[5/5] ipblacklist: Build infrastructure

Message ID 20191125201309.10840-6-ipfr@tfitzgeorge.me.uk
State Superseded
Headers show
Series ipblacklist: IP Address Blacklists | expand

Commit Message

Tim FitzGeorge Nov. 25, 2019, 8:13 p.m. UTC
Signed-off-by: Tim FitzGeorge <ipfr@tfitzgeorge.me.uk>
---
 config/rootfiles/common/aarch64/stage2      |  1 +
 config/rootfiles/common/configroot          |  2 ++
 config/rootfiles/common/ipblacklist-sources |  1 +
 config/rootfiles/common/logwatch            |  2 ++
 config/rootfiles/common/misc-progs          |  2 ++
 config/rootfiles/common/stage2              |  1 +
 config/rootfiles/common/web-user-interface  |  1 +
 config/rootfiles/common/x86_64/stage2       |  1 +
 lfs/configroot                              |  4 +--
 lfs/ipblacklist-sources                     | 53 +++++++++++++++++++++++++++++
 lfs/logwatch                                |  2 ++
 make.sh                                     | 11 +++---
 src/misc-progs/Makefile                     |  2 +-
 13 files changed, 75 insertions(+), 8 deletions(-)
 create mode 100644 config/rootfiles/common/ipblacklist-sources
 create mode 100644 lfs/ipblacklist-sources

Patch

diff --git a/config/rootfiles/common/aarch64/stage2 b/config/rootfiles/common/aarch64/stage2
index 366ab2bb0..5a598e3b1 100644
--- a/config/rootfiles/common/aarch64/stage2
+++ b/config/rootfiles/common/aarch64/stage2
@@ -93,6 +93,7 @@  usr/local/bin/connscheduler
 usr/local/bin/consort.sh
 usr/local/bin/convert-ovpn
 usr/local/bin/hddshutdown
+usr/local/bin/ipblacklist
 usr/local/bin/ipsec-interfaces
 usr/local/bin/makegraphs
 usr/local/bin/qosd
diff --git a/config/rootfiles/common/configroot b/config/rootfiles/common/configroot
index 56b0257bc..2f0e2440a 100644
--- a/config/rootfiles/common/configroot
+++ b/config/rootfiles/common/configroot
@@ -81,6 +81,8 @@  var/ipfire/geoip-functions.pl
 var/ipfire/graphs.pl
 var/ipfire/header.pl
 var/ipfire/ids-functions.pl
+var/ipfire/ipblacklist
+#var/ipfire/ipblacklist/settings
 var/ipfire/isdn
 #var/ipfire/isdn/settings
 var/ipfire/key
diff --git a/config/rootfiles/common/ipblacklist-sources b/config/rootfiles/common/ipblacklist-sources
new file mode 100644
index 000000000..7f54b1bbf
--- /dev/null
+++ b/config/rootfiles/common/ipblacklist-sources
@@ -0,0 +1 @@ 
+var/ipfire/ipblacklist/sources
diff --git a/config/rootfiles/common/logwatch b/config/rootfiles/common/logwatch
index c47fb4199..8b4810d97 100644
--- a/config/rootfiles/common/logwatch
+++ b/config/rootfiles/common/logwatch
@@ -192,6 +192,7 @@  usr/share/logwatch/default.conf/services/zz-sys.conf
 usr/share/logwatch/dist.conf/logfiles
 usr/share/logwatch/dist.conf/services
 usr/share/logwatch/dist.conf/services/dialup.conf
+usr/share/logwatch/dist.conf/services/ipblacklist.conf
 #usr/share/logwatch/lib
 usr/share/logwatch/lib/Logwatch.pm
 #usr/share/logwatch/scripts
@@ -256,6 +257,7 @@  usr/share/logwatch/scripts/services/http
 usr/share/logwatch/scripts/services/imapd
 #usr/share/logwatch/scripts/services/in.qpopper
 usr/share/logwatch/scripts/services/init
+usr/share/logwatch/scripts/services/ipblacklist
 usr/share/logwatch/scripts/services/ipop3d
 usr/share/logwatch/scripts/services/iptables
 usr/share/logwatch/scripts/services/kernel
diff --git a/config/rootfiles/common/misc-progs b/config/rootfiles/common/misc-progs
index c48a474b2..d17f3dd80 100644
--- a/config/rootfiles/common/misc-progs
+++ b/config/rootfiles/common/misc-progs
@@ -10,8 +10,10 @@  usr/local/bin/extrahdctrl
 usr/local/bin/fireinfoctrl
 usr/local/bin/firewallctrl
 usr/local/bin/getconntracktable
+usr/local/bin/getipsetstat
 usr/local/bin/getipstat
 #usr/local/bin/iowrap
+usr/local/bin/ipblacklistctrl
 usr/local/bin/ipfirereboot
 usr/local/bin/ipsecctrl
 usr/local/bin/launch-ether-wake
diff --git a/config/rootfiles/common/stage2 b/config/rootfiles/common/stage2
index d9068415b..a558050a7 100644
--- a/config/rootfiles/common/stage2
+++ b/config/rootfiles/common/stage2
@@ -92,6 +92,7 @@  usr/local/bin/connscheduler
 usr/local/bin/consort.sh
 usr/local/bin/convert-ovpn
 usr/local/bin/hddshutdown
+usr/local/bin/ipblacklist
 usr/local/bin/ipsec-interfaces
 usr/local/bin/makegraphs
 usr/local/bin/qosd
diff --git a/config/rootfiles/common/web-user-interface b/config/rootfiles/common/web-user-interface
index a88dd8770..da4fcde77 100644
--- a/config/rootfiles/common/web-user-interface
+++ b/config/rootfiles/common/web-user-interface
@@ -35,6 +35,7 @@  srv/web/ipfire/cgi-bin/hardwaregraphs.cgi
 srv/web/ipfire/cgi-bin/hosts.cgi
 srv/web/ipfire/cgi-bin/ids.cgi
 srv/web/ipfire/cgi-bin/index.cgi
+srv/web/ipfire/cgi-bin/ipblacklist.cgi
 srv/web/ipfire/cgi-bin/ipinfo.cgi
 srv/web/ipfire/cgi-bin/iptables.cgi
 srv/web/ipfire/cgi-bin/logs.cgi
diff --git a/config/rootfiles/common/x86_64/stage2 b/config/rootfiles/common/x86_64/stage2
index d90e3d70a..9c9b6c756 100644
--- a/config/rootfiles/common/x86_64/stage2
+++ b/config/rootfiles/common/x86_64/stage2
@@ -94,6 +94,7 @@  usr/local/bin/connscheduler
 usr/local/bin/consort.sh
 usr/local/bin/convert-ovpn
 usr/local/bin/hddshutdown
+usr/local/bin/ipblacklist
 usr/local/bin/ipsec-interfaces
 usr/local/bin/makegraphs
 usr/local/bin/qosd
diff --git a/lfs/configroot b/lfs/configroot
index 227d09239..4a4c919de 100644
--- a/lfs/configroot
+++ b/lfs/configroot
@@ -51,7 +51,7 @@  $(TARGET) :
 
