From patchwork Thu Jan 10 23:00:12 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Stefan Schantl X-Patchwork-Id: 2025 Return-Path: Received: from mail01.ipfire.org (unknown [172.28.1.200]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mail01.ipfire.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by web07.i.ipfire.org (Postfix) with ESMTPS id 0D4E885D3E7 for ; Thu, 10 Jan 2019 12:00:35 +0000 (GMT) Received: from mail01.i.ipfire.org (localhost [IPv6:::1]) by mail01.ipfire.org (Postfix) with ESMTP id 7101421A7C72; Thu, 10 Jan 2019 12:00:34 +0000 (GMT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=201801; t=1547121634; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version:content-type: content-transfer-encoding:content-transfer-encoding:in-reply-to: references:list-id:list-unsubscribe:list-subscribe:list-post; bh=yZj7Bopo1rQvdeFggxZ+266aRXO+APo8WTpwmhFxe6E=; b=f6KwgF1tC9fGGCVZ5GijImfyvdgKYaPv+lgCHiGHoT11EFXQ9R3cJUFKiadujlC3UKxM88 C2wjhI8iAFAdIyrx04guMWPMMmR37MvI1LFr8Y9mR1qhDpoRrkncPj4LeLGE+uel0VKp3m mweDki0o4Cpb+uQ00S4WIhaYw4pnocE5zr3khOYnWrh0HcB4DZsW8SlswIM7z50mrjkj26 5vuHClqSBosdV3gaI9qxu8qLfrslurVSOxR2Q1yKpdOKFPdcCX4XT+AOjVKARGtN4BvDCm MWK1wEpwk7MNbatD2J3ltxhWw9gNnrb+qjxhYvuK6/GGEZaiP1GOfq+JNfYlKQ== Received: from tuxedo.stevee (unknown [46.125.249.115]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mail01.ipfire.org (Postfix) with ESMTPSA id 40CAC21A7C72; Thu, 10 Jan 2019 12:00:32 +0000 (GMT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=201801; t=1547121632; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-transfer-encoding:content-transfer-encoding: in-reply-to:references; bh=yZj7Bopo1rQvdeFggxZ+266aRXO+APo8WTpwmhFxe6E=; b=GIdnLaZwmoRUrDMz2VtgCNK5G9qb5Oq+um4uE/4ir7OYfxPY9EF7yWj9F3g7xggHhiyQ1D nhGuIHdC1x8kbO+ycNLES5MbfatIh+UC+KNHtz0juhGzHLriZeOFSv7JpynAJK2JVZ7DbR SonEOeDI5v61hCWfOWmylcpev1xXvGtdewfzq14PySuB/gbjnlZsQNI2+LwnFNETdZefK7 EoIqpygr/ZObp8Bx4zvXZAL6qoeWgYSKOtyubfUI7D6dxXHf4TukO0cc8RMwJiniZ/zqar LfqKvvp0Md8oyaM0XSYIR0OxdUfyUc0rqnF6hBnQ+vLiyzbzEeNYOizF9pPYGw== From: Stefan Schantl To: development@lists.ipfire.org Subject: [PATCH 1/6] perl-Net-CIDR-Lite: New package. Date: Thu, 10 Jan 2019 13:00:12 +0100 Message-Id: <20190110120017.6595-1-stefan.schantl@ipfire.org> X-Mailer: git-send-email 2.19.1 MIME-Version: 1.0 X-Spam-Status: No, score=5.22 X-Rspamd-Server: mail01.i.ipfire.org Authentication-Results: mail01.ipfire.org; auth=pass smtp.auth=stevee smtp.mailfrom=stefan.schantl@ipfire.org X-Spamd-Result: default: False [5.22 / 11.00]; ARC_NA(0.00)[]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; R_MISSING_CHARSET(2.50)[]; MIME_GOOD(-0.10)[text/plain]; NEURAL_SPAM(0.32)[0.107,0]; BROKEN_CONTENT_TYPE(1.50)[]; DKIM_SIGNED(0.00)[]; RCPT_COUNT_TWO(0.00)[2]; MID_CONTAINS_FROM(1.00)[]; RCVD_COUNT_ZERO(0.00)[0]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:8412, ipnet:46.124.0.0/15, country:AT]; RCVD_TLS_ALL(0.00)[] X-Spam-Level: ***** X-BeenThere: development@lists.ipfire.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: IPFire development talk List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: development-bounces@lists.ipfire.org Sender: "Development" X-Spam: Yes This is a runtime dependency of the xt_geoip_build perl script shipped by xtables-addons in version 3.2. Reference #11960. Signed-off-by: Stefan Schantl --- config/rootfiles/common/perl-Net-CIDR-Lite | 6 ++ lfs/perl-Net-CIDR-Lite | 79 ++++++++++++++++++++++ make.sh | 1 + 3 files changed, 86 insertions(+) create mode 100644 config/rootfiles/common/perl-Net-CIDR-Lite create mode 100644 lfs/perl-Net-CIDR-Lite diff --git a/config/rootfiles/common/perl-Net-CIDR-Lite b/config/rootfiles/common/perl-Net-CIDR-Lite new file mode 100644 index 000000000..176afa3d2 --- /dev/null +++ b/config/rootfiles/common/perl-Net-CIDR-Lite @@ -0,0 +1,6 @@ +#usr/lib/perl5/site_perl/5.12.3/Net/CIDR +usr/lib/perl5/site_perl/5.12.3/Net/CIDR/Lite.pm +#usr/lib/perl5/site_perl/5.12.3/x86_64-linux-thread-multi/auto/Net/CIDR +#usr/lib/perl5/site_perl/5.12.3/x86_64-linux-thread-multi/auto/Net/CIDR/Lite +#usr/lib/perl5/site_perl/5.12.3/x86_64-linux-thread-multi/auto/Net/CIDR/Lite/.packlist +#usr/share/man/man3/Net::CIDR::Lite.3 diff --git a/lfs/perl-Net-CIDR-Lite b/lfs/perl-Net-CIDR-Lite new file mode 100644 index 000000000..66d989111 --- /dev/null +++ b/lfs/perl-Net-CIDR-Lite @@ -0,0 +1,79 @@ +############################################################################### +# # +# IPFire.org - A linux based firewall # +# Copyright (C) 2007-2018 IPFire Team # +# # +# This program is free software: you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation, either version 3 of the License, or # +# (at your option) any later version. # +# # +# This program is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with this program. If not, see . # +# # +############################################################################### + + +############################################################################### +# Definitions +############################################################################### +include Config +VER = 0.21 + +THISAPP = Net-CIDR-Lite-$(VER) +DL_FILE = ${THISAPP}.tar.gz +DL_FROM = $(URL_IPFIRE) +DIR_APP = $(DIR_SRC)/$(THISAPP) +TARGET = $(DIR_INFO)/$(THISAPP) + +############################################################################### +# Top-level Rules +############################################################################### + +objects = $(DL_FILE) + +$(DL_FILE) = $(DL_FROM)/$(DL_FILE) + +$(DL_FILE)_MD5 = 12280b3754886b876918f03f53aee4f5 + +install : $(TARGET) + +check : $(patsubst %,$(DIR_CHK)/%,$(objects)) + +download :$(patsubst %,$(DIR_DL)/%,$(objects)) + +md5 : $(subst %,%_MD5,$(objects)) + +dist: + @$(PAK) + +############################################################################### +# Downloading, checking, md5sum +############################################################################### + +$(patsubst %,$(DIR_CHK)/%,$(objects)) : + @$(CHECK) + +$(patsubst %,$(DIR_DL)/%,$(objects)) : + @$(LOAD) + +$(subst %,%_MD5,$(objects)) : + @$(MD5) + +############################################################################### +# Installation Details +############################################################################### + +$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) + @$(PREBUILD) + @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE) + cd $(DIR_APP) && perl Makefile.PL + cd $(DIR_APP) && make $(MAKETUNING) $(EXTRA_MAKE) + cd $(DIR_APP) && make install + @rm -rf $(DIR_APP) + @$(POSTBUILD) diff --git a/make.sh b/make.sh index fd626a999..601f1675b 100755 --- a/make.sh +++ b/make.sh @@ -1434,6 +1434,7 @@ buildipfire() { lfsmake2 mpd lfsmake2 libmpdclient lfsmake2 mpc + lfsmake2 perl-Net-CIDR-Lite lfsmake2 perl-Net-SMTP-SSL lfsmake2 perl-MIME-Base64 lfsmake2 perl-Authen-SASL From patchwork Thu Jan 10 23:00:13 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Stefan Schantl X-Patchwork-Id: 2026 Return-Path: Received: from mail01.ipfire.org (unknown [172.28.1.200]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mail01.ipfire.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by web07.i.ipfire.org (Postfix) with ESMTPS id 5DA7785D3E7 for ; Thu, 10 Jan 2019 12:00:38 +0000 (GMT) Received: from mail01.i.ipfire.org (localhost [IPv6:::1]) by mail01.ipfire.org (Postfix) with ESMTP id F29BB2199082; Thu, 10 Jan 2019 12:00:37 +0000 (GMT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=201801; t=1547121638; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id: list-unsubscribe:list-subscribe:list-post; bh=bFEu1pmHUAdz/1LaYPVWpRnSEzFz+VIEQSAf5h2U+Lw=; b=SSwnToAm/Me0pDwtPrdr26zU2ljQEFAl0tGLjql91XwsOHOauWPP5a2zEy2XVUfYhy5ZUg Mrh2SDC+RmrM2rqRhDMvkBJ+4NbFprF5UMh56znTNLuO6Ao2c9jGQ5cTYn9tg4IzfNaNps N9TxyAuU8A6QTNlmBMYb2ipl4OB4t+BSnMFgPaBFMnmsdXbBoeiFCvyYQhWotDA58UEhKq WswlvHOX3ae8P+4wRU/r+MImh7Y7HGodq2Xfr1KxKvg0vNblr8794VWqaqCyKd0baWedtj lximMotZJRNVSrT/CVo/YTV73g1FuYGzAi4ljIBd+ufuXPPMS0RZeofyVJRJng== Received: from tuxedo.stevee (unknown [46.125.249.115]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mail01.ipfire.org (Postfix) with ESMTPSA id ABA2821A7C75; Thu, 10 Jan 2019 12:00:34 +0000 (GMT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=201801; t=1547121634; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=bFEu1pmHUAdz/1LaYPVWpRnSEzFz+VIEQSAf5h2U+Lw=; b=PRM5jjglcLPWILOVicf0V4nXvf9ObnwOzXw8m9njEkbF0+75HxusTBFd02LCxpf2unVWxR 6yXEomUxOFtBrmT6WEhdJcUljGU/A93ltk8WHgIEQoPPaou5Xhqvr4wjqc1o64nkOvK85N jovzN+ER3Vf/4w2oxcZv2BVjLvC+oIYpSh8gA5LYbX2E0In6xyfl+6sPyV+9GxZP103nAp x0+ERT+1dc4SEJ4wqUuL/4MQq7s2DFZxRZ+vkp5IovmVVWVM9W688m6wAxy6Qjt1y/bba+ x+1dHa9Ub2At07IItuFe2aGPy6r65tDk1OSN/Dv71S0swp/XR/7GBaN4QWG/tQ== From: Stefan Schantl To: development@lists.ipfire.org Subject: [PATCH 2/6] xtables-addons: Update to 3.2 Date: Thu, 10 Jan 2019 13:00:13 +0100 Message-Id: <20190110120017.6595-2-stefan.schantl@ipfire.org> X-Mailer: git-send-email 2.19.1 In-Reply-To: <20190110120017.6595-1-stefan.schantl@ipfire.org> References: <20190110120017.6595-1-stefan.schantl@ipfire.org> MIME-Version: 1.0 Authentication-Results: mail01.ipfire.org; auth=pass smtp.auth=stevee smtp.mailfrom=stefan.schantl@ipfire.org X-Spamd-Result: default: False [-1.93 / 11.00]; ARC_NA(0.00)[]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; R_MISSING_CHARSET(2.50)[]; MIME_GOOD(-0.10)[text/plain]; REPLY(-4.00)[]; BROKEN_CONTENT_TYPE(1.50)[]; DKIM_SIGNED(0.00)[]; RCPT_COUNT_TWO(0.00)[2]; MID_CONTAINS_FROM(1.00)[]; NEURAL_HAM(-2.83)[-0.944,0]; RCVD_COUNT_ZERO(0.00)[0]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:8412, ipnet:46.124.0.0/15, country:AT]; RCVD_TLS_ALL(0.00)[] X-Spam-Status: No, score=-1.93 X-Rspamd-Server: mail01.i.ipfire.org X-BeenThere: development@lists.ipfire.