Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 9 May 2016 10:57:52 +0000 (UTC)
From:      Olivier Cochard <olivier@FreeBSD.org>
To:        ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org
Subject:   svn commit: r414837 - in head: . net net/mlvpn net/mlvpn/files
Message-ID:  <201605091057.u49Avq5e033143@repo.freebsd.org>

next in thread | raw e-mail | index | archive | help
Author: olivier
Date: Mon May  9 10:57:52 2016
New Revision: 414837
URL: https://svnweb.freebsd.org/changeset/ports/414837

Log:
  New port: net/mlvpn
  
  MLVPN allow to bond your internet links to increase bandwidth, secure your
  internet connection by actively monitoring your links and removing the faulty
  ones, without loosing your TCP connections and secure your internet connection
  to the aggregation server using cryptography.
  
  WWW: https://zehome.github.io/MLVPN/
  
  Approved by:	mat
  Differential Revision:	https://reviews.freebsd.org/D6034

Added:
  head/net/mlvpn/
  head/net/mlvpn/Makefile   (contents, props changed)
  head/net/mlvpn/distinfo   (contents, props changed)
  head/net/mlvpn/files/
  head/net/mlvpn/files/mlvpn.in   (contents, props changed)
  head/net/mlvpn/files/patch-src_config.c   (contents, props changed)
  head/net/mlvpn/files/patch-src_mlvpn.c   (contents, props changed)
  head/net/mlvpn/files/patch-src_mlvpn.h   (contents, props changed)
  head/net/mlvpn/files/patch-src_tuntap__bsd.c   (contents, props changed)
  head/net/mlvpn/pkg-descr   (contents, props changed)
  head/net/mlvpn/pkg-plist   (contents, props changed)
Modified:
  head/GIDs
  head/UIDs
  head/net/Makefile

Modified: head/GIDs
==============================================================================
--- head/GIDs	Mon May  9 10:56:16 2016	(r414836)
+++ head/GIDs	Mon May  9 10:57:52 2016	(r414837)
@@ -103,6 +103,7 @@ agk:*:172:
 polipo:*:173:
 flowtools:*:174:
 twms:*:175:
+mlvpn:*:176:
 gdnsd:*:179:
 rt:*:180:
 nagios:*:181:

Modified: head/UIDs
==============================================================================
--- head/UIDs	Mon May  9 10:56:16 2016	(r414836)
+++ head/UIDs	Mon May  9 10:57:52 2016	(r414837)
@@ -109,6 +109,7 @@ agk:*:172:172::0:0:AquaGateKeeper:/nonex
 polipo:*:173:173::0:0:polipo web cache:/nonexistent:/usr/sbin/nologin
 flowtools:*:174:174::0:0:Flow-tools collector pseudo-user:/nonexistent:/usr/sbin/nologin
 twms:*:175:175::0:0:tWMS pseudo-user:/nonexistent:/usr/sbin/nologin
+mlvpn:*:176:176::0:0:mlVPN pseudo-user:/var/run/mlvpn:/usr/sbin/nologin
 gdnsd:*:179:179::0:0:gDNSd pseudo-user:/nonexistent:/usr/sbin/nologin
 nagios:*:181:181::0:0:Nagios pseudo-user:/var/spool/nagios:/usr/sbin/nologin
 noc:*:182:182::0:0:NOC pseudo-user:/usr/local/noc:/bin/sh

Modified: head/net/Makefile
==============================================================================
--- head/net/Makefile	Mon May  9 10:56:16 2016	(r414836)
+++ head/net/Makefile	Mon May  9 10:57:52 2016	(r414837)
@@ -398,6 +398,7 @@
     SUBDIR += miniupnpd
     SUBDIR += miredo
     SUBDIR += miruo
+    SUBDIR += mlvpn
     SUBDIR += mono-zeroconf
     SUBDIR += mopd
     SUBDIR += morebalance

