fort-validator: New package
Commit Message
FORT Validator is an open source RPKI validator. It allows operators to validate BGP routing information
against the RPKI repository for use in router configuration and resolution.
This patch includes the LFS and rootfile to build the validator,
an initscript, required definitions for backup and an empty config file
for user customization.
Fixes #13845.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
---
config/backup/includes/fort-validator | 2 +
config/fort-validator/config.json | 2 +
config/rootfiles/packages/fort-validator | 8 ++
lfs/fort-validator | 112 +++++++++++++++++++++++
make.sh | 1 +
src/initscripts/packages/fort-validator | 55 +++++++++++
6 files changed, 180 insertions(+)
create mode 100644 config/backup/includes/fort-validator
create mode 100644 config/fort-validator/config.json
create mode 100644 config/rootfiles/packages/fort-validator
create mode 100644 lfs/fort-validator
create mode 100644 src/initscripts/packages/fort-validator
Comments
Thank you Stefan.
I had to add a couple of fixes to the initscript and we needed to ship the TAL files.
https://git.ipfire.org/?p=ipfire-2.x.git;a=commitdiff;h=5e5aeed7b0c955ccaecaefed9e3f104ffad56136
https://git.ipfire.org/?p=ipfire-2.x.git;a=commitdiff;h=ccc460565ffd5e36d6c494726bac8c91ffd98168
https://git.ipfire.org/?p=ipfire-2.x.git;a=commitdiff;h=d01b600c15cb1b0fb04049af88b193bd9fbdf9d4
https://git.ipfire.org/?p=ipfire-2.x.git;a=commitdiff;h=a005bdb87938029cfb768ccfdf9fc40a08ea68aa
https://git.ipfire.org/?p=ipfire-2.x.git;a=commitdiff;h=d5a6101fbcb446c41f15963971edab801ee059c0
https://git.ipfire.org/?p=ipfire-2.x.git;a=commitdiff;h=e53ee18418724ee1f442c94b9caacdeb5459524f
So far I can confirm that the package is working.
-Michael
> On 12 Jun 2025, at 17:27, Stefan Schantl <stefan.schantl@ipfire.org> wrote:
>
> FORT Validator is an open source RPKI validator. It allows operators to validate BGP routing information
> against the RPKI repository for use in router configuration and resolution.
>
> This patch includes the LFS and rootfile to build the validator,
> an initscript, required definitions for backup and an empty config file
> for user customization.
>
> Fixes #13845.
>
> Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
> ---
> config/backup/includes/fort-validator | 2 +
> config/fort-validator/config.json | 2 +
> config/rootfiles/packages/fort-validator | 8 ++
> lfs/fort-validator | 112 +++++++++++++++++++++++
> make.sh | 1 +
> src/initscripts/packages/fort-validator | 55 +++++++++++
> 6 files changed, 180 insertions(+)
> create mode 100644 config/backup/includes/fort-validator
> create mode 100644 config/fort-validator/config.json
> create mode 100644 config/rootfiles/packages/fort-validator
> create mode 100644 lfs/fort-validator
> create mode 100644 src/initscripts/packages/fort-validator
>
> diff --git a/config/backup/includes/fort-validator b/config/backup/includes/fort-validator
> new file mode 100644
> index 000000000..92d1f6446
> --- /dev/null
> +++ b/config/backup/includes/fort-validator
> @@ -0,0 +1,2 @@
> +/etc/fort/config.json
> +/var/lib/fort
> diff --git a/config/fort-validator/config.json b/config/fort-validator/config.json
> new file mode 100644
> index 000000000..2c63c0851
> --- /dev/null
> +++ b/config/fort-validator/config.json
> @@ -0,0 +1,2 @@
> +{
> +}
> diff --git a/config/rootfiles/packages/fort-validator b/config/rootfiles/packages/fort-validator
> new file mode 100644
> index 000000000..629aab345
> --- /dev/null
> +++ b/config/rootfiles/packages/fort-validator
> @@ -0,0 +1,8 @@
> +etc/fort
> +etc/fort/config.json
> +etc/fort/config.json.example
> +etc/rc.d/init.d/fort-validator
> +usr/bin/fort
> +#usr/share/man/man8/fort.8
> +var/ipfire/backup/addons/includes/fort-validator
> +var/lib/fort
> diff --git a/lfs/fort-validator b/lfs/fort-validator
> new file mode 100644
> index 000000000..cb8ba8972
> --- /dev/null
> +++ b/lfs/fort-validator
> @@ -0,0 +1,112 @@
> +###############################################################################
> +# #
> +# IPFire.org - A linux based firewall #
> +# Copyright (C) 2007-2024 IPFire Team <info@ipfire.org> #
> +# #
> +# This program is free software: you can redistribute it and/or modify #
> +# it under the terms of the GNU General Public License as published by #
> +# the Free Software Foundation, either version 3 of the License, or #
> +# (at your option) any later version. #
> +# #
> +# This program is distributed in the hope that it will be useful, #
> +# but WITHOUT ANY WARRANTY; without even the implied warranty of #
> +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
> +# GNU General Public License for more details. #
> +# #
> +# You should have received a copy of the GNU General Public License #
> +# along with this program. If not, see <http://www.gnu.org/licenses/>. #
> +# #
> +###############################################################################
> +
> +###############################################################################
> +# Definitions
> +###############################################################################
> +
> +include Config
> +
> +SUMMARY = Fort RPKI validator
> +
> +VER = 1.6.6
> +
> +THISAPP = FORT-validator-$(VER)
> +DL_FILE = $(THISAPP).tar.gz
> +DL_FROM = $(URL_IPFIRE)
> +DIR_APP = $(DIR_SRC)/$(THISAPP)
> +TARGET = $(DIR_INFO)/$(THISAPP)
> +PROG = fort-validator
> +PAK_VER = 1
> +
> +DEPS =
> +
> +SERVICES = fort-validator
> +
> +###############################################################################
> +# Top-level Rules
> +###############################################################################
> +
> +objects = $(DL_FILE)
> +
> +$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
> +
> +$(DL_FILE)_BLAKE2 = c62a0e41e2a2fea60383ae87ff92d9cd68945c459b0ccaa4d0a3fc6d8c0796cb0dc0fde7305023e4ddcf476b4043ac73d8213638a8f319862a3c39e3381f43da
> +
> +install : $(TARGET)
> +
> +check : $(patsubst %,$(DIR_CHK)/%,$(objects))
> +
> +download :$(patsubst %,$(DIR_DL)/%,$(objects))
> +
> +b2 : $(subst %,%_BLAKE2,$(objects))
> +
> +dist:
> + @$(PAK)
> +
> +###############################################################################
> +# Downloading, checking, b2sum
> +###############################################################################
> +
> +$(patsubst %,$(DIR_CHK)/%,$(objects)) :
> + @$(CHECK)
> +
> +$(patsubst %,$(DIR_DL)/%,$(objects)) :
> + @$(LOAD)
> +
> +$(subst %,%_BLAKE2,$(objects)) :
> + @$(B2SUM)
> +
> +###############################################################################
> +# Installation Details
> +###############################################################################
> +$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
> + @$(PREBUILD)
> + @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE)
> +
> + cd $(DIR_APP) && ./autogen.sh
> + cd $(DIR_APP) && ./configure \
> + --prefix=/usr \
> + --sysconfdir=/etc
> +
> + cd $(DIR_APP) && make $(MAKETUNING)
> + cd $(DIR_APP) && make install
> +
> + # Create directory layout
> + mkdir -pv /etc/fort
> + mkdir -pv /var/lib/fort
> +
> + # Install plain config file.
> + cd $(DIR_APP) && install -m 0644 $(DIR_SRC)/config/fort-validator/config.json \
> + /etc/fort/config.json
> +
> + # Install example config file.