 	# Create all directories
 	for i in addon-lang auth backup ca captive certs connscheduler crls ddns dhcp dhcpc dns dnsforward \
-			ethernet extrahd/bin fwlogs fwhosts firewall isdn key langs logging mac main \
+			ethernet extrahd/bin fwlogs fwhosts firewall ipblacklist isdn key langs logging mac main \
 			menu.d modem optionsfw \
 			ovpn patches pakfire portfw ppp private proxy/advanced/cre \
 			proxy/calamaris/bin qos/bin red remote sensors suricata time \
@@ -65,7 +65,7 @@  $(TARGET) :
 	    captive/settings captive/agb.txt captive/clients captive/voucher_out certs/index.txt certs/index.txt.attr ddns/config ddns/settings ddns/ipcache dhcp/settings \
 	    dhcp/fixleases dhcp/advoptions dhcp/dhcpd.conf.local dns/settings dnsforward/config ethernet/aliases ethernet/settings ethernet/known_nics ethernet/scanned_nics \
 	    ethernet/wireless extrahd/scan extrahd/devices extrahd/partitions extrahd/settings firewall/settings firewall/config firewall/geoipblock firewall/input firewall/outgoing \
-	    fwhosts/customnetworks fwhosts/customhosts fwhosts/customgroups fwhosts/customservicegrp fwhosts/customgeoipgrp fwlogs/ipsettings fwlogs/portsettings \
+	    fwhosts/customnetworks fwhosts/customhosts fwhosts/customgroups fwhosts/customservicegrp fwhosts/customgeoipgrp fwlogs/ipsettings fwlogs/portsettings ipblacklist/settings \
 	    isdn/settings mac/settings main/hosts main/routing main/security main/settings optionsfw/settings \
 	    ovpn/ccd.conf ovpn/ccdroute ovpn/ccdroute2 pakfire/settings portfw/config ppp/settings-1 ppp/settings-2 ppp/settings-3 ppp/settings-4 \
 	    ppp/settings-5 ppp/settings proxy/settings proxy/squid.conf proxy/advanced/settings proxy/advanced/cre/enable remote/settings qos/settings qos/classes qos/subclasses qos/level7config qos/portconfig \
diff --git a/lfs/ipblacklist-sources b/lfs/ipblacklist-sources
new file mode 100644
index 000000000..c9431285d
--- /dev/null
+++ b/lfs/ipblacklist-sources
@@ -0,0 +1,53 @@ 
+###############################################################################
+#                                                                             #
+# IPFire.org - A linux based firewall                                         #
+# Copyright (C) 2007  Michael Tremer & Christian Schmidt                      #
+#                                                                             #
+# This program is free software: you can redistribute it and/or modify        #
+# it under the terms of the GNU General Public License as published by        #
+# the Free Software Foundation, either version 3 of the License, or           #
+# (at your option) any later version.                                         #
+#                                                                             #
+# This program is distributed in the hope that it will be useful,             #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of              #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               #
+# GNU General Public License for more details.                                #
+#                                                                             #
+# You should have received a copy of the GNU General Public License           #
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.       #
+#                                                                             #
+###############################################################################
+
+###############################################################################
+# Definitions
+###############################################################################
+
+include Config
+
+VER        = ipfire
+
+THISAPP    = ipblacklist-sources
+TARGET     = $(DIR_INFO)/$(THISAPP)
+
+###############################################################################
+# Top-level Rules
+###############################################################################
+
+install : $(TARGET)
+
+check :
+
+download :
+
+md5 :
+
+###############################################################################
+# Installation Details
+###############################################################################
+
+$(TARGET) :
+	@$(PREBUILD)
+	mkdir -p /var/ipfire/ipblacklist
+	install -v -m 0644 $(DIR_SRC)/config/ipblacklist/sources /var/ipfire/ipblacklist
+
+	@$(POSTBUILD)
diff --git a/lfs/logwatch b/lfs/logwatch
index eb576717c..368a6b6bf 100644
--- a/lfs/logwatch
+++ b/lfs/logwatch
@@ -93,6 +93,8 @@  $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
 	#  done
 	cp -f $(DIR_SRC)/config/logwatch/dialup /usr/share/logwatch/scripts/services/dialup
 	cp -f $(DIR_SRC)/config/logwatch/dialup.conf /usr/share/logwatch/dist.conf/services/dialup.conf
+	cp -f $(DIR_SRC)/config/logwatch/ipblacklist /usr/share/logwatch/scripts/services/ipblacklist
+	cp -f $(DIR_SRC)/config/logwatch/ipblacklist.conf /usr/share/logwatch/dist.conf/services/ipblacklist.conf
 	
 	-mkdir -p /var/cache/logwatch
 	chmod -v 777 /var/cache/logwatch
diff --git a/make.sh b/make.sh
index 771c5ff89..207ca331b 100755
--- a/make.sh
+++ b/make.sh
@@ -1631,6 +1631,7 @@  buildipfire() {
   lfsmake2 tshark
   lfsmake2 geoip-generator
   lfsmake2 speedtest-cli
+  lfsmake2 ipblacklist-sources
 }
 
 buildinstaller() {
@@ -1648,7 +1649,7 @@  buildpackages() {
   export LOGFILE
   echo "... see detailed log in _build.*.log files" >> $LOGFILE
 
-  
+
   # Generating list of packages used
   print_line "Generating packages list from logs"
   rm -f $BASEDIR/doc/packages-list
@@ -1663,7 +1664,7 @@  buildpackages() {
   rm -f $BASEDIR/doc/packages-list
   # packages-list.txt is ready to be displayed for wiki page
   print_status DONE
-  
+
   # Update changelog
   cd $BASEDIR
   [ -z $GIT_TAG ]  || LAST_TAG=$GIT_TAG
@@ -1738,7 +1739,7 @@  while [ $# -gt 0 ]; do
 done
 
 # See what we're supposed to do
-case "$1" in 
+case "$1" in
 build)
 	START_TIME=$(now)
 
@@ -1777,7 +1778,7 @@  build)
 
 	print_build_stage "Building packages"
 	buildpackages
-	
+
 	print_build_stage "Checking Logfiles for new Files"
 
 	cd $BASEDIR
@@ -1842,7 +1843,7 @@  downloadsrc)
 	FINISHED=0
 	cd $BASEDIR/lfs
 	for c in `seq $MAX_RETRIES`; do
-		if (( FINISHED==1 )); then 
+		if (( FINISHED==1 )); then
 			break
 		fi
 		FINISHED=1
diff --git a/src/misc-progs/Makefile b/src/misc-progs/Makefile
index bea54e773..60b3965e0 100644
--- a/src/misc-progs/Makefile
+++ b/src/misc-progs/Makefile
@@ -32,7 +32,7 @@  SUID_PROGS = squidctrl sshctrl ipfirereboot \
 	smartctrl clamavctrl addonctrl pakfire mpfirectrl wlanapctrl \
 	setaliases urlfilterctrl updxlratorctrl fireinfoctrl rebuildroutes \
 	getconntracktable wirelessclient torctrl ddnsctrl unboundctrl \
-	captivectrl
+	captivectrl ipblacklistctrl getipsetstat
 SUID_UPDX = updxsetperms
 
 OBJS = $(patsubst %,%.o,$(PROGS) $(SUID_PROGS))