From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail02.haj.ipfire.org (localhost [127.0.0.1]) by mail02.haj.ipfire.org (Postfix) with ESMTP id 4bJ7Vw0Cldz332B for ; Thu, 12 Jun 2025 16:38:00 +0000 (UTC) Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) client-signature RSA-PSS (4096 bits)) (Client CN "mail01.haj.ipfire.org", Issuer "R10" (verified OK)) by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4bJ7Vr4CQjz2yJC for ; Thu, 12 Jun 2025 16:37:56 +0000 (UTC) Received: from [127.0.0.1] (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by mail01.ipfire.org (Postfix) with ESMTPSA id 4bJ7Vq0JxKz1JK; Thu, 12 Jun 2025 16:37:54 +0000 (UTC) DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003ed25519; t=1749746275; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=4MhDMJhUt2BoVeKRVe9MOr5Ay8IMM/AMIqBRKQOO8F4=; b=ehIdPG1jKcyu3bewe1Fnh5dqwa//TnrLKPaODNvBhaweWwvbsEQIUTOXNpiGyxGuQb2K5c SEFa/R9+6l1zHOCA== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003rsa; t=1749746275; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=4MhDMJhUt2BoVeKRVe9MOr5Ay8IMM/AMIqBRKQOO8F4=; b=pwE/ZPXFxBEn/OCVquddH/0e5LspgjU/qDwEoom1oMtCs5lDjhGjjfPPiaoHvT1lw88AXo 5/ybG/p61rTpnoyHKu6bm3eO5iiG4pkiFkHoxpDxn9+nvI/Bm/UEYQOZq9n7ahpIwt6dKQ G9Qb9R3HwTBkr8bMbmcFxe2T3iSVsuH4/po8ToiI5oPdfu/yZHtENMZPxsjPs682gIOPz+ lEAW0Y6QoTsbhy4NA6PujEuTrayW949qbhKz3/paqpIOweGfkOhlF5err4zHp6QDUZFZAI xNHHVkVoYiT4ZTbIVQFkqE5UpNBscqQZZ2sN8zuS2PEjdKy6aWZipZHbDrb1pA== From: Stefan Schantl To: development@lists.ipfire.org Cc: Stefan Schantl Subject: [PATCH] fort-validator: New package Date: Thu, 12 Jun 2025 18:27:01 +0200 Message-ID: <20250612162701.3735-1-stefan.schantl@ipfire.org> Precedence: list List-Id: List-Subscribe: , List-Unsubscribe: , List-Post: List-Help: Sender: Mail-Followup-To: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit FORT Validator is an open source RPKI validator. It allows operators to validate BGP routing information against the RPKI repository for use in router configuration and resolution. This patch includes the LFS and rootfile to build the validator, an initscript, required definitions for backup and an empty config file for user customization. Fixes #13845. Signed-off-by: Stefan Schantl --- config/backup/includes/fort-validator | 2 + config/fort-validator/config.json | 2 + config/rootfiles/packages/fort-validator | 8 ++ lfs/fort-validator | 112 +++++++++++++++++++++++ make.sh | 1 + src/initscripts/packages/fort-validator | 55 +++++++++++ 6 files changed, 180 insertions(+) create mode 100644 config/backup/includes/fort-validator create mode 100644 config/fort-validator/config.json create mode 100644 config/rootfiles/packages/fort-validator create mode 100644 lfs/fort-validator create mode 100644 src/initscripts/packages/fort-validator diff --git a/config/backup/includes/fort-validator b/config/backup/includes/fort-validator new file mode 100644 index 000000000..92d1f6446 --- /dev/null +++ b/config/backup/includes/fort-validator @@ -0,0 +1,2 @@ +/etc/fort/config.json +/var/lib/fort diff --git a/config/fort-validator/config.json b/config/fort-validator/config.json new file mode 100644 index 000000000..2c63c0851 --- /dev/null +++ b/config/fort-validator/config.json @@ -0,0 +1,2 @@ +{ +} diff --git a/config/rootfiles/packages/fort-validator b/config/rootfiles/packages/fort-validator new file mode 100644 index 000000000..629aab345 --- /dev/null +++ b/config/rootfiles/packages/fort-validator @@ -0,0 +1,8 @@ +etc/fort +etc/fort/config.json +etc/fort/config.json.example +etc/rc.d/init.d/fort-validator +usr/bin/fort +#usr/share/man/man8/fort.8 +var/ipfire/backup/addons/includes/fort-validator +var/lib/fort diff --git a/lfs/fort-validator b/lfs/fort-validator new file mode 100644 index 000000000..cb8ba8972 --- /dev/null +++ b/lfs/fort-validator @@ -0,0 +1,112 @@ +############################################################################### +# # +# IPFire.org - A linux based firewall # +# Copyright (C) 2007-2024 IPFire Team # +# # +# This program is free software: you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation, either version 3 of the License, or # +# (at your option) any later version. # +# # +# This program is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with this program. If not, see . # +# # +############################################################################### + +############################################################################### +# Definitions +############################################################################### + +include Config + +SUMMARY = Fort RPKI validator + +VER = 1.6.6 + +THISAPP = FORT-validator-$(VER) +DL_FILE = $(THISAPP).tar.gz +DL_FROM = $(URL_IPFIRE) +DIR_APP = $(DIR_SRC)/$(THISAPP) +TARGET = $(DIR_INFO)/$(THISAPP) +PROG = fort-validator +PAK_VER = 1 + +DEPS = + +SERVICES = fort-validator + +############################################################################### +# Top-level Rules +############################################################################### + +objects = $(DL_FILE) + +$(DL_FILE) = $(DL_FROM)/$(DL_FILE) + +$(DL_FILE)_BLAKE2 = c62a0e41e2a2fea60383ae87ff92d9cd68945c459b0ccaa4d0a3fc6d8c0796cb0dc0fde7305023e4ddcf476b4043ac73d8213638a8f319862a3c39e3381f43da + +install : $(TARGET) + +check : $(patsubst %,$(DIR_CHK)/%,$(objects)) + +download :$(patsubst %,$(DIR_DL)/%,$(objects)) + +b2 : $(subst %,%_BLAKE2,$(objects)) + +dist: + @$(PAK) + +############################################################################### +# Downloading, checking, b2sum +############################################################################### + +$(patsubst %,$(DIR_CHK)/%,$(objects)) : + @$(CHECK) + +$(patsubst %,$(DIR_DL)/%,$(objects)) : + @$(LOAD) + +$(subst %,%_BLAKE2,$(objects)) : + @$(B2SUM) + +############################################################################### +# Installation Details +############################################################################### +$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) + @$(PREBUILD) + @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE) + + cd $(DIR_APP) && ./autogen.sh + cd $(DIR_APP) && ./configure \ + --prefix=/usr \ + --sysconfdir=/etc + + cd $(DIR_APP) && make $(MAKETUNING) + cd $(DIR_APP) && make install + + # Create directory layout + mkdir -pv /etc/fort + mkdir -pv /var/lib/fort + + # Install plain config file. + cd $(DIR_APP) && install -m 0644 $(DIR_SRC)/config/fort-validator/config.json \ + /etc/fort/config.json + + # Install example config file. + cd $(DIR_APP) && install -m 0644 $(DIR_APP)/examples/config.json \ + /etc/fort/config.json.example + + # Install initscripts + $(call INSTALL_INITSCRIPTS,$(SERVICES)) + + # Install backup definitions + install -v -m 644 $(DIR_SRC)/config/backup/includes/fort-validator \ + /var/ipfire/backup/addons/includes/fort-validator + + @rm -rf $(DIR_APP) + @$(POSTBUILD) diff --git a/make.sh b/make.sh index 61921fee6..181692f70 100755 --- a/make.sh +++ b/make.sh @@ -2085,6 +2085,7 @@ build_system() { lfsmake2 btrfs-progs lfsmake2 inotify-tools lfsmake2 grub-btrfs + lfsmake2 fort-validator lfsmake2 linux lfsmake2 rtl8812au diff --git a/src/initscripts/packages/fort-validator b/src/initscripts/packages/fort-validator new file mode 100644 index 000000000..e0c9ba29c --- /dev/null +++ b/src/initscripts/packages/fort-validator @@ -0,0 +1,55 @@ +#!/bin/sh +############################################################################### +# # +# IPFire.org - A linux based firewall # +# Copyright (C) 2007-2025 IPFire Team # +# # +# This program is free software: you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation, either version 3 of the License, or # +# (at your option) any later version. # +# # +# This program is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with this program. If not, see . # +# # +############################################################################### + +. /etc/sysconfig/rc +. ${rc_functions} + +case "${1}" in + start) + boot_mesg "Starting fort RPKI validator..." + loadproc /usr/bin/fort --log.output=syslog --validation-log.output=syslog --configuration-file /etc/fort/config.json + ;; + + stop) + boot_mesg "Stopping fort RPKI validator..." + killproc /usr/bin/fort + ;; + + reload) + boot_mesg "Reloading fort RPKI validator..." + reloadproc /usr/bin/fort + ;; + + restart) + ${0} stop + sleep 1 + ${0} start + ;; + + status) + statusproc /usr/bin/fort + ;; + + *) + echo "Usage: ${0} {start|stop|reload|restart|status}" + exit 1 + ;; +esac -- 2.47.2