Added: head/net/mlvpn/Makefile
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/net/mlvpn/Makefile	Mon May  9 10:57:52 2016	(r414837)
@@ -0,0 +1,41 @@
+# $FreeBSD$
+
+PORTNAME=	mlvpn
+PORTVERSION=	2.3.1
+CATEGORIES=	net
+
+MAINTAINER=	olivier@FreeBSD.org
+COMMENT=	Multi-link VPN
+
+LICENSE=	BSD2CLAUSE
+LICENSE_FILE=	${WRKSRC}/LICENCE
+
+LIB_DEPENDS=	libev.so:devel/libev \
+		libsodium.so:security/libsodium
+
+USE_GITHUB=	yes
+GH_PROJECT=	MLVPN
+GH_ACCOUNT=	zehome
+
+USES=	autoreconf libtool pkgconfig localbase
+GNU_CONFIGURE=	yes
+
+USERS=		mlvpn
+GROUPS=		mlvpn
+USE_RC_SUBR=	mlvpn
+
+OPTIONS_DEFINE=	CONTROL
+CONTROL_DESC=	Enable UNIX socket/HTTP json remote control API
+
+OPTIONS_DEFAULT=	CONTROL
+CONTROL_CONFIGURE_OFF=	--disable-control
+
+do-install:
+	${INSTALL_PROGRAM} ${WRKSRC}/src/${PORTNAME} ${STAGEDIR}${PREFIX}/sbin/
+	${INSTALL_MAN} ${WRKSRC}/man/${PORTNAME}.1 ${STAGEDIR}${PREFIX}/man/man1
+	${INSTALL_MAN} ${WRKSRC}/man/${PORTNAME}.conf.5	${STAGEDIR}${PREFIX}/man/man5
+	@${MKDIR} ${STAGEDIR}${ETCDIR}
+	${INSTALL_MAN} ${WRKSRC}/doc/examples/${PORTNAME}.conf.in ${STAGEDIR}${ETCDIR}/${PORTNAME}.conf.sample
+	${INSTALL_SCRIPT} ${WRKSRC}/doc/examples/mlvpn_updown.sh.in ${STAGEDIR}${ETCDIR}/mlvpn_updown.sh
+
+.include <bsd.port.mk>

Added: head/net/mlvpn/distinfo
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/net/mlvpn/distinfo	Mon May  9 10:57:52 2016	(r414837)
@@ -0,0 +1,2 @@
+SHA256 (zehome-MLVPN-2.3.1_GH0.tar.gz) = 4bbe8ae10ccad4ba764d29db0293b3ab523ded5d0a0b5adbe6a8d4d839e4138e
+SIZE (zehome-MLVPN-2.3.1_GH0.tar.gz) = 83817

Added: head/net/mlvpn/files/mlvpn.in
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/net/mlvpn/files/mlvpn.in	Mon May  9 10:57:52 2016	(r414837)
@@ -0,0 +1,155 @@
+#!/bin/sh
+#
+# mlvpn - load tun/tap driver and start mlvpn daemon
+#
+# (C) Copyright 2005 - 2008, 2010 by Matthias Andree
+# (C) Copyright 2015 Laurent COUSTET (mlvpn modifications)
+# (C) Copyright 2016 Olivier Cochard-Labbe (updating rc script)
+
+# based on suggestions by Matthias Grimm and Dirk Gouders
+# with multi-instance contribution from Denis Shaposhnikov, Gleb Kozyrev
+# and Vasil Dimov
+# softrestart feature suggested by Nick Hibma
+#
+# This program is free software; you can redistribute it and/or modify it under
+# the terms of the GNU General Public License as published by the Free Software
+# Foundation; either version 2 of the License, or (at your option) any later
+# version.
+#
+# This program is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+# FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more
+# details.
+#
+# You should have received a copy of the GNU General Public License along with
+# this program; if not, write to the Free Software Foundation, Inc., 51 Franklin
+# Street, Fifth Floor, Boston, MA 02110-1301, USA.
+
+# PROVIDE: mlvpn
+# REQUIRE: DAEMON
+# KEYWORD: shutdown
+
+# -----------------------------------------------------------------------------
+#
+# This script supports running multiple instances of mlvpn
+# To run additional instances link this script to something like
+# % ln -s mlvpn mlvpn_foo
+# and define additional mlvpn_foo_* variables in one of
+# /etc/rc.conf, /etc/rc.conf.local or /etc/rc.conf.d/mlvpn_foo
+#
+# Below NAME should be substituted with the name of this script. By default
+# it is mlvpn, so read as mlvpn_enable. If you linked the script to
+# mlvpn_foo, then read as mlvpn_foo_enable etc.
+#
+# The following variables are supported (defaults are shown).
+# You can place them in any of
+# /etc/rc.conf, /etc/rc.conf.local or /etc/rc.conf.d/NAME
+#
+# NAME_enable="NO"	# set to YES to enable mlvpn
+# NAME_if=		# driver(s) to load, set to "tun", "tap" or "tun tap"
+#			# it is OK to specify the if_ prefix.
+#
+# # optional:
+# NAME_flags=				# additional command line arguments
+# NAME_configfile="/usr/local/etc/mlvpn/NAME.conf"	# --config file
+#
+# Note that we deliberately refrain from unloading drivers.
+#
+# For further documentation, please see http://www.mlvpn.fr/
+#
+
+. /etc/rc.subr
+
+case "$0" in
+/etc/rc*)
+	# during boot (shutdown) $0 is /etc/rc (/etc/rc.shutdown),
+	# so get the name of the script from $_file
+	name="$_file"
+	;;
+*)
+	name="$0"
+	;;
+esac
+
+name="${name##*/}"
+rcvar=${name}_enable
+
+mlvpn_stop()
+{
+	if [ -f ${pidfile} ]; then
+		rc_pid=$(check_pidfile $pidfile ${name})
+		kill -TERM $rc_pid
+		wait_for_pids $rc_pid
+	fi
+}
+
+stop_postcmd()
+{
+	rm -f "$pidfile" || warn "Could not remove $pidfile."
+}
+
+mlvpn_softrestart()
+{
+	rc_pid=$(check_pidfile $pidfile ${name})
+	local status
+
+	if ! status=`run_rc_command status 2>&1`; then
+		echo $status
+		return 1
+	fi
+	echo 'Softrestarting mlvpn.'
+	kill -USR1 $rc_pid
+}
+
+mlvpn_status()
+{
+	rc_pid=$(check_pidfile $pidfile ${name})
+
+	if [ -z "$rc_pid" ]; then
+		[ -n "$rc_fast" ] && return 0
+		if [ -n "$pidfile" ]; then
+			echo "${name} not running? (check $pidfile)."
+		else
+			echo "${name} not running?"
+		fi
+		return 1
+	fi
+	echo "${name} is running as pid ${rc_pid}"
+}
+
+# reload: support SIGHUP to reparse configuration file
+# softrestart: support SIGUSR1 to reconnect without superuser privileges
+extra_commands="reload softrestart"
+softrestart_cmd="mlvpn_softrestart"
+
+# pidfile
+pidfile="/var/run/${name}.pid"
+rc_pid=$(check_pidfile $pidfile ame)
+
+# command and arguments
+procname="%%PREFIX%%/sbin/mlvpn"
+command="/usr/sbin/daemon"
+
+# run this last
+stop_cmd="mlvpn_stop"
+stop_postcmd="stop_postcmd"
+status_cmd="mlvpn_status"
+
+load_rc_config ${name}
+
+eval ": \${${name}_enable:=\"NO\"}"
+eval ": \${${name}_configfile:=\"/usr/local/etc/mlvpn/${name}.conf\"}"
+
+configfile="$(eval echo \${${name}_configfile})"
+interfaces="$(eval echo \${${name}_if})"
+
+required_modules=
+for i in $interfaces ; do
+    required_modules="$required_modules${required_modules:+" "}if_${i#if_}"
+done
+
+required_files=${configfile}
+
+command_args="-f -p ${pidfile} ${procname} --name ${name} --config ${configfile} --user mlvpn"
+
+run_rc_command "$1"

Added: head/net/mlvpn/files/patch-src_config.c
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/net/mlvpn/files/patch-src_config.c	Mon May  9 10:57:52 2016	(r414837)
@@ -0,0 +1,57 @@
+--- src/config.c.orig	2015-12-28 11:20:16 UTC
++++ src/config.c
+@@ -269,6 +269,7 @@ mlvpn_config(int config_file_fd, int fir
+             } else if (strncmp(lastSection, "filters", 7) != 0) {
+                 char *bindaddr;
+                 char *bindport;
++				uint32_t bindfib = 0;
+                 char *dstaddr;
+                 char *dstport;
+                 uint32_t bwlimit = 0;
+@@ -284,6 +285,9 @@ mlvpn_config(int config_file_fd, int fir
+                     _conf_set_str_from_conf(
+                         config, lastSection, "bindport", &bindport, NULL,
+                         "bind port is mandatory in server mode.\n", 1);
++					_conf_set_uint_from_conf(
++						config, lastSection, "bindfib", &bindfib, 0,
++						NULL, 0);
+                     _conf_set_str_from_conf(
+                         config, lastSection, "remotehost", &dstaddr, NULL,
+                         NULL, 0);
+@@ -297,6 +301,9 @@ mlvpn_config(int config_file_fd, int fir
+                     _conf_set_str_from_conf(
+                         config, lastSection, "bindport", &bindport, NULL,
+                         NULL, 0);
++					 _conf_set_uint_from_conf(
++						config, lastSection, "bindfib", &bindfib, 0,
++						NULL, 0);
+                     _conf_set_str_from_conf(
+                         config, lastSection, "remotehost", &dstaddr, NULL,
+                         "No remote address specified.\n", 1);
+@@ -336,6 +343,7 @@ mlvpn_config(int config_file_fd, int fir
+                               tmptun->name);
+                         if ((! mystr_eq(tmptun->bindaddr, bindaddr)) ||
+                                 (! mystr_eq(tmptun->bindport, bindport)) ||
++								(tmptun->bindfib != bindfib) ||
+                                 (! mystr_eq(tmptun->destaddr, dstaddr)) ||
+                                 (! mystr_eq(tmptun->destport, dstport))) {
+                             mlvpn_rtun_status_down(tmptun);
+@@ -347,6 +355,9 @@ mlvpn_config(int config_file_fd, int fir
+                         if (bindport) {
+                             strlcpy(tmptun->bindport, bindport, sizeof(tmptun->bindport));
+                         }
++						if (tmptun->bindfib != bindfib) {
++							tmptun->bindfib = bindfib;
++						}
+                         if (dstaddr) {
+                             strlcpy(tmptun->destaddr, dstaddr, sizeof(tmptun->destaddr));
+                         }
+@@ -380,7 +391,7 @@ mlvpn_config(int config_file_fd, int fir
+                 {
+                     log_info("config", "%s tunnel added", lastSection);
+                     mlvpn_rtun_new(
+-                        lastSection, bindaddr, bindport, dstaddr, dstport,
++                        lastSection, bindaddr, bindport, bindfib, dstaddr, dstport,
+                         default_server_mode, timeout, fallback_only,
+                         bwlimit, loss_tolerence);
+                 }

Added: head/net/mlvpn/files/patch-src_mlvpn.c
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/net/mlvpn/files/patch-src_mlvpn.c	Mon May  9 10:57:52 2016	(r414837)
@@ -0,0 +1,54 @@
+--- src/mlvpn.c.orig	2015-12-28 11:20:16 UTC
++++ src/mlvpn.c
+@@ -597,7 +597,7 @@ mlvpn_rtun_write(EV_P_ ev_io *w, int rev
+ 
+ mlvpn_tunnel_t *
+ mlvpn_rtun_new(const char *name,
+-               const char *bindaddr, const char *bindport,
++               const char *bindaddr, const char *bindport, uint32_t bindfib,
+                const char *destaddr, const char *destport,
+                int server_mode, uint32_t timeout,
+                int fallback_only, uint32_t bandwidth,
+@@ -653,6 +653,7 @@ mlvpn_rtun_new(const char *name,
+         strlcpy(new->bindaddr, bindaddr, sizeof(new->bindaddr));
+     if (bindport)
+         strlcpy(new->bindport, bindport, sizeof(new->bindport));
++	new->bindfib = bindfib;
+     if (destaddr)
+         strlcpy(new->destaddr, destaddr, sizeof(new->destaddr));
+     if (destport)
+@@ -780,6 +781,7 @@ static int
+ mlvpn_rtun_start(mlvpn_tunnel_t *t)
+ {
+     int ret, fd = -1;
++	int fib = 0;
+     char *addr, *port;
+     struct addrinfo hints, *res;
+ 
+@@ -788,9 +790,11 @@ mlvpn_rtun_start(mlvpn_tunnel_t *t)
+     {
+         addr = t->bindaddr;
+         port = t->bindport;
++		fib = t->bindfib;
+     } else {
+         addr = t->destaddr;
+         port = t->destport;
++		fib = t->bindfib;
+     }
+ 
+     /* Initialize hints */
+@@ -817,6 +821,14 @@ mlvpn_rtun_start(mlvpn_tunnel_t *t)
+             log_warn(NULL, "%s socket creation error",
+                 t->name);
+         } else {
++#if defined(HAVE_FREEBSD) || defined(HAVE_OPENBSD)
++			/* Setting SO_SETFIB (fib) supported on FreeBSD and OpenBSD only */
++			if (setsockopt(fd, SOL_SOCKET, SO_SETFIB, &fib, sizeof(fib)) < 0)
++			{
++      			log_warnx(NULL, "Cannot set FIB %d for kernel socket", fib);
++				goto error;
++			}
++#endif
+             t->fd = fd;
+             break;
+         }

Added: head/net/mlvpn/files/patch-src_mlvpn.h
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/net/mlvpn/files/patch-src_mlvpn.h	Mon May  9 10:57:52 2016	(r414837)
@@ -0,0 +1,19 @@
+--- src/mlvpn.h.orig	2015-12-28 11:20:16 UTC
++++ src/mlvpn.h
+@@ -138,6 +138,7 @@ typedef struct mlvpn_tunnel_s
+     char *name;           /* tunnel name */
+     char bindaddr[MLVPN_MAXHNAMSTR]; /* packets source */
+     char bindport[MLVPN_MAXPORTSTR]; /* packets port source (or NULL) */
++	uint32_t bindfib;     /* FIB number to use */
+     char destaddr[MLVPN_MAXHNAMSTR]; /* remote server ip (can be hostname) */
+     char destport[MLVPN_MAXPORTSTR]; /* remote server port */
+     int fd;               /* socket file descriptor */
+@@ -193,7 +194,7 @@ int mlvpn_rtun_wrr_reset(struct rtunhead
+ mlvpn_tunnel_t *mlvpn_rtun_wrr_choose();
+ mlvpn_tunnel_t *mlvpn_rtun_choose();
+ mlvpn_tunnel_t *mlvpn_rtun_new(const char *name,
+-    const char *bindaddr, const char *bindport,
++    const char *bindaddr, const char *bindport, uint32_t bindfib,
+     const char *destaddr, const char *destport,
+     int server_mode, uint32_t timeout,
+     int fallback_only, uint32_t bandwidth,

Added: head/net/mlvpn/files/patch-src_tuntap__bsd.c
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/net/mlvpn/files/patch-src_tuntap__bsd.c	Mon May  9 10:57:52 2016	(r414837)
@@ -0,0 +1,11 @@
+--- src/tuntap_bsd.c.orig	2015-12-28 11:20:16 UTC
++++ src/tuntap_bsd.c
+@@ -21,7 +21,7 @@ mlvpn_tuntap_read(struct tuntap_s *tunta
+     mlvpn_tunnel_t *rtun = NULL;
+     mlvpn_pkt_t *pkt;
+     ssize_t ret;
+-    u_char data[DEFAULT_MTU]
++    u_char data[DEFAULT_MTU];
+     struct iovec iov[2];
+     uint32_t type;
+ 

Added: head/net/mlvpn/pkg-descr
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/net/mlvpn/pkg-descr	Mon May  9 10:57:52 2016	(r414837)
@@ -0,0 +1,6 @@
+MLVPN allow to bond your internet links to increase bandwidth, secure your 
+internet connection by actively monitoring your links and removing the faulty 
+ones, without loosing your TCP connections and secure your internet connection 
+to the aggregation server using cryptography.
+
+WWW: https://zehome.github.io/MLVPN/

Added: head/net/mlvpn/pkg-plist
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/net/mlvpn/pkg-plist	Mon May  9 10:57:52 2016	(r414837)
@@ -0,0 +1,5 @@
+sbin/mlvpn
+man/man1/mlvpn.1.gz
+man/man5/mlvpn.conf.5.gz
+@sample(,,600)  %%ETCDIR%%/mlvpn.conf.sample
+@(,,700) %%ETCDIR%%/mlvpn_updown.sh



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201605091057.u49Avq5e033143>