From 38042f0add2a9a39e4001826dddc4dc241ef0aba Mon Sep 17 00:00:00 2001 From: Yury Martynov Date: Sat, 11 May 2019 22:41:18 +0300 Subject: [PATCH] udp2raw-tunnel: minor changes --- net-vpn/udp2raw-tunnel/files/man/udp2raw.1 | 133 ++++++++++++++++++ .../udp2raw-tunnel/files/udp2raw-daemon.confd | 2 +- .../udp2raw-tunnel/files/udp2raw-daemon.initd | 4 +- .../files/udp2raw-daemon.logrotated | 8 ++ .../udp2raw-tunnel-20181113.0.ebuild | 71 +--------- .../udp2raw-tunnel-99999999.ebuild | 7 +- 6 files changed, 150 insertions(+), 75 deletions(-) create mode 100644 net-vpn/udp2raw-tunnel/files/man/udp2raw.1 create mode 100644 net-vpn/udp2raw-tunnel/files/udp2raw-daemon.logrotated mode change 100644 => 120000 net-vpn/udp2raw-tunnel/udp2raw-tunnel-20181113.0.ebuild diff --git a/net-vpn/udp2raw-tunnel/files/man/udp2raw.1 b/net-vpn/udp2raw-tunnel/files/man/udp2raw.1 new file mode 100644 index 000000000..9cd6a551a --- /dev/null +++ b/net-vpn/udp2raw-tunnel/files/man/udp2raw.1 @@ -0,0 +1,133 @@ +.\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.47.6. +.TH [2019-05-11 "1" "May 2019" "[2019-05-11 22:22:42][INFO]argc=2 ./udp2raw --version " "User Commands" +.SH NAME +[2019-05-11 \- manual page for [2019-05-11 22:22:42][INFO]argc=2 ./udp2raw --version  +.SH DESCRIPTION +udp2raw\-tunnel +git version:0137dba1fd build date:May 11 2019 22:20:49 +repository: https://github.com/wangyu\-/udp2raw\-tunnel +.SS "usage:" +.TP +run as client : ./this_program \fB\-c\fR \fB\-l\fR local_listen_ip:local_port \fB\-r\fR server_address:server_port +[options] +.TP +run as server : ./this_program \fB\-s\fR \fB\-l\fR server_listen_ip:server_port \fB\-r\fR remote_address:remote_port +[options] +.SS "common options,these options must be same on both side:" +.TP +\fB\-\-raw\-mode\fR + avaliable values:faketcp(default),udp,icmp +.TP +\fB\-k\fR,\-\-key + password to gen symetric key,default:"secret key" +.TP +\fB\-\-cipher\-mode\fR + avaliable values:aes128cfb,aes128cbc(default),xor,none +.TP +\fB\-\-auth\-mode\fR + avaliable values:hmac_sha1,md5(default),crc32,simple,none +.TP +\fB\-a\fR,\-\-auto\-rule +auto add (and delete) iptables rule +.TP +\fB\-g\fR,\-\-gen\-rule +generate iptables rule then exit,so that you can copy and +add it manually.overrides \fB\-a\fR +.TP +\fB\-\-disable\-anti\-replay\fR +disable anti\-replay,not suggested +.SS "client options:" +.TP +\fB\-\-source\-ip\fR + force source\-ip for raw socket +.TP +\fB\-\-source\-port\fR + force source\-port for raw socket,tcp/udp only +this option disables port changing while re\-connecting +.SS "other options:" +.TP +\fB\-\-conf\-file\fR + read options from a configuration file instead of command line. +check example.conf in repo for format +.TP +\fB\-\-fifo\fR + use a fifo(named pipe) for sending commands to the running program, +check readme.md in repository for supported commands. +.TP +\fB\-\-log\-level\fR + 0:never 1:fatal 2:error 3:warn +4:info (default) 5:debug 6:trace +.TP +\fB\-\-log\-position\fR +enable file name,function name,line number in log +.TP +\fB\-\-disable\-color\fR +disable log color +.TP +\fB\-\-disable\-bpf\fR +disable the kernel space filter,most time its not necessary +unless you suspect there is a bug +.TP +\fB\-\-dev\fR + bind raw socket to a device, not necessary but improves performance +.TP +\fB\-\-sock\-buf\fR + buf size for socket,>=10 and <=10240,unit:kbyte,default:1024 +.TP +\fB\-\-force\-sock\-buf\fR +bypass system limitation while setting sock\-buf +.TP +\fB\-\-seq\-mode\fR + seq increase mode for faketcp: +0:static header,do not