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: IPFire development talk List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: development-bounces@lists.ipfire.org Sender: "Development" Reference #11959 Signed-off-by: Stefan Schantl --- lfs/xtables-addons | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lfs/xtables-addons b/lfs/xtables-addons index af2784c1a..a8aba7455 100644 --- a/lfs/xtables-addons +++ b/lfs/xtables-addons @@ -27,7 +27,7 @@ include Config VERSUFIX = ipfire$(KCFG) MODPATH = /lib/modules/$(KVER)-$(VERSUFIX)/extra/ -VER = 2.13 +VER = 3.2 THISAPP = xtables-addons-$(VER) DL_FILE = $(THISAPP).tar.xz @@ -48,7 +48,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_MD5 = be20b0b9c4b001b364431a836e361d33 +$(DL_FILE)_MD5 = 80ea89ba8d5a001a8d71c7f05b2f0141 install : $(TARGET) From patchwork Thu Jan 10 23:00:14 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Stefan Schantl X-Patchwork-Id: 2027 Return-Path: Received: from mail01.ipfire.org (unknown [172.28.1.200]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mail01.ipfire.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by web07.i.ipfire.org (Postfix) with ESMTPS id C10D585D3E7 for ; Thu, 10 Jan 2019 12:00:41 +0000 (GMT) Received: from mail01.i.ipfire.org (localhost [IPv6:::1]) by mail01.ipfire.org (Postfix) with ESMTP id 551F3219908E; Thu, 10 Jan 2019 12:00:41 +0000 (GMT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=201801; t=1547121641; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id: list-unsubscribe:list-subscribe:list-post; bh=Pc68SM4TGYc8iU3i8x6L+avpSMujcvGWSs2KQHZP2qM=; b=UFHfa2R37VGd4EmZ0A/qO9eaD0i2TFWLIyBOmQE1G2QiW3+LBYkuNmw9dZbFgemegQJ0W4 R28/Q8PLTZrT4w9weRl9vhnCqnl0f5GtC+qPspscDFYGcpqJFxfrTTIyzBb/M6w32eGZBl w0zFjYG5Ia4GmOWCxIf4W8zODyPIO/8BnwqdgxFtTxLQXg4IZf5kMggdMILngnevDwB+Zf xry64kTveNMQUJ/FeonJhzze9w5kBVkU1o+ENIa/Khl2zEs+Zs+WilP7pVu5jOt3sNWS3S SwD3QIczM63bPSJN5gIHAd8TyRRY5z4mQjd2pfmRSzp1P77azg8QHNUZ/2RY/w== Received: from tuxedo.stevee (unknown [46.125.249.115]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mail01.ipfire.org (Postfix) with ESMTPSA id 3093E21A7C7B; Thu, 10 Jan 2019 12:00:35 +0000 (GMT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=201801; t=1547121635; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=Pc68SM4TGYc8iU3i8x6L+avpSMujcvGWSs2KQHZP2qM=; b=z3/TCklOnj0V6aooGlUJP2kvf8TrictVx6WcSYc8yH3LdHNjZxmOJE5+mrT1+5hepI5Qg8 ZNjAEyRcHEW1WM4EmfLxYYwCg8Aq6gTJIzLQeHeclaCyJ5R+wczZA78MoMsquSjuMPJO+t 7ZI1Sg3LzCzgWC6Hfofxq4d+3p93d762zBn9TabBfQHhfte+8pt2ZZ4x0oe6PzgPpJK32+ xI24Cej7wtFUC6gzV39L8A5LTDghZytw4j49OduiGzwAAQ4a/gf9azA7/HkYTkv7e4Nr2h ooiwjBPfTxydMQRkgl59VZLOVuNrLl5T2uQ5dun7J2YlyexlxFrK7muw+euSog== From: Stefan Schantl To: development@lists.ipfire.org Subject: [PATCH 3/6] xtables-addons: Use shipped xt_geoip_build Date: Thu, 10 Jan 2019 13:00:14 +0100 Message-Id: <20190110120017.6595-3-stefan.schantl@ipfire.org> X-Mailer: git-send-email 2.19.1 In-Reply-To: <20190110120017.6595-1-stefan.schantl@ipfire.org> References: <20190110120017.6595-1-stefan.schantl@ipfire.org> MIME-Version: 1.0 Authentication-Results: mail01.ipfire.org; auth=pass smtp.auth=stevee smtp.mailfrom=stefan.schantl@ipfire.org X-Spamd-Result: default: False [-9.09 / 11.00]; ARC_NA(0.00)[]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MIME_GOOD(-0.10)[text/plain]; REPLY(-4.00)[]; DKIM_SIGNED(0.00)[]; RCPT_COUNT_TWO(0.00)[2]; MID_CONTAINS_FROM(1.00)[]; NEURAL_HAM(-2.99)[-0.995,0]; RCVD_COUNT_ZERO(0.00)[0]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:8412, ipnet:46.124.0.0/15, country:AT]; RCVD_TLS_ALL(0.00)[]; BAYES_HAM(-3.00)[100.00%] X-Spam-Status: No, score=-9.09 X-Rspamd-Server: mail01.i.ipfire.org X-BeenThere: development@lists.ipfire.