This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "IPFire 2.x development tree".
The branch, next has been updated via 9662858bd8ad02dbd11369436797420a6a1f25b7 (commit) via 3a380f87c7b914edc41cfd01b8106254f85e27e7 (commit) via 834b933ca5f9e3c969f7891cb0588b752cbe24e5 (commit) from cb1c8f108f7efb8fbe9aa8036e0d4e0d8c54aa59 (commit)
Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below.
- Log ----------------------------------------------------------------- commit 9662858bd8ad02dbd11369436797420a6a1f25b7 Author: Arne Fitzenreiter arne_f@ipfire.org Date: Wed Jan 15 17:15:48 2020 +0000
Revert "stage2: update rootfile"
This reverts commit a877032915898b07dcacd165c0f89e427bc672a4.
commit 3a380f87c7b914edc41cfd01b8106254f85e27e7 Author: Arne Fitzenreiter arne_f@ipfire.org Date: Wed Jan 15 17:15:25 2020 +0000
Revert "Introduce update-location-database script."
This reverts commit 93a985cc05e6b564ac1e3fc59fd37e94c77000ca.
commit 834b933ca5f9e3c969f7891cb0588b752cbe24e5 Author: Arne Fitzenreiter arne_f@ipfire.org Date: Wed Jan 15 17:14:57 2020 +0000
Revert "crontab: Adjust crontab to hourly launch the update-location-database"
This reverts commit f8e7c1c9d07d348e8c3235c83fd889068269c823.
-----------------------------------------------------------------------
Summary of changes: config/cron/crontab | 2 +- config/rootfiles/common/aarch64/stage2 | 1 + config/rootfiles/common/stage2 | 1 + config/rootfiles/common/x86_64/stage2 | 1 + src/scripts/update-location-database | 45 ----------- src/scripts/xt_geoip_update | 138 +++++++++++++++++++++++++++++++++ 6 files changed, 142 insertions(+), 46 deletions(-) delete mode 100644 src/scripts/update-location-database create mode 100644 src/scripts/xt_geoip_update
Difference in files: diff --git a/config/cron/crontab b/config/cron/crontab index 519554195..56801394e 100644 --- a/config/cron/crontab +++ b/config/cron/crontab @@ -60,7 +60,7 @@ HOME=/ 00 2 * 10-11 0 /usr/local/bin/timezone-transition /usr/local/bin/firewallctrl
# Update GeoIP database once a month. -%hourly,random * * * [ -f "/var/ipfire/red/active" ] && /usr/local/bin/update-location-database >/dev/null 2>&1 +%monthly,random * * * [ -f "/var/ipfire/red/active" ] && /usr/local/bin/xt_geoip_update >/dev/null 2>&1
# Retry sending spooled mails regularly %hourly * /usr/sbin/dma -q diff --git a/config/rootfiles/common/aarch64/stage2 b/config/rootfiles/common/aarch64/stage2 index 14544ddcc..f4169a44e 100644 --- a/config/rootfiles/common/aarch64/stage2 +++ b/config/rootfiles/common/aarch64/stage2 @@ -107,6 +107,7 @@ usr/local/bin/timecheck usr/local/bin/timezone-transition usr/local/bin/update-ids-ruleset usr/local/bin/update-lang-cache +usr/local/bin/xt_geoip_update #usr/local/include #usr/local/lib #usr/local/lib/sse2 diff --git a/config/rootfiles/common/stage2 b/config/rootfiles/common/stage2 index c57d252f3..fca540431 100644 --- a/config/rootfiles/common/stage2 +++ b/config/rootfiles/common/stage2 @@ -107,6 +107,7 @@ usr/local/bin/timezone-transition usr/local/bin/update-lang-cache usr/local/bin/update-ids-ruleset usr/local/bin/xt_geoip_build +usr/local/bin/xt_geoip_update #usr/local/include #usr/local/lib #usr/local/lib/sse2 diff --git a/config/rootfiles/common/x86_64/stage2 b/config/rootfiles/common/x86_64/stage2 index e3832f3ad..cc67837e5 100644 --- a/config/rootfiles/common/x86_64/stage2 +++ b/config/rootfiles/common/x86_64/stage2 @@ -109,6 +109,7 @@ usr/local/bin/timezone-transition usr/local/bin/update-ids-ruleset usr/local/bin/update-lang-cache usr/local/bin/xt_geoip_build +usr/local/bin/xt_geoip_update #usr/local/include #usr/local/lib #usr/local/lib/sse2 diff --git a/src/scripts/update-location-database b/src/scripts/update-location-database deleted file mode 100644 index ebed5a095..000000000 --- a/src/scripts/update-location-database +++ /dev/null @@ -1,45 +0,0 @@ -#!/bin/bash -############################################################################### -# # -# IPFire.org - A linux based firewall # -# Copyright (C) 2019 IPFire Development Team info@ipfire.org # -# # -# This program is free software: you can redistribute it and/or modify # -# it under the terms of the GNU General Public License as published by # -# the Free Software Foundation, either version 3 of the License, or # -# (at your option) any later version. # -# # -# This program is distributed in the hope that it will be useful, # -# but WITHOUT ANY WARRANTY; without even the implied warranty of # -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # -# GNU General Public License for more details. # -# # -# You should have received a copy of the GNU General Public License # -# along with this program. If not, see http://www.gnu.org/licenses/. # -# # -############################################################################### - -eval $(/usr/local/bin/readhash /var/ipfire/proxy/settings) - -# Proxy settings. -# Check if a proxy should be used. -if [[ $UPSTREAM_PROXY ]]; then - PROXYSETTINGS="https_proxy=http://" - - # Check if authentication against the proxy is configured. - if [[ $UPSTREAM_USER && $UPSTREAM_PASSWORD ]]; then - PROXYSETTINGS="$PROXYSETTINGS$UPSTREAM_USER:$UPSTREAM_PASSWORD@" - fi - - # Add proxy server. - PROXYSETTINGS="$PROXYSETTINGS$UPSTREAM_PROXY" - - # Export proxy settings. - export HTTPS_PROXY="$PROXYSETTINGS" -fi - -# Get the latest location database from server. -/usr/bin/location-downloader update - -# Call initscript to reload the firewall. -/etc/init.d/firewall reload diff --git a/src/scripts/xt_geoip_update b/src/scripts/xt_geoip_update new file mode 100644 index 000000000..ebd266533 --- /dev/null +++ b/src/scripts/xt_geoip_update @@ -0,0 +1,138 @@ +#!/bin/bash +############################################################################### +# # +# IPFire.org - A linux based firewall # +# Copyright (C) 2019 IPFire Development Team info@ipfire.org # +# # +# This program is free software: you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation, either version 3 of the License, or # +# (at your option) any later version. # +# # +# This program is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with this program. If not, see http://www.gnu.org/licenses/. # +# # +############################################################################### + +TMP_PATH=$(mktemp -dp /var/tmp) +TMP_FILE=$(mktemp -p $TMP_PATH) + +SCRIPT_PATH=/usr/local/bin +DEST_PATH=/usr/share/xt_geoip +DB_PATH=/var/lib/GeoIP +DB1_PATH=/usr/share/GeoIP + +DL_URL=https://geolite.maxmind.com/download/geoip/database +DL_FILE=GeoLite2-Country-CSV.zip + +eval $(/usr/local/bin/readhash /var/ipfire/proxy/settings) + +function download() { + echo "Downloading latest GeoIP ruleset..." + + # Proxy settings. + # Check if a proxy should be used. + if [[ $UPSTREAM_PROXY ]]; then + PROXYSETTINGS="-e https_proxy=http://" + + # Check if authentication against the proxy is configured. + if [[ $UPSTREAM_USER && $UPSTREAM_PASSWORD ]]; then + PROXYSETTINGS="$PROXYSETTINGS$UPSTREAM_USER:$UPSTREAM_PASSWORD@" + fi + + # Add proxy server. + PROXYSETTINGS="$PROXYSETTINGS$UPSTREAM_PROXY" + fi + + # Get the latest GeoIP database from server. + wget $DL_URL/$DL_FILE $PROXYSETTINGS -O $TMP_FILE + + # Extract files to database path. + unzip $TMP_FILE -d $TMP_PATH + + return 0 +} + +function install() { + echo "Install CSV database..." + + # Check if the database dir exists. + if [ ! -e "$DB_PATH" ]; then + mkdir -p $DB_PATH &>/dev/null + fi + + # Check if the directory for binary databases exists. + if [ ! -e "$DEST_PATH" ]; then + mkdir -p $DEST_PATH &>/dev/null + fi + + # Install CSV databases. + if ! cp -af $TMP_PATH/*/* $DB_PATH &>/dev/null; then + echo "Could not copy files. Aborting." >&2 + return 1 + fi + + return 0 +} + +function build_legacy() { + echo "Convert database to legacy GeoIP.dat ..." + cat $DB_PATH/GeoLite2-Country-Blocks-IPv4.csv | \ + $DB1_PATH/bin/geolite2-to-legacy-csv.sh $DB1_PATH/bin/countryInfo.txt > \ + $TMP_FILE + $DB1_PATH/bin/geoip-generator -v -4 --info="$(date -u +'GEO-106FREE %Y%m%d Build -IPFire-' \ + -r $DB_PATH/GeoLite2-Country-Blocks-IPv4.csv) $(<$DB_PATH/COPYRIGHT.txt)" -o \ + $DB1_PATH/GeoIP.dat $TMP_FILE + + return 0 +} + + +function build() { + echo "Convert database..." + + # Run script to convert the CSV file into several xtables + # compatible binary files. + if ! $SCRIPT_PATH/xt_geoip_build -S $DB_PATH -D $DEST_PATH; then + echo "Could not convert ruleset. Aborting." >&2 + return 1 + fi + + return 0 +} + +function cleanup() { + echo "Cleaning up temporary files..." + if ! rm -rf $TMP_PATH &>/dev/null; then + echo "Could not remove files. Aborting." >&2 + return 1 + fi + + return 0 +} + +function main() { + local func + for func in download install build build_legacy; do + if ! ${func}; then + # Cleanup any temporary data + cleanup + + return 1 + fi + done + + # Cleanup + cleanup || return $? + + # All done + return 0 +} + +# Run the main function. +main || exit $?
hooks/post-receive -- IPFire 2.x development tree