), 0)) && rv >= 0) { ++ while ((rv = recv(fd, buf, sizeof(buf), 0)) >= 0) { + nfq_handle_packet(h, buf, rv); + } + +- printf("NFQUEUE: unbinding from queue 0\n"); ++ log_action("NFQUEUE: unbinding from queue 0\n"); + nfq_destroy_queue(qh); + nfq_close(h); ++ nfq_unbind_pf(h, AF_INET); + return(0); + #endif + +@@ -540,11 +694,16 @@ + void print_options(void) + { + printf("\nMoBlock %s by Morpheus",MB_VERSION); +- printf("\nSyntax: MoBlock -dnp [-b] [-q 0-65535] \n\n"); ++ printf("\nSyntax: MoBlock -dnp [-q 0-65535] \n\n"); + printf("\t-d\tblocklist is an ipfilter.dat file\n"); + printf("\t-n\tblocklist is a peerguardian 2.x file (.p2b)\n"); + printf("\t-p\tblocklist is a peerguardian file (.p2p)\n"); + printf("\t-q\t0-65535 NFQUEUE number (as specified in --queue-num with iptables)\n"); ++ printf("\t-r MARK\tmark packet with MARK instead of DROP\n"); ++ printf("\t-a MARK\tmark packet with MARK instead of ACCEPT\n"); ++ printf("\t-l\tlog to stdout\n"); ++ printf("\t-s\tlog to syslog\n"); ++ printf("\t-t\tlog timestamping\n\n"); + } + + void on_quit() +@@ -556,6 +715,7 @@ + { + int ret=0; + unsigned short int queuenum=0; ++ char msgbuf[255]; + + if (argc < 3) { + print_options(); +@@ -591,10 +751,11 @@ + } + logfile_name=malloc(strlen(argv[argc-1])+1); + strcpy(logfile_name,argv[argc-1]); ++ log2file = 1; + printf("* Logging to %s\n",logfile_name); + + while (1) { //scan command line options +- ret=getopt(argc, argv, "d:n:p:q:"); ++ ret=getopt(argc, argv, "d:n:p:q:a:r:stl"); + if ( ret == -1 ) break; + + switch (ret) { +@@ -619,6 +780,28 @@ + case 'q': + queuenum=(unsigned short int)atoi(optarg); + break; ++ case 'r': ++ reject_mark=(u_int32_t)atoi(optarg); ++ printf("* DROP MARK: %d\n", reject_mark); ++ reject_mark=htonl(reject_mark); ++ break; ++ case 'a': ++ accept_mark=(u_int32_t)atoi(optarg); ++ printf("* ACCEPT MARK: %d\n", accept_mark); ++ accept_mark=htonl(accept_mark); ++ break; ++ case 's': ++ log2syslog = 1; ++ printf("* Logging to syslog\n"); ++ break; ++ case 't': ++ timestamp = 1; ++ printf("* Log timestamp enabled\n"); ++ break; ++ case 'l': ++ log2stdout = 1; ++ printf("* Log to stdout enabled\n"); ++ break; + case '?': // unknown option + print_options(); + exit(-1); +@@ -626,10 +809,14 @@ + } + } + +- printf("* Merged ranges: %d\n", merged_ranges); +- fprintf(logfile, "Merged ranges: %d\n", merged_ranges); +- printf("* Skipped useless ranges: %d\n", skipped_ranges); +- fprintf(logfile,"Skipped useless ranges: %d\n", skipped_ranges); ++ sprintf(msgbuf, "* Merged ranges: %d\n", merged_ranges); ++ log_action(msgbuf); ++ if ( !log2stdout ) ++ printf(msgbuf); ++ sprintf(msgbuf,"* Skipped useless ranges: %d\n", skipped_ranges); ++ log_action(msgbuf); ++ if ( !log2stdout ) ++ printf(msgbuf); + fflush(NULL); + + netlink_loop(queuenum); +diff -Naur MoBlock-0.8_orig/README MoBlock-0.8/README +--- MoBlock-0.8_orig/README 2006-03-22 12:44:31.000000000 -0500 ++++ MoBlock-0.8/README 2007-11-22 08:10:44.000000000 -0500 +@@ -1,5 +1,5 @@ + +-MoBlock README v0.8 ++MoBlock README v0.9 + http://moblock.berlios.de + + .Introduction. +@@ -47,6 +47,22 @@ + ip_conntrack 40044 1 ipt_state + iptable_filter 2176 1 + ip_tables 17600 3 ipt_NFQUEUE,ipt_state,iptable_filter ++ ++ ...and these with kernel 2.6.23 using NFQUEUE interface: ++ ++ nfnetlink_queue 9344 1 ++ nfnetlink 4568 2 nfnetlink_queue ++ ipt_REJECT 3520 2 ++ xt_mark 1600 2 ++ nf_conntrack_ipv4 12424 5 ++ iptable_filter 2308 1 ++ ip_tables 10328 1 iptable_filter ++ xt_state 1984 5 ++ nf_conntrack 48356 2 nf_conntrack_ipv4,xt_state ++ xt_NFQUEUE 1664 3 ++ x_tables 11396 5 ipt_REJECT,xt_mark,ip_tables,xt_state,xt_NFQUEUE ++ ++ (notice that ipt_NFQUEUE has changed to xt_NFQUEUE, same thing for other modules too) + + 2) A valid guarding.p2p/ipfilter.dat/p2p.p2b host file in /etc ( /etc/guarding.p2p ). + MoBlock tries to skip malformed or duplicate ranges but +@@ -140,8 +156,18 @@ + To specify a NFQUEUE queue number: + + ./moblock -p /etc/guarding.p2p -q 5 MoBlock.log ++ ++ From version 0.9 MoBlock supports MARKing packets and RETURN them to ++ iptables, there's an example start script (MoBlock-nfq-reject.sh) that ++ uses this feature to REJECT packet instead of dropping them. It can help ++ in complex firewall configuration where you need more control of packets ++ flow after MoBlock inspection. ++ See the mentioned start script for reference, you can set the MARK value ++ for packets that MoBlock would drop (ip in list) with the "-r" command line ++ option and for packets that MoBlock would accept (ip not in list) with ++ the "-a" command line option. + +- To stop it: ++ To stop MoBlock: + + kill -TERM + +@@ -149,7 +175,7 @@ + To obtain stats about blocked ranges while it's running: + + kill -USR1 # write stats to logfile +- kill -USR2 # write stats to /var/log/MoBlock.stats ++ kill -USR2 # write stats to /var/log/MoBlock.stats + + ** NEW: to reload the blocklist while MoBlock is running send to it the + HUP signal: +@@ -168,7 +194,10 @@ + took some code and ideas from his FTwall + - Andrew de Quincey (adq at lidskialf dot net) for regular expressions + and command line args patch +-- Maximilian Mehnert (clessing at freenet dot de) for logfile rotation ++- clessing at freenet dot de for logfile rotation + patches, pid file creation, start script, fixes/files for debian packaging ++- David Walluck, patch for proper loading of p2b files ++- jre, for continuing clessing work on debian packaging and many other ++ contributions + +-Last Updated: 20/Mar/2006 ++Last Updated: 15/Oct/2007 +diff -Naur MoBlock-0.8_orig/rbt.c MoBlock-0.8/rbt.c +--- MoBlock-0.8_orig/rbt.c 2006-03-22 12:44:31.000000000 -0500 ++++ MoBlock-0.8/rbt.c 2008-02-10 11:56:08.000000000 -0500 +@@ -19,7 +19,7 @@ + #include + #include + +-#define RBT_VERSION 0.8 ++#define RBT_VERSION 0.9 + #define BNAME_LEN 80 + + /* implementation dependend declarations */ +@@ -421,7 +421,7 @@ + + statusEnum insert(keyType key, recType *rec) { + nodeType *current, *parent, *x; +- keyType tmpkey; ++ //keyType tmpkey; + recType tmprec; + int ret; + +@@ -433,6 +433,23 @@ + current = root; + parent = 0; + while (current != NIL) { ++ if (compEQ2(current->key, key, rec->ipmax)) { // current node key is inside new range to be inserted ++ strcpy(tmprec.blockname, rec->blockname); // block name from new range ++ if (compLT(current->rec.ipmax, rec->ipmax)) ++ tmprec.ipmax = rec->ipmax; ++ else tmprec.ipmax = current->rec.ipmax; ++ tmprec.hits = 0; ++ //printf("deleting node :%lu\n", current->key); ++ ret=delete(current->key); ++ if ( ret != STATUS_OK ) ++ return(ret); ++ ret=insert(key, &tmprec); ++ if ( ret == STATUS_OK ) { ++ printf("new merge\n"); ++ return(STATUS_MERGED); ++ } ++ else return(ret); ++ } + if (compEQ(key, current->key)) { + if ( rec->ipmax > current->rec.ipmax ) { + current->rec.ipmax=rec->ipmax; +@@ -458,7 +475,7 @@ + } + } + //check if higher ip (ipmax) is already in a range +- if (compEQ2(rec->ipmax,current->key,current->rec.ipmax)) { ++ /*if (compEQ2(rec->ipmax,current->key,current->rec.ipmax)) { + fprintf(logfile,"higher ip in range\n"); + tmpkey=key; + strcpy(tmprec.blockname,current->rec.blockname); +@@ -470,7 +487,7 @@ + if ( ret == STATUS_OK ) + return(STATUS_MERGED); + else return(ret); +- } ++ }*/ + parent = current; + current = compLT(key, current->key) ? + current->left : current->right; +@@ -495,7 +512,7 @@ + } else { + root = x; + } +- ++ //printf("new node, key: %lu, parent: %lu\n", x->key, parent ? parent->key : 0); + insertFixup(x); + lastFind = NULL; + diff --git a/pcr/moblock/moblock_include.patch b/pcr/moblock/moblock_include.patch new file mode 100644 index 000000000..644e8240e --- /dev/null +++ b/pcr/moblock/moblock_include.patch @@ -0,0 +1,10 @@ +--- MoBlock-0.8/MoBlock.c.orig 2008-08-15 14:41:49.000000000 -0400 ++++ MoBlock-0.8/MoBlock.c 2008-08-15 14:43:45.000000000 -0400 +@@ -32,6 +32,7 @@ + #include + #include + #include ++#include + #include + #include + #include diff --git a/pcr/oinkmaster/PKGBUILD b/pcr/oinkmaster/PKGBUILD new file mode 100644 index 000000000..f533e3663 --- /dev/null +++ b/pcr/oinkmaster/PKGBUILD @@ -0,0 +1,34 @@ +# Contributor: Robert Knauer +# Contributor: Kessia Pinheiro +# Maintainer : Parabola GNU / Linux-libre Aurélien Desbrières + +pkgname=oinkmaster +pkgver=2.0 +pkgrel=7 +pkgdesc="A script that will help you update and manage your Snort rules" +arch=('i686' 'x86_64') +license=('BSD') +url="http://oinkmaster.sourceforge.net/" +depends=('snort') +backup=( + 'etc/oinkmaster.conf' +) +source=( + "http://downloads.sourceforge.net/${pkgname}/${pkgname}-${pkgver}.tar.gz" +) +sha256sums=( + '3d52f0426aa7c81b122cef22b80d708d8bb8337537e48754a065804f46c46162' +) + +package() { + cd "${srcdir}/${pkgname}-${pkgver}" + install -m0655 -D 'oinkmaster.pl' "${pkgdir}/usr/bin/oinkmaster.pl" + install -m0644 -D 'oinkmaster.conf' "${pkgdir}/etc/oinkmaster.conf" + install -m0644 -D 'oinkmaster.1' "${pkgdir}/usr/man/man1/oinkmaster.1" + install -d -m0644 "${pkgdir}/usr/share/oinkmaster/" + install -d -m0755 "${pkgdir}/usr/share/licenses/oinkmaster/" + install -m0644 -D 'template-examples.conf' "${pkgdir}/usr/share/oinkmaster/" + cp -R 'contrib/' "${pkgdir}/usr/share/oinkmaster/" + install -m0644 [[:upper:]]* "${pkgdir}/usr/share/oinkmaster/" + install -m0644 -D 'LICENSE' "${pkgdir}/usr/share/licenses/${pkgname}/" +} diff --git a/pcr/perl-iptables-parse/PKGBUILD b/pcr/perl-iptables-parse/PKGBUILD new file mode 100644 index 000000000..94fe8e17a --- /dev/null +++ b/pcr/perl-iptables-parse/PKGBUILD @@ -0,0 +1,22 @@ +# Contributor: Weirch Sodora +# Maintainer : Parabola GNU / Linux-libre Aurelien Desbrieres + +pkgname=perl-iptables-parse +pkgver=1.1 +pkgrel=1 +pkgdesc="IPTables::Parse - Perl extension for parsing iptables and ip6tables firewall rulesets" +arch=('i686' 'x86_64') +url="http://search.cpan.org/~mrash/IPTables-Parse/" +license=('GPL' 'PerlArtistic') +depends=('perl' 'iptables') +options=('!emptydirs') +source=(http://search.cpan.org/CPAN/authors/id/M/MR/MRASH/IPTables-Parse-$pkgver.tar.gz) + +build() { + cd $startdir/src/IPTables-Parse-$pkgver + PERL_MM_USE_DEFAULT=1 perl Makefile.PL INSTALLDIRS=vendor || return 1 + make || return 1 + make install DESTDIR=$startdir/pkg || return 1 + find $startdir/pkg -name '.packlist' -delete + find $startdir/pkg -name '*.pod' -delete +} diff --git a/pcr/python2-fabric/PKGBUILD b/pcr/python2-fabric/PKGBUILD new file mode 100644 index 000000000..7552eaabc --- /dev/null +++ b/pcr/python2-fabric/PKGBUILD @@ -0,0 +1,23 @@ +# Maintainer: Sven-Hendrik Haase +# Contributor: Francois Boulogne +# Maintainer : Parabola GNU / Linux-libre Aurelien Desbrieres + +pkgname=python2-fabric +pkgver=1.5.0 +pkgrel=2 +pkgdesc="Python library and command-line tool designed to streamline deploying applications or performing system administration tasks via the SSH protocol" +url="http://fabfile.org/" +license=('BSD') +arch=('any') +depends=('python2>=2.5' 'pycrypto' 'python2-paramiko>=1.9.0' 'python2-distribute' 'python2-ssh') +source=("http://pypi.python.org/packages/source/F/Fabric/Fabric-${pkgver}.tar.gz") +md5sums=('13b7b98149497fb7ab6f880e3e875f89') + +build() { + cd ${srcdir}/Fabric-${pkgver} + python2 setup.py install --root=${pkgdir} --optimize=1 + + install -D -m644 README.rst ${pkgdir}/usr/share/doc/${pkgname}/README.rst + install -D -m644 LICENSE ${pkgdir}/usr/share/licenses/${pkgname}/LICENSE +} +md5sums=('13b7b98149497fb7ab6f880e3e875f89') diff --git a/pcr/python2-paramiko/PKGBUILD b/pcr/python2-paramiko/PKGBUILD new file mode 100644 index 000000000..da62b4e28 --- /dev/null +++ b/pcr/python2-paramiko/PKGBUILD @@ -0,0 +1,33 @@ +# $Id$ +# Maintainer: Chris Brannon +# Contributor: Douglas Soares de Andrade +# Contributor: Mario Danic + +pkgbase=python-paramiko +pkgname=python2-paramiko +pkgver=1.9.0 +pkgrel=1 +pkgdesc="Python module that implements the SSH2 protocol" +url="http://www.lag.net/paramiko/" +license=('LGPL') +arch=('any') +depends=('python2-crypto') +conflicts=() +replaces=() +source=(http://pypi.python.org/packages/source/p/paramiko/paramiko-$pkgver.tar.gz) + + +package_python2-paramiko() { + cd "$srcdir/paramiko-$pkgver" + + python2 setup.py install --root="$pkgdir" --optimize=1 + install -Dm644 README "$pkgdir/usr/share/doc/$pkgname/README" + install -dm755 "$pkgdir/usr/share/doc/$pkgname/demos" + install -m644 demos/* "$pkgdir/usr/share/doc/$pkgname/demos" + chmod 755 "$pkgdir/usr/share/doc/$pkgname/demos/"*.py + + find "$pkgdir" -name '*.py' -print0 |xargs -0 \ + sed -i -e 's,^#!/usr/bin/env python$,#!/usr/bin/env python2,' \ + -e 's,^#!/usr/bin/python$,#!/usr/bin/python2,' +} +md5sums=('b78472021ff6586dd61ad6972032f54f') diff --git a/pcr/python2-ssh/PKGBUILD b/pcr/python2-ssh/PKGBUILD new file mode 100644 index 000000000..84005f0ac --- /dev/null +++ b/pcr/python2-ssh/PKGBUILD @@ -0,0 +1,26 @@ +# Contributor: Your Name + +pkgname=python2-ssh +pkgver=1.8.0 +pkgrel=1 +pkgdesc="Python SSH2 protocol library" +arch=(any) +url="http://pypi.python.org/pypi/ssh" +license=('LGPL') +depends=('python2' 'pycrypto') +makedepends=() +provides=() +conflicts=() +replaces=() +backup=() +options=(!emptydirs) +install= +source=("http://pypi.python.org/packages/source/s/ssh/ssh-$pkgver.tar.gz") + +package() { + cd "$srcdir/ssh-$pkgver" + python2 setup.py install --root="$pkgdir/" --optimize=1 + + install -D -m644 LICENSE ${pkgdir}/usr/share/licenses/${pkgname}/LICENSE +} +md5sums=('bc4dd59ec0c7bdf78a3840652cac824e') diff --git a/pcr/ruby-haml/PKGBUILD b/pcr/ruby-haml/PKGBUILD new file mode 100644 index 000000000..37290484a --- /dev/null +++ b/pcr/ruby-haml/PKGBUILD @@ -0,0 +1,35 @@ +# Contributor: Renzo Carbonara +# Maintainer : Parabola GNU / Linux-libre Aurelien Desbrieres + +pkgname=ruby-haml +pkgver=3.1.6 +pkgrel=1 +pkgdesc="An elegant, structured XHTML/XML templating engine. Comes with Sass, a similar CSS templating engine." +arch=('any') +url="http://haml-lang.com/" +license=('MIT') +groups=() +depends=('ruby' 'ruby-yard>=0.5.3' 'maruku>=0.5.9') +makedepends=('rubygems') +optdepends=() +provides=() +conflicts=() +replaces=() +backup=() +options=() +install= +source=("http://gems.rubyforge.org/gems/haml-${pkgver}.gem") +noextract=("haml-${pkgver}.gem") + +build() { + cd $srcdir + local _gemdir="$(ruby -rubygems -e'puts Gem.default_dir')" + gem install --ignore-dependencies -i "$pkgdir$_gemdir" haml-$pkgver.gem \ + -n "$pkgdir/usr/bin" +} + +md5sums=('c73b2755a56cf5461f6a5e430052f436') + +# vim:set ts=2 sw=2 et: +md5sums=('c73b2755a56cf5461f6a5e430052f436') +md5sums=('c73b2755a56cf5461f6a5e430052f436') diff --git a/pcr/ruby-haml/ruby-yard/PKGBUILD b/pcr/ruby-haml/ruby-yard/PKGBUILD new file mode 100644 index 000000000..a686f937d --- /dev/null +++ b/pcr/ruby-haml/ruby-yard/PKGBUILD @@ -0,0 +1,36 @@ +# Maintainer: Matt Harrison +# Contributor: Renzo Carbonara + +pkgname=ruby-yard +_gemname=${pkgname#ruby-} +pkgver=0.8.2.1 +pkgrel=2 +pkgdesc="Documentation tool for consistent and usable documentation in Ruby." +arch=('any') +url="http://yardoc.org" +license=('MIT') +groups=() +depends=() +makedepends=('rubygems') +optdepends=() +provides=() +conflicts=() +replaces=() +backup=() +options=() +install= +source=("http://gems.rubyforge.org/gems/yard-${pkgver}.gem") +noextract=("yard-${pkgver}.gem") + +build() { + cd $srcdir + local _gemdir="$(ruby -rubygems -e'puts Gem.default_dir')" + gem install --no-user-install --ignore-dependencies -i "$pkgdir$_gemdir" \ + -n "$pkgdir/usr/bin" ${_gemname}-$pkgver.gem + install -D "$pkgdir$_gemdir/gems/${_gemname}-$pkgver/LICENSE" \ + "$pkgdir/usr/share/licenses/${pkgname}/LICENSE" +} + +md5sums=('08a48d23f8729b68945011cae7d121fe') + +# vim:set ts=2 sw=2 et: diff --git a/pcr/ruby-libnotify/PKGBUILD b/pcr/ruby-libnotify/PKGBUILD new file mode 100644 index 000000000..f38e10d2d --- /dev/null +++ b/pcr/ruby-libnotify/PKGBUILD @@ -0,0 +1,23 @@ +# Contributor: Luca Russo +# Contributor: Sigitas Mazaliauskas +# Contributor: Andreas W. Hauser +# Maintainer : Parabola GNU / Linux-libre Aurelien Desbrieres + +pkgname=ruby-libnotify +pkgver=0.8.0 +pkgrel=1 +pkgdesc="ruby bindings for libnotify, a library for desktop notifications" +arch=('i686' 'x86_64') +url="http://rubygems.org/downloads" +license=('LGPL') +depends=('ruby' 'libnotify' 'ruby-gtk2') +makedepends=('ruby-pkgconfig') +source=(http://rubygems.org/downloads/${pkgname}-${pkgver}.gem) +noextract=(${pkgname}-${pkgver}.gem) + +build() { + cd $srcdir + local _gemdir="$(ruby -rubygems -e'puts Gem.default_dir')" + + gem install --ignore-dependencies -i "$pkgdir$_gemdir" ${pkgname}-${pkgver}.gem +} diff --git a/pcr/ruby-syntax/PKGBUILD b/pcr/ruby-syntax/PKGBUILD new file mode 100644 index 000000000..6845206bb --- /dev/null +++ b/pcr/ruby-syntax/PKGBUILD @@ -0,0 +1,23 @@ +# Contributor: Adam Lloyd +# Maintainer : Parabola GNU / Linux-libre Aurelien Desbrieres +pkgname=ruby-syntax +pkgver=1.0.0 +pkgrel=1 +pkgdesc="Syntax - lexical analysis for syntax highlighting" +arch=(any) +url="http://syntax.rubyforge.org/" +license=('custom:BSD') +depends=(ruby) +makedepends=(rubygems) +source=(http://gems.rubyforge.org/gems/syntax-$pkgver.gem) +noextract=(syntax-$pkgver.gem) +md5sums=('d9d2eabc03bc937adfa00e35f228f9a8') + +build() { + cd $srcdir + local _gemdir="$(ruby -rubygems -e'puts Gem.default_dir')" + gem install --ignore-dependencies -i "$pkgdir$_gemdir" syntax-$pkgver.gem +} + +# vim:set ts=2 sw=2 et: +md5sums=('d9d2eabc03bc937adfa00e35f228f9a8') diff --git a/pcr/ruby-yard/PKGBUILD b/pcr/ruby-yard/PKGBUILD new file mode 100644 index 000000000..a686f937d --- /dev/null +++ b/pcr/ruby-yard/PKGBUILD @@ -0,0 +1,36 @@ +# Maintainer: Matt Harrison +# Contributor: Renzo Carbonara + +pkgname=ruby-yard +_gemname=${pkgname#ruby-} +pkgver=0.8.2.1 +pkgrel=2 +pkgdesc="Documentation tool for consistent and usable documentation in Ruby." +arch=('any') +url="http://yardoc.org" +license=('MIT') +groups=() +depends=() +makedepends=('rubygems') +optdepends=() +provides=() +conflicts=() +replaces=() +backup=() +options=() +install= +source=("http://gems.rubyforge.org/gems/yard-${pkgver}.gem") +noextract=("yard-${pkgver}.gem") + +build() { + cd $srcdir + local _gemdir="$(ruby -rubygems -e'puts Gem.default_dir')" + gem install --no-user-install --ignore-dependencies -i "$pkgdir$_gemdir" \ + -n "$pkgdir/usr/bin" ${_gemname}-$pkgver.gem + install -D "$pkgdir$_gemdir/gems/${_gemname}-$pkgver/LICENSE" \ + "$pkgdir/usr/share/licenses/${pkgname}/LICENSE" +} + +md5sums=('08a48d23f8729b68945011cae7d121fe') + +# vim:set ts=2 sw=2 et: diff --git a/pcr/spice-gtk3/PKGBUILD b/pcr/spice-gtk3/PKGBUILD new file mode 100644 index 000000000..903b9b56b --- /dev/null +++ b/pcr/spice-gtk3/PKGBUILD @@ -0,0 +1,38 @@ +# Contributor: Stefano Facchini +# Contributor: Jonathan Lestrelin +# Derived from the spice-gtk PKGBUILD by +# Contributor: Lucio Zara +# Maintainer : Parabola GNU / Linux-libre Aurelien Desbrieres + +pkgname=spice-gtk3 +_pkgname=spice-gtk +pkgver=0.14 +pkgrel=1 +pkgdesc="A Gtk client and libraries for SPICE remote desktop servers (gtk3 version)." +arch=('x86_64' 'i686') +url="http://spice-space.org" +license=('GPL') +makedepends=('intltool' 'vala' 'python2-pyparsing') +depends=('libpulse' 'gtk3' 'spice' 'libusb' 'usbredir') +conflicts=('spice-gtk') +options=('!libtool') +source=("http://www.spice-space.org/download/gtk/$_pkgname-$pkgver.tar.bz2") +sha256sums=('a16fa27364541493b886cc943f72c8f96ec251083af0a29d405a2c4f490274f5') + +build() { + cd "$srcdir/$_pkgname-$pkgver" + + sed -i 's,/usr/bin/env python,/usr/bin/python2,' spice-common/spice_codegen.py + + ./configure --prefix=/usr \ + --with-gtk=3.0 \ + --enable-vala \ + --enable-smartcard=no + make +} + +package() { + cd "$srcdir/$_pkgname-$pkgver" + + make DESTDIR="$pkgdir/" install +} -- cgit v1.2.3-54-g00ecf