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: IPFire development talk List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: development-bounces@lists.ipfire.org Sender: "Development" Use the shipped xt_geoip_build directly instead of holding a copy in our GIT. Reference #11959 Signed-off-by: Stefan Schantl --- lfs/xtables-addons | 4 ++ src/scripts/xt_geoip_build | 89 -------------------------------------- 2 files changed, 4 insertions(+), 89 deletions(-) delete mode 100644 src/scripts/xt_geoip_build diff --git a/lfs/xtables-addons b/lfs/xtables-addons index a8aba7455..da67aa761 100644 --- a/lfs/xtables-addons +++ b/lfs/xtables-addons @@ -94,6 +94,10 @@ ifeq "$(USPACE)" "1" cd $(DIR_APP) && make $(MAKETUNING) cd $(DIR_APP) && make install + + # Install xt_geoip_build. + cd $(DIR_APP) && install -m 755 GeoIP/xt_geoip_build \ + /usr/local/bin/ else cd $(DIR_APP) && ./configure \ --with-kbuild=/usr/src/linux-$(KVER)/ diff --git a/src/scripts/xt_geoip_build b/src/scripts/xt_geoip_build deleted file mode 100644 index 202156f13..000000000 --- a/src/scripts/xt_geoip_build +++ /dev/null @@ -1,89 +0,0 @@ -#!/usr/bin/perl -# -# Converter for MaxMind CSV database to binary, for xt_geoip -# Copyright © Jan Engelhardt, 2008-2011 -# -use Getopt::Long; -use IO::Handle; -use Text::CSV_XS; # or trade for Text::CSV -use strict; - -my $csv = Text::CSV_XS->new({ - allow_whitespace => 1, - binary => 1, - eol => $/, -}); # or Text::CSV -my $target_dir = "."; - -&Getopt::Long::Configure(qw(bundling)); -&GetOptions( - "D=s" => \$target_dir, -); - -if (!-d $target_dir) { - print STDERR "Target directory $target_dir does not exist.\n"; - exit 1; -} - -my $dir = "$target_dir/LE"; -if (!-e $dir && !mkdir($dir)) { - print STDERR "Could not mkdir $dir: $!\n"; - exit 1; -} - -&dump(&collect()); - -sub collect -{ - my %country; - - while (my $row = $csv->getline(*ARGV)) { - if (!defined($country{$row->[4]})) { - $country{$row->[4]} = { - name => $row->[5], - pool_v4 => [], - pool_v6 => [], - }; - } - my $c = $country{$row->[4]}; - - push(@{$c->{pool_v4}}, [$row->[2], $row->[3]]); - - if ($. % 4096 == 0) { - print STDERR "\r\e[2K$. entries"; - } - } - - print STDERR "\r\e[2K$. entries total\n"; - return \%country; -} - -sub dump -{ - my $country = shift @_; - - foreach my $iso_code (sort keys %$country) { - &dump_one($iso_code, $country->{$iso_code}); - } -} - -sub dump_one -{ - my($iso_code, $country) = @_; - my($file, $fh_le, $fh_be); - - printf "%5u IPv4 ranges for %s %s\n", - scalar(@{$country->{pool_v4}}), - $iso_code, $country->{name}; - - $file = "$target_dir/LE/".uc($iso_code).".iv4"; - if (!open($fh_le, "> $file")) { - print STDERR "Error opening $file: $!\n"; - exit 1; - } - foreach my $range (@{$country->{pool_v4}}) { - print $fh_le pack("VV", $range->[0], $range->[1]); - #print $fh_be pack("NN", $range->[0], $range->[1]); - } - close $fh_le; -} From patchwork Thu Jan 10 23:00:15 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Stefan Schantl X-Patchwork-Id: 2028 Return-Path: Received: from mail01.ipfire.org (unknown [172.28.1.200]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mail01.ipfire.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by web07.i.ipfire.org (Postfix) with ESMTPS id 4D28885D3E7 for ; Thu, 10 Jan 2019 12:00:45 +0000 (GMT) Received: from mail01.i.ipfire.org (localhost [IPv6:::1]) by mail01.ipfire.org (Postfix) with ESMTP id D8C522199080; Thu, 10 Jan 2019 12:00:44 +0000 (GMT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=201801; t=1547121645; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id: list-unsubscribe:list-subscribe:list-post; bh=giFGVkf9pakn5hHAhiix0sPLF6Y2qEyaO6yx3Di45Ss=; b=DyjncVjg2LfE3IoxThQiiganya4Iharmew7l1dbwZZNDg/UKYcVqb8ZQADnRt1W+ka9eqy /ZfIivlFlrbLbw3o3uNMDuui7rNYcsqfLQIdoGQmi8WQqgLeuIC/tquqwORQDmX5X+U+Ce iZkHey96HCG0ygF2lLjTY0tTow2MPbzLs4Zc+W7yrqemp4wT6vqc+xTTy6CqaeA0rXL1HX GTNEqyMxn6jyg6BdhLIVseCI2ms9Yk2EzElidgvEEd1oQwIfhijz00sIvvwBeCo0lNwAuS sE5A8N0vG1knsEprvylWd7efjy9ihu8AFD9afPtEneHxSIwnEDmiXTgncCTaJg== Received: from tuxedo.stevee (unknown [46.125.249.115]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mail01.ipfire.org (Postfix) with ESMTPSA id AE4FB21A7C7E; Thu, 10 Jan 2019 12:00:35 +0000 (GMT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=201801; t=1547121635; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=giFGVkf9pakn5hHAhiix0sPLF6Y2qEyaO6yx3Di45Ss=; b=X9fut7jMpDv53yMUl3nUIOSHj9768I+0DM8G7WN4OWQs/SMZU3qKcejEakEMZAvGDH4Bx7 vgdwBJp3LKS8OVTrALQeYgKCfTOy3yRkipQHhQzXJEmEMt78jQKOu1q/TIGqE6epqEapUB nTkTD3FrORsfgOphuu4ap9nIyfshVcdjhALAOKlYAYfceSW/5K+3/YmV/8k9mZZzpebLrE nRTC7qlNwdd3+zPWTLyPdmkzH9bgujB2a6FE8OF9G/xXNiU2DX8uuFGBM0CWd6sANbGtFb y81uKTSnELGN6BZveNMVkRciC48H+ZKkJKfFz3bBzF8223h3IoIOx6xOPNfe/w== From: Stefan Schantl To: development@lists.ipfire.org Subject: [PATCH 4/6] xt_geoip_update: Adjust script to download and use the GeoLite2 database Date: Thu, 10 Jan 2019 13:00:15 +0100 Message-Id: <20190110120017.6595-4-stefan.schantl@ipfire.org> X-Mailer: git-send-email 2.19.1 In-Reply-To: <20190110120017.6595-1-stefan.schantl@ipfire.org> References: <20190110120017.6595-1-stefan.schantl@ipfire.org> MIME-Version: 1.0 Authentication-Results: mail01.ipfire.org; auth=pass smtp.auth=stevee smtp.mailfrom=stefan.schantl@ipfire.org X-Spamd-Result: default: False [-1.95 / 11.00]; ARC_NA(0.00)[]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; R_MISSING_CHARSET(2.50)[]; MIME_GOOD(-0.10)[text/plain]; REPLY(-4.00)[]; BROKEN_CONTENT_TYPE(1.50)[]; DKIM_SIGNED(0.00)[]; RCPT_COUNT_TWO(0.00)[2]; MID_CONTAINS_FROM(1.00)[]; NEURAL_HAM(-2.85)[-0.950,0]; RCVD_COUNT_ZERO(0.00)[0]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:8412, ipnet:46.124.0.0/15, country:AT]; RCVD_TLS_ALL(0.00)[] X-Spam-Status: No, score=-1.95 X-Rspamd-Server: mail01.i.ipfire.org X-BeenThere: development@lists.ipfire.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: IPFire development talk List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: development-bounces@lists.ipfire.org Sender: "Development" Fixes #11961. Signed-off-by: Stefan Schantl --- src/scripts/xt_geoip_update | 63 ++++++++++++++++--------------------- 1 file changed, 27 insertions(+), 36 deletions(-) diff --git a/src/scripts/xt_geoip_update b/src/scripts/xt_geoip_update index 0aea4d03e..73484c7a0 100644 --- a/src/scripts/xt_geoip_update +++ b/src/scripts/xt_geoip_update @@ -24,13 +24,10 @@ TMP_FILE=$(mktemp -p $TMP_PATH) SCRIPT_PATH=/usr/local/bin DEST_PATH=/usr/share/xt_geoip +DB_PATH=/var/lib/GeoIP -DL_URL=https://geolite.maxmind.com/download/geoip/database -DL_FILE=GeoIPCountryCSV.zip - -CSV_FILE=GeoIPCountryWhois.csv - -ARCH=LE +DL_URL=http://geolite.maxmind.com/download/geoip/database/ +DL_FILE=GeoLite2-Country-CSV.zip eval $(/usr/local/bin/readhash /var/ipfire/proxy/settings) @@ -57,42 +54,41 @@ function download() { # Get the latest GeoIP database from server. wget $DL_URL/$DL_FILE $PROXYSETTINGS -O $TMP_FILE - # Extract files. + # Extract files to database path. unzip $TMP_FILE -d $TMP_PATH return 0 } -function build() { - echo "Convert database..." +function install() { + echo "Install CSV database..." - # Check if the csv file exists. - if [ ! -e $TMP_PATH/$CSV_FILE ]; then - echo "$TMP_PATH/$CSV_FILE not found. Exiting." - return 1 + # Check if the database dir exists. + if [ ! -e "$DB_PATH" ]; then + mkdir -p $DB_PATH &>/dev/null fi - # Run script to convert the CSV file into several xtables - # compatible binary files. - if ! $SCRIPT_PATH/xt_geoip_build $TMP_PATH/$CSV_FILE -D $TMP_PATH; then - echo "Could not convert ruleset. Aborting." >&2 + # Check if the directory for binary databases exists. + if [ ! -e "$DEST_PATH" ]; then + mkdir -p $DEST_PATH &>/dev/null + fi + + # Install CSV databases. + if ! cp -af $TMP_PATH/*/* $DB_PATH &>/dev/null; then + echo "Could not copy files. Aborting." >&2 return 1 fi return 0 } -function install() { - echo "Install databases..." - - # Check if our destination exist. - if [ ! -e "$DEST_PATH" ]; then - mkdir -p $DEST_PATH &>/dev/null - fi +function build() { + echo "Convert database..." - # Install databases. - if ! cp -af $TMP_PATH/$ARCH $DEST_PATH &>/dev/null; then - echo "Could not copy files. Aborting." >&2 + # Run script to convert the CSV file into several xtables + # compatible binary files. + if ! $SCRIPT_PATH/xt_geoip_build -S $DB_PATH -D $DEST_PATH; then + echo "Could not convert ruleset. Aborting." >&2 return 1 fi @@ -113,23 +109,18 @@ function main() { # Download ruleset. download || exit $? - # Convert the ruleset. - if ! build; then - # Do cleanup. - cleanup || exit $? - exit 1 - fi - - # Install the converted ruleset. if ! install; then # Do cleanup. cleanup || exit $? exit 1 fi - # Finaly remove temporary files. + # Remove temporary files. cleanup || exit $? + # Convert the ruleset. + build || exit $? + return 0 } From patchwork Thu Jan 10 23:00:16 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Stefan Schantl X-Patchwork-Id: 2029 Return-Path: Received: from mail01.ipfire.org (unknown [172.28.1.200]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mail01.ipfire.