increase seq and ack_seq +1:increase seq for every packet,simply ack last seq +2:increase seq randomly, about every 3 packets,simply ack last seq +3:simulate an almost real seq/ack procedure(default) +4:similiar to 3,but do not consider TCP Option Window_Scale, +maybe useful when firewall doesnt support TCP Option +.TP +\fB\-\-lower\-level\fR + send packets at OSI level 2, format:'if_name#dest_mac_adress' +ie:'eth0#00:23:45:67:89:b9'.or try '\-\-lower\-level auto' to obtain +the parameter automatically,specify it manually if 'auto' failed +.TP +\fB\-\-wait\-lock\fR +wait for xtables lock while invoking iptables, need iptables v1.4.20+ +.TP +\fB\-\-gen\-add\fR +generate iptables rule and add it permanently,then exit.overrides \fB\-g\fR +.TP +\fB\-\-keep\-rule\fR +monitor iptables and auto re\-add if necessary.implys \fB\-a\fR +.TP +\fB\-\-hb\-len\fR + length of heart\-beat packet, >=0 and <=1500 +.TP +\fB\-\-mtu\-warn\fR + mtu warning threshold, unit:byte, default:1375 +.TP +\fB\-\-clear\fR +clear any iptables rules added by this program.overrides everything +.TP +\fB\-\-retry\-on\-error\fR +retry on error, allow to start udp2raw before network is initialized +.TP +\fB\-h\fR,\-\-help +print this help message +.PP + +.PP +[2019\-05\-11 22:22:42][FATAL]invaild option \fB\-\-version\fR + +.SH "SEE ALSO" +The full documentation for +.B [2019-05-11 +is maintained as a Texinfo manual. If the +.B info +and +.B [2019-05-11 +programs are properly installed at your site, the command +.IP +.B info [2019-05-11 +.PP +should give you access to the complete manual. diff --git a/net-vpn/udp2raw-tunnel/files/udp2raw-daemon.confd b/net-vpn/udp2raw-tunnel/files/udp2raw-daemon.confd index 1a138198c..c66a42afb 100644 --- a/net-vpn/udp2raw-tunnel/files/udp2raw-daemon.confd +++ b/net-vpn/udp2raw-tunnel/files/udp2raw-daemon.confd @@ -1,6 +1,6 @@ # /etc/conf.d/udp2raw-daemon: config file for /etc/init.d/udp2raw-daemon -# Server side configuration (needs to be absolute path) +# Client/Server side configuration (needs to be absolute path) #UDP2RAW_CONFIGFILE="/etc/udp2raw/example.conf" # Path to log file (needs to be absolute path) diff --git a/net-vpn/udp2raw-tunnel/files/udp2raw-daemon.initd b/net-vpn/udp2raw-tunnel/files/udp2raw-daemon.initd index dcdfba8b0..41f6e17a4 100644 --- a/net-vpn/udp2raw-tunnel/files/udp2raw-daemon.initd +++ b/net-vpn/udp2raw-tunnel/files/udp2raw-daemon.initd @@ -59,7 +59,7 @@ _update_ipt_rule() { } checkconfig() { - if [ ! -e "${UDP2RAW_CONFIGFILE}" ] ; then + if ! [ -f "${UDP2RAW_CONFIGFILE}" ] ; then eerror "You need an /etc/udp2raw/*.conf file to run udp2raw" eerror "There is a sample file in /usr/share/doc/udp2raw-tunnel-*" return 1 @@ -67,7 +67,7 @@ checkconfig() { if ! [ -f "${UDP2RAW_LOGFILE}" ]; then touch "${UDP2RAW_LOGFILE}" \ - && chmod 0660 "${UDP2RAW_LOGFILE}" \ + && chmod 0660 "${UDP2RAW_LOGFILE}" > /dev/null 2>&1 \ && chown ${USER}:${GROUP} "${UDP2RAW_LOGFILE}" > /dev/null 2>&1 \ || eerror "Failed to create: ${UDP2RAW_LOGFILE}" fi diff --git a/net-vpn/udp2raw-tunnel/files/udp2raw-daemon.logrotated b/net-vpn/udp2raw-tunnel/files/udp2raw-daemon.logrotated new file mode 100644 index 000000000..64b063d36 --- /dev/null +++ b/net-vpn/udp2raw-tunnel/files/udp2raw-daemon.logrotated @@ -0,0 +1,8 @@ +/var/log/udp2raw.log { + compress + daily + rotate 4 + notifempty + missingok + nocreate +} diff --git a/net-vpn/udp2raw-tunnel/udp2raw-tunnel-20181113.0.ebuild b/net-vpn/udp2raw-tunnel/udp2raw-tunnel-20181113.0.ebuild deleted file mode 100644 index 1e87ff9b6..000000000 --- a/net-vpn/udp2raw-tunnel/udp2raw-tunnel-20181113.0.ebuild +++ /dev/null @@ -1,70 +0,0 @@ -# Copyright 1999-2019 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 - -inherit git-r3 fcaps flag-o-matic toolchain-funcs - -DESCRIPTION="A tunnel which turns UDP traffic into encrypted FakeTCP/UDP/ICMP traffic" -HOMEPAGE="https://github.com/wangyu-/udp2raw-tunnel" -SRC_URI="" - -EGIT_REPO_URI="https://github.com/wangyu-/udp2raw-tunnel" -if [[ ${PV} != *9999 ]]; then - EGIT_COMMIT="${PV}" - KEYWORDS="~amd64 ~arm ~x86" -fi - -LICENSE="MIT" -RESTRICT="mirror" -SLOT="0" -IUSE="cpu_flags_x86_aes doc" - -DEPEND="" -RDEPEND="${DEPEND} - net-firewall/iptables" - -src_prepare() { - # Disable optimisation flags and remove prefixes of exec files - sed -e 's/ -O[0-3a-z]*//' \ - -e 's/\${NAME}_[a-zA-Z0-9\$@]*/\${NAME}/' \ - -e 's/ -static//' \ - -e "s/\${cc_[a-zA-Z0-9_]*}/$(tc-getCXX)/" \ - -i makefile || die 'sed failed!' - - eapply_user -} - -src_compile() { - append-cxxflags -Wa,--noexecstack - emake OPT="${CXXFLAGS}" \ - $(use cpu_flags_x86_aes && use amd64 && echo amd64_hw_aes) \ - $(use arm && echo arm_asm_aes) \ - $(use x86 && echo x86_asm_aes) -} - -src_install() { - local exec_name=${PN%-tunnel} - - insinto "/etc/${exec_name}" - fowners root:nobody "/etc/${exec_name}" - fperms 750 "/etc/${exec_name}" - doins example.conf - - newinitd "${FILESDIR}"/udp2raw-daemon.initd udp2raw-daemon - newconfd "${FILESDIR}"/udp2raw-daemon.confd udp2raw-daemon - - dodoc -r $(use doc && echo 'images doc/*') README.md example.conf Dockerfile - dobin ${exec_name} -} - -pkg_postinst() { - fcaps cap_net_raw+ep /usr/bin/${PN%-tunnel} - - if ! use cpu_flags_x86_aes && use amd64; then - ewarn "Please add CPU_FLAGS_X86=\"aes\" to /etc/portage/make.conf" - ewarn "if your CPU support the AES instruction. Just run:" - ewarn " ~# emerge -uDN @world" - fi - elog "\nSee documentation: https://github.com/wangyu-/udp2raw-tunnel#getting-started\n" -} diff --git a/net-vpn/udp2raw-tunnel/udp2raw-tunnel-20181113.0.ebuild b/net-vpn/udp2raw-tunnel/udp2raw-tunnel-20181113.0.ebuild new file mode 120000 index 000000000..8a6e8dc02 --- /dev/null +++ b/net-vpn/udp2raw-tunnel/udp2raw-tunnel-20181113.0.ebuild @@ -0,0 +1 @@ +udp2raw-tunnel-99999999.ebuild \ No newline at end of file diff --git a/net-vpn/udp2raw-tunnel/udp2raw-tunnel-99999999.ebuild b/net-vpn/udp2raw-tunnel/udp2raw-tunnel-99999999.ebuild index 1e87ff9b6..691943795 100644 --- a/net-vpn/udp2raw-tunnel/udp2raw-tunnel-99999999.ebuild +++ b/net-vpn/udp2raw-tunnel/udp2raw-tunnel-99999999.ebuild @@ -7,7 +7,6 @@ inherit git-r3 fcaps flag-o-matic toolchain-funcs DESCRIPTION="A tunnel which turns UDP traffic into encrypted FakeTCP/UDP/ICMP traffic" HOMEPAGE="https://github.com/wangyu-/udp2raw-tunnel" -SRC_URI="" EGIT_REPO_URI="https://github.com/wangyu-/udp2raw-tunnel" if [[ ${PV} != *9999 ]]; then @@ -16,7 +15,6 @@ if [[ ${PV} != *9999 ]]; then fi LICENSE="MIT" -RESTRICT="mirror" SLOT="0" IUSE="cpu_flags_x86_aes doc" @@ -54,7 +52,11 @@ src_install() { newinitd "${FILESDIR}"/udp2raw-daemon.initd udp2raw-daemon newconfd "${FILESDIR}"/udp2raw-daemon.confd udp2raw-daemon + insinto /etc/logrotate.d + newins "${FILESDIR}"/udp2raw-daemon.logrotated udp2raw-daemon + dodoc -r $(use doc && echo 'images doc/*') README.md example.conf Dockerfile + doman "${FILESDIR}"/man/udp2raw.1 dobin ${exec_name} } @@ -66,5 +68,6 @@ pkg_postinst() { ewarn "if your CPU support the AES instruction. Just run:" ewarn " ~# emerge -uDN @world" fi + elog "\nSee documentation: https://github.com/wangyu-/udp2raw-tunnel#getting-started\n" }