diff options
Diffstat (limited to 'contrib/package/freifunk-p2pblock')
3 files changed, 0 insertions, 149 deletions
diff --git a/contrib/package/freifunk-p2pblock/Makefile b/contrib/package/freifunk-p2pblock/Makefile deleted file mode 100644 index df7bd9b635..0000000000 --- a/contrib/package/freifunk-p2pblock/Makefile +++ /dev/null @@ -1,48 +0,0 @@ -# -# Copyright (C) 2009 Andreas Seidler <tetzlav@subsignal.org> -# Copyright (C) 2012 Jo-Philipp Wich <jow@openwrt.org> -# -# This is free software, licensed under the GNU General Public License v2. -# See /LICENSE for more information. -# - -include $(TOPDIR)/rules.mk - -PKG_NAME:=freifunk-p2pblock -PKG_RELEASE:=3 - -PKG_BUILD_DIR := $(BUILD_DIR)/$(PKG_NAME) - -include $(INCLUDE_DIR)/package.mk - -define Package/freifunk-p2pblock - SECTION:=luci - CATEGORY:=LuCI - SUBMENU:=9. Freifunk - TITLE:=Freifunk p2pblock Addon - DEPENDS:=+iptables-mod-filter +iptables-mod-ipp2p +l7-protocols +iptables-mod-conntrack-extra @BROKEN -endef - -define Package/freifunk-p2pblock/description - Simple Addon for Freifunk which use iptables layer7-, ipp2p- and recent-modules - to block p2p/filesharing traffic -endef - -define Build/Prepare - mkdir -p $(PKG_BUILD_DIR) -endef - -define Build/Configure -endef - -define Build/Compile -endef - -define Package/freifunk-p2pblock/install - $(INSTALL_DIR) $(1)/etc/init.d - $(INSTALL_BIN) ./files/freifunk-p2pblock.init $(1)/etc/init.d/freifunk-p2pblock - $(INSTALL_DIR) $(1)/etc/config - $(INSTALL_DATA) ./files/freifunk-p2pblock.config $(1)/etc/config/freifunk_p2pblock -endef - -$(eval $(call BuildPackage,freifunk-p2pblock)) diff --git a/contrib/package/freifunk-p2pblock/files/freifunk-p2pblock.config b/contrib/package/freifunk-p2pblock/files/freifunk-p2pblock.config deleted file mode 100644 index 291260e370..0000000000 --- a/contrib/package/freifunk-p2pblock/files/freifunk-p2pblock.config +++ /dev/null @@ -1,6 +0,0 @@ -config 'settings' 'p2pblock' - option 'portrange' '1024:65535' - option 'layer7' 'edonkey bittorrent fasttrack' - option 'ipp2p' 'edk dc kazaa gnu bit ares soul winmx apple' - option 'blocktime' '60' - option 'whitelist' '' diff --git a/contrib/package/freifunk-p2pblock/files/freifunk-p2pblock.init b/contrib/package/freifunk-p2pblock/files/freifunk-p2pblock.init deleted file mode 100644 index 5ca60c8916..0000000000 --- a/contrib/package/freifunk-p2pblock/files/freifunk-p2pblock.init +++ /dev/null @@ -1,95 +0,0 @@ -#!/bin/sh /etc/rc.common - -START=82 -ME="freifunk-p2pblock" -LOCK='/var/run/p2pblock.lock' - -# helper-scripts -ipt_add() { - logger -t "$ME" "set 'iptables -I $1'" - iptables -I $1 - echo "iptables -D $1" >> $LOCK -} - -start() { - /etc/init.d/freifunk-p2pblock enabled || return - - if [ ! -s "$LOCK" ]; then - logger -s -t "$ME" 'starting p2pblock...' - - config_load network - config_get wan wan ifname - - if [ -n "$wan" ]; then - config_load freifunk_p2pblock - config_get layer7 p2pblock layer7 - config_get ipp2p p2pblock ipp2p - config_get portrange p2pblock portrange - config_get blocktime p2pblock blocktime - config_get whitelist p2pblock whitelist - - # load modules - insmod ipt_ipp2p 2>&- - insmod ipt_layer7 2>&- - insmod ipt_recent ip_list_tot=400 ip_pkt_list_tot=3 2>&- - - # create new p2p-chain - iptables -N p2pblock - # pipe all incoming FORWARD with source-/destination-port 1024-65535 throu p2p-chain - ipt_add "FORWARD -i $wan -p tcp --sport $portrange --dport $portrange -j p2pblock" - ipt_add "FORWARD -i $wan -p udp --sport $portrange --dport $portrange -j p2pblock" - - # if p2p-traffic blocked 3 packages to a destination ip then block all traffic within the next 180 sec (port 1024-65535) - ipt_add "p2pblock -m recent --rdest --rcheck --name P2PBLOCK --seconds $blocktime --hitcount 3 -j DROP" - ipt_add "p2pblock -m recent --rdest --rcheck --name P2PBLOCK --seconds $blocktime --hitcount 3 -m limit --limit 1/minute -j LOG --log-prefix P2PBLOCK-DROP:" - - # create layer7-rules - for proto in $layer7; do - ipt_add "p2pblock -m layer7 --l7proto $proto -m recent --rdest --set --name P2PBLOCK" - ipt_add "p2pblock -m layer7 --l7proto $proto -m limit --limit 1/minute -j LOG --log-prefix P2PBLOCK-seen-$proto:" - done - - # create ipp2p-rules - for proto in $ipp2p; do - ipt_add "p2pblock -m ipp2p --$proto -m recent --rdest --set --name P2PBLOCK" - ipt_add "p2pblock -m ipp2p --$proto -m limit --limit 1/minute -j LOG --log-prefix P2PBLOCK-seen-$proto:" - done - - # insert whitelisted ips - for ip in $whitelist; do - ipt_add "p2pblock -d $ip -j RETURN" - done - - logger -s -t "$ME" 'Done.'; return 0 - else - logger -s -t "$ME" 'No wan interface present.'; return 0 - fi - else - logger -s -t "$ME" 'WARNING! already running - Aborting!'; return 2 - fi -} - -stop() { - if [ -s "$LOCK" ]; then - logger -s -t "$ME" 'stopping p2pblock...' - - # unset all rules in $LOCK-file - cat $LOCK | sed -ne '1!G;h;$p' | while read line; do - logger -t "$ME" "unset $line" - while eval $line 2>&-; do :; done - done; : > "$LOCK" - - # flush and delete the p2p-chain - iptables -F p2pblock - iptables -X p2pblock - logger -s -t "$ME" 'Done.'; return 0 - - else - logger -s -t "$ME" 'WARNING! not running - Aborting!'; return 2 - - fi -} - -restart() { - stop; sleep 1; start -} |