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by web07.i.ipfire.org (Postfix) with ESMTPS id A074D85D3E7 for ; Thu, 10 Jan 2019 12:00:48 +0000 (GMT) Received: from mail01.i.ipfire.org (localhost [IPv6:::1]) by mail01.ipfire.org (Postfix) with ESMTP id 3819D219909C; Thu, 10 Jan 2019 12:00:48 +0000 (GMT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=201801; t=1547121648; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id: list-unsubscribe:list-subscribe:list-post; bh=u5QXYZ1QBM3v4qnF7x7LIkyJ1HYi27IbjjwvAY5REsc=; b=LM4WaX71iGR0ydcl2Pwx0VugIpnHwlLMa1i3ES1h8rIxS44SD6iHpolvzQH+5MHj24gMiY Yn2QBS4i7bIuyZ906OlfUsKSeVJcDEHIJCNnA+PjQUctEPuqRb/HTRAwEU574D6NJKQJ1C gO5/w+gDRx9C3TSlh6Wi+u0+LgFz+EhSJOmvuA3rmdTaoUwO0P79zIzFZbsBFWbWPJQ3Eq Z7iSHrlnPniZHpgjEh32MAL0LQYI+CUf0zS8NWs0EZ5qSnlX2GyTJPVdi2S2Yq8RMJTitQ 8gJXiajZd7eulo1xRX0Pqw1Batl52El552Vzlkt8b9a7Lr1g+un2INiaK14lJg== Received: from tuxedo.stevee (unknown [46.125.249.115]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mail01.ipfire.org (Postfix) with ESMTPSA id 39D7E221C72B; Thu, 10 Jan 2019 12:00:36 +0000 (GMT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=201801; t=1547121636; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=u5QXYZ1QBM3v4qnF7x7LIkyJ1HYi27IbjjwvAY5REsc=; b=BRPTPhYq3Xb42I0nzGAwUmfzP8eWLhkC8jlgoKN6xyvaXE2Oq5exm2lCGQZl38hNu1+5JX nJRYSwBaQ3nlv6BajxPF09hVnJdFq3mPz6GDstLgpn3to4JiY2nMVpKpoDnv2BmbKrAS0K LQV19QVcv+BxSCxqiUEfS3yODhTw77oTTmy9TbkTgeDMUacZXtXwtGkRkfNVrrSerRGSP9 Jpe1nhtPo2/pbvN6sES45y1Pbi13bDSPUOuqoKmHjW2mmlE3PZ99vERUWuUXTvBk0KGbQS gvtpNptNPySqUI0PoBaSaUw2K62GVA4LNF5GhXfJmqLHeIGDCn6c5451qwkdIQ== From: Stefan Schantl To: development@lists.ipfire.org Subject: [PATCH 5/6] GeoIP: Drop legacy GeoIP perl module. Date: Thu, 10 Jan 2019 13:00:16 +0100 Message-Id: <20190110120017.6595-5-stefan.schantl@ipfire.org> X-Mailer: git-send-email 2.19.1 In-Reply-To: <20190110120017.6595-1-stefan.schantl@ipfire.org> References: <20190110120017.6595-1-stefan.schantl@ipfire.org> MIME-Version: 1.0 Authentication-Results: mail01.ipfire.org; auth=pass smtp.auth=stevee smtp.mailfrom=stefan.schantl@ipfire.org X-Spamd-Result: default: False [-3.98 / 11.00]; ARC_NA(0.00)[]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; R_MISSING_CHARSET(2.50)[]; MIME_GOOD(-0.10)[text/plain]; REPLY(-4.00)[]; BROKEN_CONTENT_TYPE(1.50)[]; DKIM_SIGNED(0.00)[]; RCPT_COUNT_TWO(0.00)[2]; MID_CONTAINS_FROM(1.00)[]; NEURAL_HAM(-2.86)[-0.955,0]; RCVD_COUNT_ZERO(0.00)[0]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:8412, ipnet:46.124.0.0/15, country:AT]; RCVD_TLS_ALL(0.00)[]; BAYES_HAM(-2.01)[95.13%] X-Spam-Status: No, score=-3.98 X-Rspamd-Server: mail01.i.ipfire.org X-BeenThere: development@lists.ipfire.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: IPFire development talk List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: development-bounces@lists.ipfire.org Sender: "Development" The legacy GeoIP perl module cannot handle the new GeoLite2 databases provided from maxmind and therefore needs to be dropped. Reference #11960 Signed-off-by: Stefan Schantl --- config/rootfiles/common/GeoIP | 12 ----- lfs/GeoIP | 84 ----------------------------------- make.sh | 1 - 3 files changed, 97 deletions(-) delete mode 100644 config/rootfiles/common/GeoIP delete mode 100644 lfs/GeoIP diff --git a/config/rootfiles/common/GeoIP b/config/rootfiles/common/GeoIP deleted file mode 100644 index d76ba645e..000000000 --- a/config/rootfiles/common/GeoIP +++ /dev/null @@ -1,12 +0,0 @@ -#usr/bin/geoip-lookup -#usr/lib/perl5/site_perl/5.12.3/Geo -#usr/lib/perl5/site_perl/5.12.3/Geo/IP -usr/lib/perl5/site_perl/5.12.3/Geo/IP/PurePerl.pm -#usr/lib/perl5/site_perl/5.12.3/MACHINE-linux-thread-multi/auto/Geo -#usr/lib/perl5/site_perl/5.12.3/MACHINE-linux-thread-multi/auto/Geo/IP -#usr/lib/perl5/site_perl/5.12.3/MACHINE-linux-thread-multi/auto/Geo/IP/PurePerl -#usr/lib/perl5/site_perl/5.12.3/MACHINE-linux-thread-multi/auto/Geo/IP/PurePerl/.packlist -#usr/share/GeoIP -usr/share/GeoIP/GeoIP.dat -#usr/share/man/man1/geoip-lookup.1 -#usr/share/man/man3/Geo::IP::PurePerl.3 diff --git a/lfs/GeoIP b/lfs/GeoIP deleted file mode 100644 index ce758d8a5..000000000 --- a/lfs/GeoIP +++ /dev/null @@ -1,84 +0,0 @@ -############################################################################### -# # -# IPFire.org - A linux based firewall # -# Copyright (C) 2007-2018 IPFire Team # -# # -# This program is free software: you can redistribute it and/or modify # -# it under the terms of the GNU General Public License as published by # -# the Free Software Foundation, either version 3 of the License, or # -# (at your option) any later version. # -# # -# This program is distributed in the hope that it will be useful, # -# but WITHOUT ANY WARRANTY; without even the implied warranty of # -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # -# GNU General Public License for more details. # -# # -# You should have received a copy of the GNU General Public License # -# along with this program. If not, see . # -# # -############################################################################### - -############################################################################### -# Definitions -############################################################################### - -include Config - -VER = 1.25 -DATVER = 30062018 - -THISAPP = Geo-IP-PurePerl-$(VER) -DL_FILE = $(THISAPP).tar.gz -DL_FROM = $(URL_IPFIRE) -DIR_APP = $(DIR_SRC)/$(THISAPP) -TARGET = $(DIR_INFO)/$(THISAPP) - -############################################################################### -# Top-level Rules -############################################################################### - -objects = $(DL_FILE) GeoIP.dat-$(DATVER).gz - -$(DL_FILE) = $(DL_FROM)/$(DL_FILE) -GeoIP.dat-$(DATVER).gz = $(DL_FROM)/GeoIP.dat-$(DATVER).gz - -$(DL_FILE)_MD5 = a47a1b71f7cd7c46cca9efcc448e0726 -GeoIP.dat-$(DATVER).gz_MD5 = d538e57ad9268fdc7955c6cf9a37c4a9 - -install : $(TARGET) - -check : $(patsubst %,$(DIR_CHK)/%,$(objects)) - -download :$(patsubst %,$(DIR_DL)/%,$(objects)) - -md5 : $(subst %,%_MD5,$(objects)) - -############################################################################### -# Downloading, checking, md5sum -############################################################################### - -$(patsubst %,$(DIR_CHK)/%,$(objects)) : - @$(CHECK) - -$(patsubst %,$(DIR_DL)/%,$(objects)) : - @$(LOAD) - -$(subst %,%_MD5,$(objects)) : - @$(MD5) - -############################################################################### -# Installation Details -############################################################################### - -$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) - @$(PREBUILD) - @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE) - cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/geoip_1_25_change_database_path.patch - cd $(DIR_APP) && perl Makefile.PL - cd $(DIR_APP) && make $(MAKETUNING) $(EXTRA_MAKE) - cd $(DIR_APP) && make install - cd $(DIR_APP) && mkdir -p /usr/share/GeoIP && \ - zcat $(DIR_DL)/GeoIP.dat-$(DATVER).gz > /usr/share/GeoIP/GeoIP.dat - cd $(DIR_APP) && chmod 777 /srv/web/ipfire/html/images/flags - @rm -rf $(DIR_APP) - @$(POSTBUILD) diff --git a/make.sh b/make.sh index 601f1675b..1d9163dce 100755 --- a/make.sh +++ b/make.sh @@ -1305,7 +1305,6 @@ buildipfire() { lfsmake2 python-daemon lfsmake2 python-ipaddress lfsmake2 glib - lfsmake2 GeoIP lfsmake2 ntp lfsmake2 openssh lfsmake2 fontconfig From patchwork Thu Jan 10 23:00:17 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Stefan Schantl X-Patchwork-Id: 2030 Return-Path: Received: from mail01.ipfire.org (unknown [172.28.1.200]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mail01.ipfire.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by web07.i.ipfire.org (Postfix) with ESMTPS id D76A185D3E7 for ; Thu, 10 Jan 2019 12:00:51 +0000 (GMT) Received: from mail01.i.ipfire.org (localhost [IPv6:::1]) by mail01.ipfire.org (Postfix) with ESMTP id 7485A21990A2; Thu, 10 Jan 2019 12:00:51 +0000 (GMT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=201801; t=1547121651; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id: list-unsubscribe:list-subscribe:list-post; bh=FUVfkxbdodDTDwmTBRNQlVbCSW2Z0N1Fr/af34Ld/uQ=; b=ZM1WgHmxfeSLE69U65JK9ol5XEXUlQBbTAUqYlsXk0ug95CLMuWdP4kVP+s2ElUxGOq6qQ tET0jiTOEqseeAwKp4yrVkZbYG0jK6lzWCUkvGez+t75ITuPsw2zaKe4upU5ysoMDf+7Dn ebiSkvydRuooYjgpHPM/WFGuJs2/mlxPMeoyyIx3gPsGX00qmOSNL678prbyahyhfJlgHt fHT5kUmhdsOJsMFWNWt7pz8DFymG7wjg3YQ1tvkt+oQSwYPlZqv1MJFGQGJ2EAWtsNkJ6j GGLAW0Vr9vPGe+s0N5GrzsC88zyDGsEoUKUuiA9qZxuByLU/LzirxcDUPon5gQ== Received: from tuxedo.stevee (unknown [46.125.249.115]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mail01.ipfire.org (Postfix) with ESMTPSA id B655821A7C7E; Thu, 10 Jan 2019 12:00:36 +0000 (GMT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=201801; t=1547121636; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=FUVfkxbdodDTDwmTBRNQlVbCSW2Z0N1Fr/af34Ld/uQ=; b=EsF2MFXd91y46AkqgAK/Vf6L56ejG8WKK3cadbZ0CwdNIp/GLGgx+DuHf2HYyXm+E+Y7a5 Oy3CHfkdU3ZMFe7cOjaGFTGG6BGMbVfreaGQXWx9Yi+C1XF+5wk/FHNGHvrAoE6AVMDsR6 0SGGk964nIUa0glEOvLr5UJrWSGbdWpwSkyP8ffamQEKq0QGMbKAr/g8/uaOsJ6+2ggSpb laDf7j55yus/NL0UoW7zod5cTjc4l93B4pesKGeciyHS2GCaTW/+/T+K7eW6txfAzXgwED ENgCfWgQ8i0kJcH8MDpqGwZeO0yqEtra41BrlKJhyKXeu5bGGwH/TRuC6ugVRg== From: Stefan Schantl To: development@lists.ipfire.org Subject: [PATCH 6/6] geoip-functions.pl: Re-write code to lookup the iso country code of a given IP-address. Date: Thu, 10 Jan 2019 13:00:17 +0100 Message-Id: <20190110120017.6595-6-stefan.schantl@ipfire.org> X-Mailer: git-send-email 2.19.1 In-Reply-To: <20190110120017.6595-1-stefan.schantl@ipfire.org> References: <20190110120017.6595-1-stefan.schantl@ipfire.org> MIME-Version: 1.0 Authentication-Results: mail01.ipfire.org; auth=pass smtp.auth=stevee smtp.mailfrom=stefan.schantl@ipfire.org X-Spamd-Result: default: False [-4.95 / 11.00]; ARC_NA(0.00)[]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; R_MISSING_CHARSET(2.50)[]; MIME_GOOD(-0.10)[text/plain]; REPLY(-4.00)[]; BROKEN_CONTENT_TYPE(1.50)[]; DKIM_SIGNED(0.00)[]; RCPT_COUNT_TWO(0.00)[2]; MID_CONTAINS_FROM(1.00)[]; NEURAL_HAM(-2.86)[-0.955,0]; RCVD_COUNT_ZERO(0.00)[0]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:8412, ipnet:46.124.0.0/15, country:AT]; RCVD_TLS_ALL(0.00)[]; BAYES_HAM(-2.98)[99.94%] X-Spam-Status: No, score=-4.95 X-Rspamd-Server: mail01.i.ipfire.org X-BeenThere: development@lists.ipfire.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: IPFire development talk List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: development-bounces@lists.ipfire.org Sender: "Development" Drop the usage of the old legacy GeoIP perl module which was not able to handle the new GeoLite2 databases. Write some code to directly access the databases and extract the required data. Usage of the GeoIP2 perl module would provide a lot of more functionality which is not used/needed. Unfortunately ir requires at lot of additional perl modules which are not available on IPFire and would only be build and shipped for this module. Buildig all of them will slow down the entire build process, mess up the system and requires a lot more space on disk. Fixes #11962. Signed-off-by: Stefan Schantl --- config/cfgroot/geoip-functions.pl | 75 ++++++++++++++++++++++++++++--- 1 file changed, 68 insertions(+), 7 deletions(-) diff --git a/config/cfgroot/geoip-functions.pl b/config/cfgroot/geoip-functions.pl index be50d5e14..e8ce8377f 100644 --- a/config/cfgroot/geoip-functions.pl +++ b/config/cfgroot/geoip-functions.pl @@ -23,21 +23,82 @@ package GeoIP; -use Geo::IP::PurePerl; +require '/var/ipfire/network-functions.pl'; + use Locale::Codes::Country; -my $database; +# Path where all the GeoIP related databases are stored. +my $geoip_database_dir = "/var/lib/GeoIP"; + +# Database which contains all IPv4 networks. +my $address_ipv4_database = "GeoLite2-Country-Blocks-IPv4.csv"; + +# Database wich contains the locations data. +my $location_database = "GeoLite2-Country-Locations-en.csv"; sub lookup($) { my $address = shift; + my $location_id; + my $country_code; + + # Check if the given address is valid. + unless(&Network::check_ip_address($address)) { + return; + } + + # Open the address database. + open(ADDRESS, "$geoip_database_dir/$address_ipv4_database") or die "Could not open $geoip_database_dir/$address_ipv4_database. $!\n"; + + # Loop through the file. + while(my $line =
) { + # Remove newlines. + chomp($line); + + # Split the line content. + my ($network, $geoname_id, $registered_country_geoname_id, $represented_country_geoname_id, $is_anonymous_proxy, $is_satellite_provider) = split(/\,/, $line); + + # Check if the given address is part of the current processed network. + if (&Network::ip_address_in_network($address, $network)) { + # Store the geoname_id for this address. + $location_id = $geoname_id; + + # Break loop. + last; + } + } + + # Return nothing if no location_id could be found. + return unless($location_id); + + # Close filehandle. + close(ADDRESS); + + # Open the location database. + open(LOCATION, "$geoip_database_dir/$location_database") or die "Could not open $geoip_database_dir/$location_database. $!\n"; - # Load the database into memory if not already done - if (!$database) { - $database = Geo::IP::PurePerl->new(GEOIP_MEMORY_CACHE); + # Loop through the file. + while(my $line = ) { + # Remove newlines. + chomp($line); + + # Split the line content. + my ($geoname_id, $locale_code, $continent_code, $continent_name, $country_iso_code, $country_name, $is_in_european_union) = split(/\,/, $line); + + # Check if the correct location_id has been found. + if ($geoname_id eq $location_id) { + # Store the county code. + $country_code = $country_iso_code; + + # Break loop. + last; + } } - # Return the name of the country - return $database->country_code_by_name($address); + # Close filehandle. + close(LOCATION); + + # Return the obtained country code. + return $country_code; } # Function to get the flag icon for a specified country code.