> + cd $(DIR_APP) && install -m 0644 $(DIR_APP)/examples/config.json \
> + /etc/fort/config.json.example
> +
> + # Install initscripts
> + $(call INSTALL_INITSCRIPTS,$(SERVICES))
> +
> + # Install backup definitions
> + install -v -m 644 $(DIR_SRC)/config/backup/includes/fort-validator \
> + /var/ipfire/backup/addons/includes/fort-validator
> +
> + @rm -rf $(DIR_APP)
> + @$(POSTBUILD)
> diff --git a/make.sh b/make.sh
> index 61921fee6..181692f70 100755
> --- a/make.sh
> +++ b/make.sh
> @@ -2085,6 +2085,7 @@ build_system() {
> lfsmake2 btrfs-progs
> lfsmake2 inotify-tools
> lfsmake2 grub-btrfs
> + lfsmake2 fort-validator
>
> lfsmake2 linux
> lfsmake2 rtl8812au
> diff --git a/src/initscripts/packages/fort-validator b/src/initscripts/packages/fort-validator
> new file mode 100644
> index 000000000..e0c9ba29c
> --- /dev/null
> +++ b/src/initscripts/packages/fort-validator
> @@ -0,0 +1,55 @@
> +#!/bin/sh
> +###############################################################################
> +# #
> +# IPFire.org - A linux based firewall #
> +# Copyright (C) 2007-2025 IPFire Team <info@ipfire.org> #
> +# #
> +# This program is free software: you can redistribute it and/or modify #
> +# it under the terms of the GNU General Public License as published by #
> +# the Free Software Foundation, either version 3 of the License, or #
> +# (at your option) any later version. #
> +# #
> +# This program is distributed in the hope that it will be useful, #
> +# but WITHOUT ANY WARRANTY; without even the implied warranty of #
> +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
> +# GNU General Public License for more details. #
> +# #
> +# You should have received a copy of the GNU General Public License #
> +# along with this program. If not, see <http://www.gnu.org/licenses/>. #
> +# #
> +###############################################################################
> +
> +. /etc/sysconfig/rc
> +. ${rc_functions}
> +
> +case "${1}" in
> + start)
> + boot_mesg "Starting fort RPKI validator..."
> + loadproc /usr/bin/fort --log.output=syslog --validation-log.output=syslog --configuration-file /etc/fort/config.json
> + ;;
> +
> + stop)
> + boot_mesg "Stopping fort RPKI validator..."
> + killproc /usr/bin/fort
> + ;;
> +
> + reload)
> + boot_mesg "Reloading fort RPKI validator..."
> + reloadproc /usr/bin/fort
> + ;;
> +
> + restart)
> + ${0} stop
> + sleep 1
> + ${0} start
> + ;;
> +
> + status)
> + statusproc /usr/bin/fort
> + ;;
> +
> + *)
> + echo "Usage: ${0} {start|stop|reload|restart|status}"
> + exit 1
> + ;;
> +esac
> --
> 2.47.2
>
>
new file mode 100644
@@ -0,0 +1,2 @@
+/etc/fort/config.json
+/var/lib/fort
new file mode 100644
@@ -0,0 +1,2 @@
+{
+}
new file mode 100644
@@ -0,0 +1,8 @@
+etc/fort
+etc/fort/config.json
+etc/fort/config.json.example
+etc/rc.d/init.d/fort-validator
+usr/bin/fort
+#usr/share/man/man8/fort.8
+var/ipfire/backup/addons/includes/fort-validator
+var/lib/fort
new file mode 100644
@@ -0,0 +1,112 @@
+###############################################################################
+# #
+# IPFire.org - A linux based firewall #
+# Copyright (C) 2007-2024 IPFire Team <info@ipfire.org> #
+# #
+# This program is free software: you can redistribute it and/or modify #
+# it under the terms of the GNU General Public License as published by #
+# the Free Software Foundation, either version 3 of the License, or #
+# (at your option) any later version. #
+# #
+# This program is distributed in the hope that it will be useful, #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
+# GNU General Public License for more details. #
+# #
+# You should have received a copy of the GNU General Public License #
+# along with this program. If not, see <http://www.gnu.org/licenses/>. #
+# #
+###############################################################################
+
+###############################################################################
+# Definitions
+###############################################################################
+
+include Config
+
+SUMMARY = Fort RPKI validator
+
+VER = 1.6.6
+
+THISAPP = FORT-validator-$(VER)
+DL_FILE = $(THISAPP).tar.gz
+DL_FROM = $(URL_IPFIRE)
+DIR_APP = $(DIR_SRC)/$(THISAPP)
+TARGET = $(DIR_INFO)/$(THISAPP)
+PROG = fort-validator
+PAK_VER = 1
+
+DEPS =
+
+SERVICES = fort-validator
+
+###############################################################################
+# Top-level Rules
+###############################################################################
+
+objects = $(DL_FILE)
+
+$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
+
+$(DL_FILE)_BLAKE2 = c62a0e41e2a2fea60383ae87ff92d9cd68945c459b0ccaa4d0a3fc6d8c0796cb0dc0fde7305023e4ddcf476b4043ac73d8213638a8f319862a3c39e3381f43da
+
+install : $(TARGET)
+
+check : $(patsubst %,$(DIR_CHK)/%,$(objects))
+
+download :$(patsubst %,$(DIR_DL)/%,$(objects))
+
+b2 : $(subst %,%_BLAKE2,$(objects))
+
+dist:
+ @$(PAK)
+
+###############################################################################
+# Downloading, checking, b2sum
+###############################################################################
+
+$(patsubst %,$(DIR_CHK)/%,$(objects)) :
+ @$(CHECK)
+
+$(patsubst %,$(DIR_DL)/%,$(objects)) :
+ @$(LOAD)
+
+$(subst %,%_BLAKE2,$(objects)) :
+ @$(B2SUM)
+
+###############################################################################
+# Installation Details
+###############################################################################
+$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
+ @$(PREBUILD)
+ @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE)
+
+ cd $(DIR_APP) && ./autogen.sh
+ cd $(DIR_APP) && ./configure \
+ --prefix=/usr \
+ --sysconfdir=/etc
+
+ cd $(DIR_APP) && make $(MAKETUNING)
+ cd $(DIR_APP) && make install
+
+ # Create directory layout
+ mkdir -pv /etc/fort
+ mkdir -pv /var/lib/fort
+
+ # Install plain config file.
+ cd $(DIR_APP) && install -m 0644 $(DIR_SRC)/config/fort-validator/config.json \
+ /etc/fort/config.json
+
+ # Install example config file.
+ cd $(DIR_APP) && install -m 0644 $(DIR_APP)/examples/config.json \
+ /etc/fort/config.json.example
+
+ # Install initscripts
+ $(call INSTALL_INITSCRIPTS,$(SERVICES))
+
+ # Install backup definitions
+ install -v -m 644 $(DIR_SRC)/config/backup/includes/fort-validator \
+ /var/ipfire/backup/addons/includes/fort-validator
+
+ @rm -rf $(DIR_APP)
+ @$(POSTBUILD)
@@ -2085,6 +2085,7 @@ build_system() {
lfsmake2 btrfs-progs
lfsmake2 inotify-tools
lfsmake2 grub-btrfs
+ lfsmake2 fort-validator
lfsmake2 linux
lfsmake2 rtl8812au
new file mode 100644
@@ -0,0 +1,55 @@
+#!/bin/sh
+###############################################################################
+# #
+# IPFire.org - A linux based firewall #
+# Copyright (C) 2007-2025 IPFire Team <info@ipfire.org> #
+# #
+# This program is free software: you can redistribute it and/or modify #
+# it under the terms of the GNU General Public License as published by #
+# the Free Software Foundation, either version 3 of the License, or #
+# (at your option) any later version. #
+# #
+# This program is distributed in the hope that it will be useful, #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
+# GNU General Public License for more details. #
+# #
+# You should have received a copy of the GNU General Public License #
+# along with this program. If not, see <http://www.gnu.org/licenses/>. #
+# #
+###############################################################################
+
+. /etc/sysconfig/rc
+. ${rc_functions}
+
+case "${1}" in
+ start)
+ boot_mesg "Starting fort RPKI validator..."
+ loadproc /usr/bin/fort --log.output=syslog --validation-log.output=syslog --configuration-file /etc/fort/config.json
+ ;;
+
+ stop)
+ boot_mesg "Stopping fort RPKI validator..."
+ killproc /usr/bin/fort
+ ;;
+
+ reload)
+ boot_mesg "Reloading fort RPKI validator..."
+ reloadproc /usr/bin/fort
+ ;;
+
+ restart)
+ ${0} stop
+ sleep 1
+ ${0} start
+ ;;
+
+ status)
+ statusproc /usr/bin/fort
+ ;;
+
+ *)
+ echo "Usage: ${0} {start|stop|reload|restart|status}"
+ exit 1
+ ;;
+esac