[package] add ostiary package
This patch adds the Ostiary package to the repository. I've tested this on the latest build (revision 31158). Installation, un-installation and ostiaryd.init script all seem to work correctly. A bit of background, Ostiary has a similar purpose to Port Knocking but uses a different implementation that removes the possibility of replay attacks. Not everyone will view it as suitable for their needs, but for me combined with ssh I feel it is more than sufficient. I suppose for the super paranoid admin, the perfect system would be a package that uses the approach of port knocking via a closed port that is combined with an ostiary style signature challenge. Anyhow, I have created quickstart documentation for the server and client at "http://wiki.openwrt.org/doc/howto/ostiary.server" and "http://wiki.openwrt.org/doc/howto/ostiary.client". Signed-off-by: Desmond Hokin <Salander@gmx.u> git-svn-id: svn://svn.openwrt.org/openwrt/packages@33167 3c298f89-4303-0410-b956-a3cf2f4a3e73
This commit is contained in:
parent
9e22456b41
commit
95428a6d3a
88
admin/ostiary/Makefile
Normal file
88
admin/ostiary/Makefile
Normal file
@ -0,0 +1,88 @@
|
||||
#
|
||||
# Copyright (C) 2008-2011 OpenWrt.org
|
||||
#
|
||||
# This is free software, licensed under the GNU General Public License v2.
|
||||
# See /LICENSE for more information.
|
||||
#
|
||||
|
||||
include $(TOPDIR)/rules.mk
|
||||
|
||||
PKG_NAME:=ostiary
|
||||
PKG_VERSION:=4.0
|
||||
PKG_RELEASE:=1
|
||||
|
||||
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
|
||||
PKG_SOURCE_URL:=http://ingles.homeunix.net/software/ost/latest/
|
||||
PKG_MD5SUM:=420d1fda246097d7e4d1277f39069578
|
||||
|
||||
include $(INCLUDE_DIR)/package.mk
|
||||
|
||||
define Package/ostiary
|
||||
SECTION:=admin
|
||||
CATEGORY:=Administration
|
||||
TITLE:=Simple, Secure Remote Script Execution
|
||||
URL:=http://ingles.homeunix.net/software/ost/index.html
|
||||
endef
|
||||
|
||||
define Package/ostiary/description
|
||||
Designed to allow you to run a fixed set of commands remotely,
|
||||
without giving everyone else access to the same commands.
|
||||
|
||||
Provides - ostiaryd daemon (~25kb)
|
||||
- ostclient (~9kb)
|
||||
endef
|
||||
|
||||
EXTRA_CFLAGS += $(TARGET_CPPFLAGS)
|
||||
|
||||
CONFIGURE_ARGS += \
|
||||
--prefix="/usr/bin" \
|
||||
--sysconfdir="/etc/ostiaryd" \
|
||||
CFLAGS="$(TARGET_CFLAGS) $(EXTRA_CFLAGS)"
|
||||
|
||||
define Build/Compile
|
||||
$(MAKE) -C $(PKG_BUILD_DIR) \
|
||||
DESTDIR="$(PKG_INSTALL_DIR)" \
|
||||
INSTALL_OPTS="" \
|
||||
STRIP="" \
|
||||
ostiaryd ostclient
|
||||
endef
|
||||
|
||||
define Package/ostiary/install
|
||||
$(INSTALL_DIR) $(1)/etc/ostiaryd
|
||||
$(INSTALL_CONF) $(PKG_BUILD_DIR)/tests/ostiary.cfg $(1)/etc/ostiaryd/ostiary.cfg
|
||||
$(INSTALL_DIR) $(1)/etc/ostiaryd/scripts
|
||||
$(INSTALL_BIN) ./files/{ssh_enable,ssh_disable} $(1)/etc/ostiaryd/scripts
|
||||
$(INSTALL_DIR) $(1)/etc/init.d/
|
||||
$(INSTALL_BIN) ./files/ostiaryd.init $(1)/etc/init.d/ostiaryd
|
||||
$(INSTALL_DIR) $(1)/usr/bin
|
||||
$(INSTALL_BIN) $(PKG_BUILD_DIR)/{ostiaryd,ostclient} $(1)/usr/bin/
|
||||
endef
|
||||
|
||||
|
||||
|
||||
|
||||
define Package/ostiary/postinst
|
||||
#!/bin/sh
|
||||
# check if we are on real system
|
||||
if [ -z "$${IPKG_INSTROOT}" ]; then
|
||||
echo "Enabling rc.d symlink for ostiaryd"
|
||||
/etc/init.d/ostiaryd enable
|
||||
fi
|
||||
exit 0
|
||||
endef
|
||||
|
||||
define Package/ostiary/prerm
|
||||
#!/bin/sh
|
||||
# check if we are on real system
|
||||
if [ -z "$${IPKG_INSTROOT}" ]; then
|
||||
/etc/init.d/ostiaryd stop
|
||||
echo "Removing rc.d symlink for ostiaryd"
|
||||
/etc/init.d/ostiaryd disable
|
||||
echo "Any config backups and scripts you created are not removed automatically."
|
||||
echo "To finish cleanup, backup any files you want to keep, then run rm -f /etc/ostiaryd"
|
||||
fi
|
||||
exit 0
|
||||
endef
|
||||
|
||||
|
||||
$(eval $(call BuildPackage,ostiary))
|
27
admin/ostiary/files/ostiaryd.init
Normal file
27
admin/ostiary/files/ostiaryd.init
Normal file
@ -0,0 +1,27 @@
|
||||
#!/bin/sh /etc/rc.common
|
||||
# Copyright (C) 2008-2012 OpenWrt.org
|
||||
|
||||
START=85
|
||||
MYSERVICE=ostiaryd
|
||||
|
||||
|
||||
start() {
|
||||
echo starting $MYSERVICE...
|
||||
/usr/bin/$MYSERVICE
|
||||
sleep 1
|
||||
echo done
|
||||
}
|
||||
|
||||
stop() {
|
||||
|
||||
if ps ax | grep -v grep | grep -v rc.common | grep $MYSERVICE> /dev/null
|
||||
then
|
||||
echo "stopping $MYSERVICE..."
|
||||
pkill -9 $MYSERVICE
|
||||
sleep 1
|
||||
echo done
|
||||
else
|
||||
echo "$MYSERVICE is not running"
|
||||
fi
|
||||
}
|
||||
|
4
admin/ostiary/files/ssh_disable
Normal file
4
admin/ostiary/files/ssh_disable
Normal file
@ -0,0 +1,4 @@
|
||||
#!/bin/sh
|
||||
|
||||
logger Ostiary is dis-abling SSH
|
||||
iptables -D zone_wan -p tcp --dport 22001 -j ACCEPT
|
4
admin/ostiary/files/ssh_enable
Normal file
4
admin/ostiary/files/ssh_enable
Normal file
@ -0,0 +1,4 @@
|
||||
#!/bin/sh
|
||||
|
||||
logger Ostiary is enabling SSH
|
||||
iptables -I zone_wan -p tcp --dport 22001 -j ACCEPT
|
Loading…
x
Reference in New Issue
Block a user