[v2,1/3] squid-asnbl: New package
Commit Message
This package adds an ASNBL helper for detecting Fast Flux setups and
selectively announced networks (i. e. FQDNs resolving to IP addresses
not being announced by an Autonomous System) to the distribution.
Afterwards, the helper script is located at /usr/bin/asnbl-helper.py .
The second version of this patch updates squid-asnbl to upstream version
0.2.2, improving logging in case of detected Fast Flux setups.
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
---
config/rootfiles/common/squid-asnbl | 1 +
lfs/squid-asnbl | 83 +++++++++++++++++++++++++++++
make.sh | 1 +
3 files changed, 85 insertions(+)
create mode 100644 config/rootfiles/common/squid-asnbl
create mode 100644 lfs/squid-asnbl
Comments
Hello,
> On 10 Oct 2021, at 18:43, Peter Müller <peter.mueller@ipfire.org> wrote:
>
> This package adds an ASNBL helper for detecting Fast Flux setups and
> selectively announced networks (i. e. FQDNs resolving to IP addresses
> not being announced by an Autonomous System) to the distribution.
> Afterwards, the helper script is located at /usr/bin/asnbl-helper.py .
This is maybe purely aesthetic, but a helper script in /usr/bin feels wrong to me.
Neither am I a fan of having a file extension like this in /usr/bin. Something similar has caused us to ship our backup script which is written in shell as backup.pl. Implementations might change.
> The second version of this patch updates squid-asnbl to upstream version
> 0.2.2, improving logging in case of detected Fast Flux setups.
>
> Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
> ---
> config/rootfiles/common/squid-asnbl | 1 +
> lfs/squid-asnbl | 83 +++++++++++++++++++++++++++++
> make.sh | 1 +
> 3 files changed, 85 insertions(+)
> create mode 100644 config/rootfiles/common/squid-asnbl
> create mode 100644 lfs/squid-asnbl
>
> diff --git a/config/rootfiles/common/squid-asnbl b/config/rootfiles/common/squid-asnbl
> new file mode 100644
> index 000000000..f129f441e
> --- /dev/null
> +++ b/config/rootfiles/common/squid-asnbl
> @@ -0,0 +1 @@
> +usr/bin/asnbl-helper.py
> diff --git a/lfs/squid-asnbl b/lfs/squid-asnbl
> new file mode 100644
> index 000000000..3fc001768
> --- /dev/null
> +++ b/lfs/squid-asnbl
> @@ -0,0 +1,83 @@
> +###############################################################################
> +# #
> +# IPFire.org - A linux based firewall #
> +# Copyright (C) 2007-2021 IPFire Team <info@ipfire.org> #
> +# #
> +# This program is free software: you can redistribute it and/or modify #
> +# it under the terms of the GNU General Public License as published by #
> +# the Free Software Foundation, either version 3 of the License, or #
> +# (at your option) any later version. #
> +# #
> +# This program is distributed in the hope that it will be useful, #
> +# but WITHOUT ANY WARRANTY; without even the implied warranty of #
> +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
> +# GNU General Public License for more details. #
> +# #
> +# You should have received a copy of the GNU General Public License #
> +# along with this program. If not, see <http://www.gnu.org/licenses/>. #
> +# #
> +###############################################################################
> +
> +
> +###############################################################################
> +# Definitions
> +###############################################################################
> +
> +include Config
> +
> +VER = 0.2.2
> +
> +THISAPP = squid-asnbl-$(VER)
> +DL_FILE = $(THISAPP).tar.gz
> +DL_FROM = $(URL_IPFIRE)
> +
> +DIR_APP = $(DIR_SRC)/$(THISAPP)
> +
> +TARGET = $(DIR_INFO)/$(THISAPP)
> +
> +DEPS = libloc squid python3
> +
> +###############################################################################
> +# Top-level Rules
> +###############################################################################
> +
> +objects = $(DL_FILE)
> +
> +$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
> +
> +$(DL_FILE)_MD5 = d62be77baa30b16d1c2362460123d6c0
> +
> +install : $(TARGET)
> +
> +check : $(patsubst %,$(DIR_CHK)/%,$(objects))
> +
> +download :$(patsubst %,$(DIR_DL)/%,$(objects))
> +
> +md5 : $(subst %,%_MD5,$(objects))
> +
> +###############################################################################
> +# Downloading, checking, md5sum
> +###############################################################################
> +
> +$(patsubst %,$(DIR_CHK)/%,$(objects)) :
> + @$(CHECK)
> +
> +$(patsubst %,$(DIR_DL)/%,$(objects)) :
> + @$(LOAD)
> +
> +$(subst %,%_MD5,$(objects)) :
> + @$(MD5)
> +
> +###############################################################################
> +# Installation Details
> +###############################################################################
> +
> +$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
> + @$(PREBUILD)
> + @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zvxf $(DIR_DL)/$(DL_FILE)
> +
> + # Install ASNBL helper script
> + cd $(DIR_APP) && install -o root -g root -m 0755 asnbl-helper.py /usr/bin/asnbl-helper.py
> +
> + @rm -rf $(DIR_APP)
> + @$(POSTBUILD)
> diff --git a/make.sh b/make.sh
> index dabed5aa5..215e5c633 100755
> --- a/make.sh
> +++ b/make.sh
> @@ -1613,6 +1613,7 @@ buildipfire() {
> lfsmake2 socat
> lfsmake2 libcdada
> lfsmake2 pmacct
> + lfsmake2 squid-asnbl
> }
>
> buildinstaller() {
> --
> 2.26.2
Hello Michael,
thanks for your reply.
> Hello,
>
>> On 10 Oct 2021, at 18:43, Peter Müller <peter.mueller@ipfire.org> wrote:
>>
>> This package adds an ASNBL helper for detecting Fast Flux setups and
>> selectively announced networks (i. e. FQDNs resolving to IP addresses
>> not being announced by an Autonomous System) to the distribution.
>> Afterwards, the helper script is located at /usr/bin/asnbl-helper.py .
>
> This is maybe purely aesthetic, but a helper script in /usr/bin feels wrong to me.
Where would you place it instead?
> Neither am I a fan of having a file extension like this in /usr/bin. Something similar has caused us to ship our backup script which is written in shell as backup.pl. Implementations might change.
True. Is this a show-stopper to you? If so, I will hand in a third version of
this patch series to correct this.
Aside from that, I can assure you (if this is what you desire) this won't cause
the problem you described. I doubt any other application within IPFire will ever
need this script. :-)
Thanks, and best regards,
Peter Müller
>
>> The second version of this patch updates squid-asnbl to upstream version
>> 0.2.2, improving logging in case of detected Fast Flux setups.
>>
>> Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
>> ---
>> config/rootfiles/common/squid-asnbl | 1 +
>> lfs/squid-asnbl | 83 +++++++++++++++++++++++++++++
>> make.sh | 1 +
>> 3 files changed, 85 insertions(+)
>> create mode 100644 config/rootfiles/common/squid-asnbl
>> create mode 100644 lfs/squid-asnbl
>>
>> diff --git a/config/rootfiles/common/squid-asnbl b/config/rootfiles/common/squid-asnbl
>> new file mode 100644
>> index 000000000..f129f441e
>> --- /dev/null
>> +++ b/config/rootfiles/common/squid-asnbl
>> @@ -0,0 +1 @@
>> +usr/bin/asnbl-helper.py
>> diff --git a/lfs/squid-asnbl b/lfs/squid-asnbl
>> new file mode 100644
>> index 000000000..3fc001768
>> --- /dev/null
>> +++ b/lfs/squid-asnbl
>> @@ -0,0 +1,83 @@
>> +###############################################################################
>> +# #
>> +# IPFire.org - A linux based firewall #
>> +# Copyright (C) 2007-2021 IPFire Team <info@ipfire.org> #
>> +# #
>> +# This program is free software: you can redistribute it and/or modify #
>> +# it under the terms of the GNU General Public License as published by #
>> +# the Free Software Foundation, either version 3 of the License, or #
>> +# (at your option) any later version. #
>> +# #
>> +# This program is distributed in the hope that it will be useful, #
>> +# but WITHOUT ANY WARRANTY; without even the implied warranty of #
>> +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
>> +# GNU General Public License for more details. #
>> +# #
>> +# You should have received a copy of the GNU General Public License #
>> +# along with this program. If not, see <http://www.gnu.org/licenses/>. #
>> +# #
>> +###############################################################################
>> +
>> +
>> +###############################################################################
>> +# Definitions
>> +###############################################################################
>> +
>> +include Config
>> +
>> +VER = 0.2.2
>> +
>> +THISAPP = squid-asnbl-$(VER)
>> +DL_FILE = $(THISAPP).tar.gz
>> +DL_FROM = $(URL_IPFIRE)
>> +
>> +DIR_APP = $(DIR_SRC)/$(THISAPP)
>> +
>> +TARGET = $(DIR_INFO)/$(THISAPP)
>> +
>> +DEPS = libloc squid python3
>> +
>> +###############################################################################
>> +# Top-level Rules
>> +###############################################################################
>> +
>> +objects = $(DL_FILE)
>> +
>> +$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
>> +
>> +$(DL_FILE)_MD5 = d62be77baa30b16d1c2362460123d6c0
>> +
>> +install : $(TARGET)
>> +
>> +check : $(patsubst %,$(DIR_CHK)/%,$(objects))
>> +
>> +download :$(patsubst %,$(DIR_DL)/%,$(objects))
>> +
>> +md5 : $(subst %,%_MD5,$(objects))
>> +
>> +###############################################################################
>> +# Downloading, checking, md5sum
>> +###############################################################################
>> +
>> +$(patsubst %,$(DIR_CHK)/%,$(objects)) :
>> + @$(CHECK)
>> +
>> +$(patsubst %,$(DIR_DL)/%,$(objects)) :
>> + @$(LOAD)
>> +
>> +$(subst %,%_MD5,$(objects)) :
>> + @$(MD5)
>> +
>> +###############################################################################
>> +# Installation Details
>> +###############################################################################
>> +
>> +$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
>> + @$(PREBUILD)
>> + @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zvxf $(DIR_DL)/$(DL_FILE)
>> +
>> + # Install ASNBL helper script
>> + cd $(DIR_APP) && install -o root -g root -m 0755 asnbl-helper.py /usr/bin/asnbl-helper.py
>> +
>> + @rm -rf $(DIR_APP)
>> + @$(POSTBUILD)
>> diff --git a/make.sh b/make.sh
>> index dabed5aa5..215e5c633 100755
>> --- a/make.sh
>> +++ b/make.sh
>> @@ -1613,6 +1613,7 @@ buildipfire() {
>> lfsmake2 socat
>> lfsmake2 libcdada
>> lfsmake2 pmacct
>> + lfsmake2 squid-asnbl
>> }
>>
>> buildinstaller() {
>> --
>> 2.26.2
>
Hello,
> On 13 Oct 2021, at 17:25, Peter Müller <peter.mueller@ipfire.org> wrote:
>
> Hello Michael,
>
> thanks for your reply.
>
>> Hello,
>>
>>> On 10 Oct 2021, at 18:43, Peter Müller <peter.mueller@ipfire.org> wrote:
>>>
>>> This package adds an ASNBL helper for detecting Fast Flux setups and
>>> selectively announced networks (i. e. FQDNs resolving to IP addresses
>>> not being announced by an Autonomous System) to the distribution.
>>> Afterwards, the helper script is located at /usr/bin/asnbl-helper.py .
>>
>> This is maybe purely aesthetic, but a helper script in /usr/bin feels wrong to me.
>
> Where would you place it instead?
/usr/lib/squid/helpers/asnbl
>
>> Neither am I a fan of having a file extension like this in /usr/bin. Something similar has caused us to ship our backup script which is written in shell as backup.pl. Implementations might change.
>
> True. Is this a show-stopper to you? If so, I will hand in a third version of
> this patch series to correct this.
>
> Aside from that, I can assure you (if this is what you desire) this won't cause
> the problem you described. I doubt any other application within IPFire will ever
> need this script. :-)
Not really a showstopper. I just want to make things look sleek. It will help us to name things in a more meaningful manner and to type less.
-Michael
> Thanks, and best regards,
> Peter Müller
>
>>
>>> The second version of this patch updates squid-asnbl to upstream version
>>> 0.2.2, improving logging in case of detected Fast Flux setups.
>>>
>>> Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
>>> ---
>>> config/rootfiles/common/squid-asnbl | 1 +
>>> lfs/squid-asnbl | 83 +++++++++++++++++++++++++++++
>>> make.sh | 1 +
>>> 3 files changed, 85 insertions(+)
>>> create mode 100644 config/rootfiles/common/squid-asnbl
>>> create mode 100644 lfs/squid-asnbl
>>>
>>> diff --git a/config/rootfiles/common/squid-asnbl b/config/rootfiles/common/squid-asnbl
>>> new file mode 100644
>>> index 000000000..f129f441e
>>> --- /dev/null
>>> +++ b/config/rootfiles/common/squid-asnbl
>>> @@ -0,0 +1 @@
>>> +usr/bin/asnbl-helper.py
>>> diff --git a/lfs/squid-asnbl b/lfs/squid-asnbl
>>> new file mode 100644
>>> index 000000000..3fc001768
>>> --- /dev/null
>>> +++ b/lfs/squid-asnbl
>>> @@ -0,0 +1,83 @@
>>> +###############################################################################
>>> +# #
>>> +# IPFire.org - A linux based firewall #
>>> +# Copyright (C) 2007-2021 IPFire Team <info@ipfire.org> #
>>> +# #
>>> +# This program is free software: you can redistribute it and/or modify #
>>> +# it under the terms of the GNU General Public License as published by #
>>> +# the Free Software Foundation, either version 3 of the License, or #
>>> +# (at your option) any later version. #
>>> +# #
>>> +# This program is distributed in the hope that it will be useful, #
>>> +# but WITHOUT ANY WARRANTY; without even the implied warranty of #
>>> +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
>>> +# GNU General Public License for more details. #
>>> +# #
>>> +# You should have received a copy of the GNU General Public License #
>>> +# along with this program. If not, see <http://www.gnu.org/licenses/>. #
>>> +# #
>>> +###############################################################################
>>> +
>>> +
>>> +###############################################################################
>>> +# Definitions
>>> +###############################################################################
>>> +
>>> +include Config
>>> +
>>> +VER = 0.2.2
>>> +
>>> +THISAPP = squid-asnbl-$(VER)
>>> +DL_FILE = $(THISAPP).tar.gz
>>> +DL_FROM = $(URL_IPFIRE)
>>> +
>>> +DIR_APP = $(DIR_SRC)/$(THISAPP)
>>> +
>>> +TARGET = $(DIR_INFO)/$(THISAPP)
>>> +
>>> +DEPS = libloc squid python3
>>> +
>>> +###############################################################################
>>> +# Top-level Rules
>>> +###############################################################################
>>> +
>>> +objects = $(DL_FILE)
>>> +
>>> +$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
>>> +
>>> +$(DL_FILE)_MD5 = d62be77baa30b16d1c2362460123d6c0
>>> +
>>> +install : $(TARGET)
>>> +
>>> +check : $(patsubst %,$(DIR_CHK)/%,$(objects))
>>> +
>>> +download :$(patsubst %,$(DIR_DL)/%,$(objects))
>>> +
>>> +md5 : $(subst %,%_MD5,$(objects))
>>> +
>>> +###############################################################################
>>> +# Downloading, checking, md5sum
>>> +###############################################################################
>>> +
>>> +$(patsubst %,$(DIR_CHK)/%,$(objects)) :
>>> + @$(CHECK)
>>> +
>>> +$(patsubst %,$(DIR_DL)/%,$(objects)) :
>>> + @$(LOAD)
>>> +
>>> +$(subst %,%_MD5,$(objects)) :
>>> + @$(MD5)
>>> +
>>> +###############################################################################
>>> +# Installation Details
>>> +###############################################################################
>>> +
>>> +$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
>>> + @$(PREBUILD)
>>> + @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zvxf $(DIR_DL)/$(DL_FILE)
>>> +
>>> + # Install ASNBL helper script
>>> + cd $(DIR_APP) && install -o root -g root -m 0755 asnbl-helper.py /usr/bin/asnbl-helper.py
>>> +
>>> + @rm -rf $(DIR_APP)
>>> + @$(POSTBUILD)
>>> diff --git a/make.sh b/make.sh
>>> index dabed5aa5..215e5c633 100755
>>> --- a/make.sh
>>> +++ b/make.sh
>>> @@ -1613,6 +1613,7 @@ buildipfire() {
>>> lfsmake2 socat
>>> lfsmake2 libcdada
>>> lfsmake2 pmacct
>>> + lfsmake2 squid-asnbl
>>> }
>>>
>>> buildinstaller() {
>>> --
>>> 2.26.2
>>
new file mode 100644
@@ -0,0 +1 @@
+usr/bin/asnbl-helper.py
new file mode 100644
@@ -0,0 +1,83 @@
+###############################################################################
+# #
+# IPFire.org - A linux based firewall #
+# Copyright (C) 2007-2021 IPFire Team <info@ipfire.org> #
+# #
+# This program is free software: you can redistribute it and/or modify #
+# it under the terms of the GNU General Public License as published by #
+# the Free Software Foundation, either version 3 of the License, or #
+# (at your option) any later version. #
+# #
+# This program is distributed in the hope that it will be useful, #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
+# GNU General Public License for more details. #
+# #
+# You should have received a copy of the GNU General Public License #
+# along with this program. If not, see <http://www.gnu.org/licenses/>. #
+# #
+###############################################################################
+
+
+###############################################################################
+# Definitions
+###############################################################################
+
+include Config
+
+VER = 0.2.2
+
+THISAPP = squid-asnbl-$(VER)
+DL_FILE = $(THISAPP).tar.gz
+DL_FROM = $(URL_IPFIRE)
+
+DIR_APP = $(DIR_SRC)/$(THISAPP)
+
+TARGET = $(DIR_INFO)/$(THISAPP)
+
+DEPS = libloc squid python3
+
+###############################################################################
+# Top-level Rules
+###############################################################################
+
+objects = $(DL_FILE)
+
+$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
+
+$(DL_FILE)_MD5 = d62be77baa30b16d1c2362460123d6c0
+
+install : $(TARGET)
+
+check : $(patsubst %,$(DIR_CHK)/%,$(objects))
+
+download :$(patsubst %,$(DIR_DL)/%,$(objects))
+
+md5 : $(subst %,%_MD5,$(objects))
+
+###############################################################################
+# Downloading, checking, md5sum
+###############################################################################
+
+$(patsubst %,$(DIR_CHK)/%,$(objects)) :
+ @$(CHECK)
+
+$(patsubst %,$(DIR_DL)/%,$(objects)) :
+ @$(LOAD)
+
+$(subst %,%_MD5,$(objects)) :
+ @$(MD5)
+
+###############################################################################
+# Installation Details
+###############################################################################
+
+$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
+ @$(PREBUILD)
+ @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zvxf $(DIR_DL)/$(DL_FILE)
+
+ # Install ASNBL helper script
+ cd $(DIR_APP) && install -o root -g root -m 0755 asnbl-helper.py /usr/bin/asnbl-helper.py
+
+ @rm -rf $(DIR_APP)
+ @$(POSTBUILD)
@@ -1613,6 +1613,7 @@ buildipfire() {
lfsmake2 socat
lfsmake2 libcdada
lfsmake2 pmacct
+ lfsmake2 squid-asnbl
}
buildinstaller() {