From: Arne Fitzenreiter <git@ipfire.org>
To: ipfire-scm@lists.ipfire.org
Subject: [git.ipfire.org] IPFire 2.x development tree branch, next, updated. 9662858bd8ad02dbd11369436797420a6a1f25b7
Date: Thu, 16 Jan 2020 06:59:25 +0000 [thread overview]
Message-ID: <47yw6Q4VBzz2yDC@people01.haj.ipfire.org> (raw)
[-- Attachment #1: Type: text/plain, Size: 11282 bytes --]
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "IPFire 2.x development tree".
The branch, next has been updated
via 9662858bd8ad02dbd11369436797420a6a1f25b7 (commit)
via 3a380f87c7b914edc41cfd01b8106254f85e27e7 (commit)
via 834b933ca5f9e3c969f7891cb0588b752cbe24e5 (commit)
from cb1c8f108f7efb8fbe9aa8036e0d4e0d8c54aa59 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 9662858bd8ad02dbd11369436797420a6a1f25b7
Author: Arne Fitzenreiter <arne_f(a)ipfire.org>
Date: Wed Jan 15 17:15:48 2020 +0000
Revert "stage2: update rootfile"
This reverts commit a877032915898b07dcacd165c0f89e427bc672a4.
commit 3a380f87c7b914edc41cfd01b8106254f85e27e7
Author: Arne Fitzenreiter <arne_f(a)ipfire.org>
Date: Wed Jan 15 17:15:25 2020 +0000
Revert "Introduce update-location-database script."
This reverts commit 93a985cc05e6b564ac1e3fc59fd37e94c77000ca.
commit 834b933ca5f9e3c969f7891cb0588b752cbe24e5
Author: Arne Fitzenreiter <arne_f(a)ipfire.org>
Date: Wed Jan 15 17:14:57 2020 +0000
Revert "crontab: Adjust crontab to hourly launch the update-location-database"
This reverts commit f8e7c1c9d07d348e8c3235c83fd889068269c823.
-----------------------------------------------------------------------
Summary of changes:
config/cron/crontab | 2 +-
config/rootfiles/common/aarch64/stage2 | 1 +
config/rootfiles/common/stage2 | 1 +
config/rootfiles/common/x86_64/stage2 | 1 +
src/scripts/update-location-database | 45 -----------
src/scripts/xt_geoip_update | 138 +++++++++++++++++++++++++++++++++
6 files changed, 142 insertions(+), 46 deletions(-)
delete mode 100644 src/scripts/update-location-database
create mode 100644 src/scripts/xt_geoip_update
Difference in files:
diff --git a/config/cron/crontab b/config/cron/crontab
index 519554195..56801394e 100644
--- a/config/cron/crontab
+++ b/config/cron/crontab
@@ -60,7 +60,7 @@ HOME=/
00 2 * 10-11 0 /usr/local/bin/timezone-transition /usr/local/bin/firewallctrl
# Update GeoIP database once a month.
-%hourly,random * * * [ -f "/var/ipfire/red/active" ] && /usr/local/bin/update-location-database >/dev/null 2>&1
+%monthly,random * * * [ -f "/var/ipfire/red/active" ] && /usr/local/bin/xt_geoip_update >/dev/null 2>&1
# Retry sending spooled mails regularly
%hourly * /usr/sbin/dma -q
diff --git a/config/rootfiles/common/aarch64/stage2 b/config/rootfiles/common/aarch64/stage2
index 14544ddcc..f4169a44e 100644
--- a/config/rootfiles/common/aarch64/stage2
+++ b/config/rootfiles/common/aarch64/stage2
@@ -107,6 +107,7 @@ usr/local/bin/timecheck
usr/local/bin/timezone-transition
usr/local/bin/update-ids-ruleset
usr/local/bin/update-lang-cache
+usr/local/bin/xt_geoip_update
#usr/local/include
#usr/local/lib
#usr/local/lib/sse2
diff --git a/config/rootfiles/common/stage2 b/config/rootfiles/common/stage2
index c57d252f3..fca540431 100644
--- a/config/rootfiles/common/stage2
+++ b/config/rootfiles/common/stage2
@@ -107,6 +107,7 @@ usr/local/bin/timezone-transition
usr/local/bin/update-lang-cache
usr/local/bin/update-ids-ruleset
usr/local/bin/xt_geoip_build
+usr/local/bin/xt_geoip_update
#usr/local/include
#usr/local/lib
#usr/local/lib/sse2
diff --git a/config/rootfiles/common/x86_64/stage2 b/config/rootfiles/common/x86_64/stage2
index e3832f3ad..cc67837e5 100644
--- a/config/rootfiles/common/x86_64/stage2
+++ b/config/rootfiles/common/x86_64/stage2
@@ -109,6 +109,7 @@ usr/local/bin/timezone-transition
usr/local/bin/update-ids-ruleset
usr/local/bin/update-lang-cache
usr/local/bin/xt_geoip_build
+usr/local/bin/xt_geoip_update
#usr/local/include
#usr/local/lib
#usr/local/lib/sse2
diff --git a/src/scripts/update-location-database b/src/scripts/update-location-database
deleted file mode 100644
index ebed5a095..000000000
--- a/src/scripts/update-location-database
+++ /dev/null
@@ -1,45 +0,0 @@
-#!/bin/bash
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2019 IPFire Development Team <info(a)ipfire.org> #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-
-eval $(/usr/local/bin/readhash /var/ipfire/proxy/settings)
-
-# Proxy settings.
-# Check if a proxy should be used.
-if [[ $UPSTREAM_PROXY ]]; then
- PROXYSETTINGS="https_proxy=http://"
-
- # Check if authentication against the proxy is configured.
- if [[ $UPSTREAM_USER && $UPSTREAM_PASSWORD ]]; then
- PROXYSETTINGS="$PROXYSETTINGS$UPSTREAM_USER:$UPSTREAM_PASSWORD@"
- fi
-
- # Add proxy server.
- PROXYSETTINGS="$PROXYSETTINGS$UPSTREAM_PROXY"
-
- # Export proxy settings.
- export HTTPS_PROXY="$PROXYSETTINGS"
-fi
-
-# Get the latest location database from server.
-/usr/bin/location-downloader update
-
-# Call initscript to reload the firewall.
-/etc/init.d/firewall reload
diff --git a/src/scripts/xt_geoip_update b/src/scripts/xt_geoip_update
new file mode 100644
index 000000000..ebd266533
--- /dev/null
+++ b/src/scripts/xt_geoip_update
@@ -0,0 +1,138 @@
+#!/bin/bash
+###############################################################################
+# #
+# IPFire.org - A linux based firewall #
+# Copyright (C) 2019 IPFire Development Team <info(a)ipfire.org> #
+# #
+# This program is free software: you can redistribute it and/or modify #
+# it under the terms of the GNU General Public License as published by #
+# the Free Software Foundation, either version 3 of the License, or #
+# (at your option) any later version. #
+# #
+# This program is distributed in the hope that it will be useful, #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
+# GNU General Public License for more details. #
+# #
+# You should have received a copy of the GNU General Public License #
+# along with this program. If not, see <http://www.gnu.org/licenses/>. #
+# #
+###############################################################################
+
+TMP_PATH=$(mktemp -dp /var/tmp)
+TMP_FILE=$(mktemp -p $TMP_PATH)
+
+SCRIPT_PATH=/usr/local/bin
+DEST_PATH=/usr/share/xt_geoip
+DB_PATH=/var/lib/GeoIP
+DB1_PATH=/usr/share/GeoIP
+
+DL_URL=https://geolite.maxmind.com/download/geoip/database
+DL_FILE=GeoLite2-Country-CSV.zip
+
+eval $(/usr/local/bin/readhash /var/ipfire/proxy/settings)
+
+function download() {
+ echo "Downloading latest GeoIP ruleset..."
+
+ # Proxy settings.
+ # Check if a proxy should be used.
+ if [[ $UPSTREAM_PROXY ]]; then
+ PROXYSETTINGS="-e https_proxy=http://"
+
+ # Check if authentication against the proxy is configured.
+ if [[ $UPSTREAM_USER && $UPSTREAM_PASSWORD ]]; then
+ PROXYSETTINGS="$PROXYSETTINGS$UPSTREAM_USER:$UPSTREAM_PASSWORD@"
+ fi
+
+ # Add proxy server.
+ PROXYSETTINGS="$PROXYSETTINGS$UPSTREAM_PROXY"
+ fi
+
+ # Get the latest GeoIP database from server.
+ wget $DL_URL/$DL_FILE $PROXYSETTINGS -O $TMP_FILE
+
+ # Extract files to database path.
+ unzip $TMP_FILE -d $TMP_PATH
+
+ return 0
+}
+
+function install() {
+ echo "Install CSV database..."
+
+ # Check if the database dir exists.
+ if [ ! -e "$DB_PATH" ]; then
+ mkdir -p $DB_PATH &>/dev/null
+ fi
+
+ # Check if the directory for binary databases exists.
+ if [ ! -e "$DEST_PATH" ]; then
+ mkdir -p $DEST_PATH &>/dev/null
+ fi
+
+ # Install CSV databases.
+ if ! cp -af $TMP_PATH/*/* $DB_PATH &>/dev/null; then
+ echo "Could not copy files. Aborting." >&2
+ return 1
+ fi
+
+ return 0
+}
+
+function build_legacy() {
+ echo "Convert database to legacy GeoIP.dat ..."
+ cat $DB_PATH/GeoLite2-Country-Blocks-IPv4.csv | \
+ $DB1_PATH/bin/geolite2-to-legacy-csv.sh $DB1_PATH/bin/countryInfo.txt > \
+ $TMP_FILE
+ $DB1_PATH/bin/geoip-generator -v -4 --info="$(date -u +'GEO-106FREE %Y%m%d Build -IPFire-' \
+ -r $DB_PATH/GeoLite2-Country-Blocks-IPv4.csv) $(<$DB_PATH/COPYRIGHT.txt)" -o \
+ $DB1_PATH/GeoIP.dat $TMP_FILE
+
+ return 0
+}
+
+
+function build() {
+ echo "Convert database..."
+
+ # Run script to convert the CSV file into several xtables
+ # compatible binary files.
+ if ! $SCRIPT_PATH/xt_geoip_build -S $DB_PATH -D $DEST_PATH; then
+ echo "Could not convert ruleset. Aborting." >&2
+ return 1
+ fi
+
+ return 0
+}
+
+function cleanup() {
+ echo "Cleaning up temporary files..."
+ if ! rm -rf $TMP_PATH &>/dev/null; then
+ echo "Could not remove files. Aborting." >&2
+ return 1
+ fi
+
+ return 0
+}
+
+function main() {
+ local func
+ for func in download install build build_legacy; do
+ if ! ${func}; then
+ # Cleanup any temporary data
+ cleanup
+
+ return 1
+ fi
+ done
+
+ # Cleanup
+ cleanup || return $?
+
+ # All done
+ return 0
+}
+
+# Run the main function.
+main || exit $?
hooks/post-receive
--
IPFire 2.x development tree
reply other threads:[~2020-01-16 6:59 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=47yw6Q4VBzz2yDC@people01.haj.ipfire.org \
--to=git@ipfire.org \
--cc=ipfire-scm@lists.ipfire.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox