/[smecontribs]/rpms/smeserver-coova-chilli/contribs7/smeserver-coova-chilli-0.1-directOrSquid.patch
ViewVC logotype

Contents of /rpms/smeserver-coova-chilli/contribs7/smeserver-coova-chilli-0.1-directOrSquid.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph


Revision 1.2 - (show annotations) (download)
Thu Sep 4 13:56:35 2008 UTC (16 years, 2 months ago) by slords
Branch: MAIN
CVS Tags: HEAD
Changes since 1.1: +0 -0 lines
FILE REMOVED
Import of smeserver-coova-chilli-0.2-2.src.rpm

1 diff -Nur -x '*.orig' -x '*.rej' smeserver-coova-chilli-0.1/root/etc/chilli/condown.sh mezzanine_patched_smeserver-coova-chilli-0.1/root/etc/chilli/condown.sh
2 --- smeserver-coova-chilli-0.1/root/etc/chilli/condown.sh 2008-09-01 14:16:56.000000000 +0200
3 +++ mezzanine_patched_smeserver-coova-chilli-0.1/root/etc/chilli/condown.sh 2008-09-01 13:26:53.000000000 +0200
4 @@ -1,5 +1,13 @@
5 #!/bin/bash
6
7 -SQUID_PORT=$(/sbin/e-smith/db configuration getprop squid TransparentPort)
8 -/sbin/iptables -D IN_FROM_CHILLI -s $FRAMED_IP_ADDRESS -p tcp --dport $SQUID_PORT --syn -j ACCEPT
9 +SQUID_STATUS=$(/sbin/e-smith/db configuration getprop squid status)
10 +WEB_REQ=$(/sbin/e-smith/db configuration getprop chilli WebRequests)
11 +
12 +if [[ $SQUID_STATUS=='enabled' && $WEB_REQ=='squid' ]]; then
13 + SQUID_PORT=$(/sbin/e-smith/db configuration getprop squid TransparentPort)
14 + /sbin/iptables -D IN_FROM_CHILLI -s $FRAMED_IP_ADDRESS \
15 + -p tcp --dport $SQUID_PORT --syn -j ACCEPT
16 + /sbin/iptables -t nat -D PREROUTING_FROM_CHILLI -s $FRAMED_IP_ADDRESS \
17 + -p tcp --dport 80 -j DNAT --to $ADDR:$SQUID_PORT
18 +fi
19
20 diff -Nur -x '*.orig' -x '*.rej' smeserver-coova-chilli-0.1/root/etc/chilli/conup.sh mezzanine_patched_smeserver-coova-chilli-0.1/root/etc/chilli/conup.sh
21 --- smeserver-coova-chilli-0.1/root/etc/chilli/conup.sh 2008-09-01 14:16:57.000000000 +0200
22 +++ mezzanine_patched_smeserver-coova-chilli-0.1/root/etc/chilli/conup.sh 2008-09-01 13:27:04.000000000 +0200
23 @@ -1,9 +1,12 @@
24 #!/bin/bash
25
26 -SQUID=$(/sbin/e-smith/db configuration getprop squid status)
27 +SQUID_STATUS=$(/sbin/e-smith/db configuration getprop squid status)
28 +WEB_REQ=$(/sbin/e-smith/db configuration getprop chilli WebRequests)
29
30 -if [ $SQUID=='enabled' ]; then
31 - SQUID_PORT=$(/sbin/e-smith/db configuration getprop squid TransparentPort)
32 +if [[ $SQUID_STATUS=='enabled' && $WEB_REQ=='squid' ]]; then
33 + SQUID_PORT=$(/sbin/e-smith/db configuration getprop squid TransparentPort)
34 + /sbin/iptables -t nat -I PREROUTING_FROM_CHILLI 4 -s $FRAMED_IP_ADDRESS \
35 + -p tcp --dport 80 -j DNAT --to $ADDR:$SQUID_PORT
36 /sbin/iptables -I IN_FROM_CHILLI 7 -s $FRAMED_IP_ADDRESS \
37 -p tcp --dport $SQUID_PORT --syn -j ACCEPT
38 fi
39 diff -Nur -x '*.orig' -x '*.rej' smeserver-coova-chilli-0.1/root/etc/e-smith/db/configuration/defaults/chilli/AllowedOutgoing mezzanine_patched_smeserver-coova-chilli-0.1/root/etc/e-smith/db/configuration/defaults/chilli/AllowedOutgoing
40 --- smeserver-coova-chilli-0.1/root/etc/e-smith/db/configuration/defaults/chilli/AllowedOutgoing 1970-01-01 01:00:00.000000000 +0100
41 +++ mezzanine_patched_smeserver-coova-chilli-0.1/root/etc/e-smith/db/configuration/defaults/chilli/AllowedOutgoing 2008-09-01 13:29:22.000000000 +0200
42 @@ -0,0 +1 @@
43 +tcp:any:443
44 diff -Nur -x '*.orig' -x '*.rej' smeserver-coova-chilli-0.1/root/etc/e-smith/db/configuration/defaults/chilli/uamallowed mezzanine_patched_smeserver-coova-chilli-0.1/root/etc/e-smith/db/configuration/defaults/chilli/uamallowed
45 --- smeserver-coova-chilli-0.1/root/etc/e-smith/db/configuration/defaults/chilli/uamallowed 2008-04-07 16:06:31.000000000 +0200
46 +++ mezzanine_patched_smeserver-coova-chilli-0.1/root/etc/e-smith/db/configuration/defaults/chilli/uamallowed 2008-09-01 13:33:39.000000000 +0200
47 @@ -1 +1 @@
48 -tcp:www.firewall-services.com:80,tcp:coova.org:80,tcp:smeserver.org:80,tcp:sourceforge.net:80
49 +tcp:www.firewall-services.com:80,tcp:coova.org:80,tcp:smeserver.org:80,tcp:sourceforge.net:80,tcp:static.sourceforge.net:80
50 diff -Nur -x '*.orig' -x '*.rej' smeserver-coova-chilli-0.1/root/etc/e-smith/db/configuration/defaults/chilli/WebRequests mezzanine_patched_smeserver-coova-chilli-0.1/root/etc/e-smith/db/configuration/defaults/chilli/WebRequests
51 --- smeserver-coova-chilli-0.1/root/etc/e-smith/db/configuration/defaults/chilli/WebRequests 1970-01-01 01:00:00.000000000 +0100
52 +++ mezzanine_patched_smeserver-coova-chilli-0.1/root/etc/e-smith/db/configuration/defaults/chilli/WebRequests 2008-09-01 12:11:17.000000000 +0200
53 @@ -0,0 +1 @@
54 +direct
55 diff -Nur -x '*.orig' -x '*.rej' smeserver-coova-chilli-0.1/root/etc/e-smith/templates/etc/chilli/config/20radconf mezzanine_patched_smeserver-coova-chilli-0.1/root/etc/e-smith/templates/etc/chilli/config/20radconf
56 --- smeserver-coova-chilli-0.1/root/etc/e-smith/templates/etc/chilli/config/20radconf 1970-01-01 01:00:00.000000000 +0100
57 +++ mezzanine_patched_smeserver-coova-chilli-0.1/root/etc/e-smith/templates/etc/chilli/config/20radconf 2008-09-01 13:19:30.000000000 +0200
58 @@ -0,0 +1,2 @@
59 +HS_RADCONF=off
60 +
61 diff -Nur -x '*.orig' -x '*.rej' smeserver-coova-chilli-0.1/root/etc/e-smith/templates/etc/chilli.conf/50radius mezzanine_patched_smeserver-coova-chilli-0.1/root/etc/e-smith/templates/etc/chilli.conf/50radius
62 --- smeserver-coova-chilli-0.1/root/etc/e-smith/templates/etc/chilli.conf/50radius 2008-04-04 18:17:32.000000000 +0200
63 +++ mezzanine_patched_smeserver-coova-chilli-0.1/root/etc/e-smith/templates/etc/chilli.conf/50radius 2008-09-01 14:16:54.000000000 +0200
64 @@ -1,7 +1,8 @@
65 radiusserver1 127.0.0.1
66 radiusserver2 127.0.0.1
67 radiussecret {$chilli{'radiussecret'} || 'azerty';}
68 -radiusauthport 1812
69 +radiusauthport {$radiusd{'UDPPort'} || '1812';}
70 radiusacctport 1813
71 radiusnasid chilli
72 +radiustimeout 1
73
74 diff -Nur -x '*.orig' -x '*.rej' smeserver-coova-chilli-0.1/root/etc/e-smith/templates/etc/rc.d/init.d/masq/00Functions01Chilli40forwardFrom mezzanine_patched_smeserver-coova-chilli-0.1/root/etc/e-smith/templates/etc/rc.d/init.d/masq/00Functions01Chilli40forwardFrom
75 --- smeserver-coova-chilli-0.1/root/etc/e-smith/templates/etc/rc.d/init.d/masq/00Functions01Chilli40forwardFrom 2008-09-01 14:16:57.000000000 +0200
76 +++ mezzanine_patched_smeserver-coova-chilli-0.1/root/etc/e-smith/templates/etc/rc.d/init.d/masq/00Functions01Chilli40forwardFrom 2008-09-01 13:34:19.000000000 +0200
77 @@ -8,6 +8,10 @@
78 /sbin/iptables -A FORWARD_FROM_CHILLI -j state_chk
79 /sbin/iptables -A FORWARD_FROM_CHILLI -s ! $net -j denylog
80 /sbin/iptables -A FORWARD_FROM_CHILLI -p icmp --icmp-type echo-request -j ACCEPT
81 + # Allow http for un-authenticated clients so uamallowed works
82 + # Https need to be allowed in AllowedOutgoing
83 + /sbin/iptables -A FORWARD_FROM_CHILLI -p tcp --dport 80 -j ACCEPT
84 +
85 HERE
86
87 # Allow services specidied in AllowedOutgoing
88 @@ -43,3 +47,4 @@
89 $OUT .= " /sbin/iptables -A FORWARD_FROM_CHILLI -j denylog\n\}\n";
90
91 }
92 +
93 diff -Nur -x '*.orig' -x '*.rej' smeserver-coova-chilli-0.1/root/etc/e-smith/templates/etc/rc.d/init.d/masq/00Functions01Chilli50prerouting mezzanine_patched_smeserver-coova-chilli-0.1/root/etc/e-smith/templates/etc/rc.d/init.d/masq/00Functions01Chilli50prerouting
94 --- smeserver-coova-chilli-0.1/root/etc/e-smith/templates/etc/rc.d/init.d/masq/00Functions01Chilli50prerouting 2008-09-01 14:16:57.000000000 +0200
95 +++ mezzanine_patched_smeserver-coova-chilli-0.1/root/etc/e-smith/templates/etc/rc.d/init.d/masq/00Functions01Chilli50prerouting 2008-09-01 12:43:50.000000000 +0200
96 @@ -19,6 +19,11 @@
97 next unless $ip =~ /^${ReIpAddr}$/;
98 $OUT .=" /sbin/iptables -A PREROUTING_FROM_CHILLI -t nat -d $ip -j DNAT --to $chillip\n";
99 }
100 +
101 +# Accept other connexions in order to skip other pre-routing rules. Note that packets will be filtered
102 +# in the FORWARD_FROM_CHILLI chain
103 +$OUT .=" /sbin/iptables -t nat -A PREROUTING_FROM_CHILLI -j ACCEPT\n";
104 +
105 $OUT .= "\}\n";
106
107 }
108 diff -Nur -x '*.orig' -x '*.rej' smeserver-coova-chilli-0.1/root/etc/e-smith/templates/etc/squid/squid.conf/20ACL10chilli mezzanine_patched_smeserver-coova-chilli-0.1/root/etc/e-smith/templates/etc/squid/squid.conf/20ACL10chilli
109 --- smeserver-coova-chilli-0.1/root/etc/e-smith/templates/etc/squid/squid.conf/20ACL10chilli 2008-04-05 01:34:40.000000000 +0200
110 +++ mezzanine_patched_smeserver-coova-chilli-0.1/root/etc/e-smith/templates/etc/squid/squid.conf/20ACL10chilli 2008-09-01 13:10:22.000000000 +0200
111 @@ -1,5 +1,6 @@
112 {
113 -if ($chilli{'status'} eq 'enabled'){
114 +if ((($chilli{'status'} || 'disabled') eq 'enabled') &&
115 + (($chilli{'WebRequests'} || 'direct') eq 'squid')){
116
117 my $net = $chilli{'net'} || '10.1.0.0/255.255.255.0';
118
119 diff -Nur -x '*.orig' -x '*.rej' smeserver-coova-chilli-0.1/root/etc/e-smith/templates/etc/squid/squid.conf/40http_access76AllowChilli mezzanine_patched_smeserver-coova-chilli-0.1/root/etc/e-smith/templates/etc/squid/squid.conf/40http_access76AllowChilli
120 --- smeserver-coova-chilli-0.1/root/etc/e-smith/templates/etc/squid/squid.conf/40http_access76AllowChilli 2008-04-05 01:34:40.000000000 +0200
121 +++ mezzanine_patched_smeserver-coova-chilli-0.1/root/etc/e-smith/templates/etc/squid/squid.conf/40http_access76AllowChilli 2008-09-01 13:10:37.000000000 +0200
122 @@ -1,5 +1,6 @@
123 {
124 -if ($chilli{'status'} eq 'enabled'){
125 +if ((($chilli{'status'} || 'disabled') eq 'enabled') &&
126 + (($chilli{'WebRequests'} || 'direct') eq 'squid')){
127 $OUT = "http_access allow chillisrc\n";
128 }
129 }

admin@koozali.org
ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed