diff options
author | zsdc <taras@vyos.io> | 2023-09-28 14:58:47 +0300 |
---|---|---|
committer | Christian Breunig <christian@breunig.cc> | 2023-09-28 21:03:36 +0200 |
commit | 4b12762864fb6f4ba06dd8c62d633ab9352c075c (patch) | |
tree | 1dcc7d0c90c58692f426da85e42016c5005f5e9c | |
parent | d40bba0e8a585a6dd0e2ef352f37ab8da79cf2c7 (diff) | |
download | vyos-build-4b12762864fb6f4ba06dd8c62d633ab9352c075c.tar.gz vyos-build-4b12762864fb6f4ba06dd8c62d633ab9352c075c.zip |
pmacct: T5618: Added build rules for custom pmacct package
The current version of pmacct in Debian (`1.7.7-1`) contains the bug which leads
to a crash when IMT is enabled and ICMP traffic is forwarded through a router.
This commit adds our build with an extra patch, which solves the problem:
https://github.com/pmacct/pmacct/commit/73af9545ea33cd87846306f648f634063ac41765
(cherry picked from commit d5f6445381c44a99459f45e74b792e250d727f44)
-rw-r--r-- | packages/pmacct/Jenkinsfile | 33 | ||||
-rwxr-xr-x | packages/pmacct/build.py | 49 | ||||
-rw-r--r-- | packages/pmacct/patches/0001-fix-pmacctd-SEGV-when-ICMP-ICMPv6-traffic-was-proces.patch | 49 |
3 files changed, 131 insertions, 0 deletions
diff --git a/packages/pmacct/Jenkinsfile b/packages/pmacct/Jenkinsfile new file mode 100644 index 00000000..9b7e8c3e --- /dev/null +++ b/packages/pmacct/Jenkinsfile @@ -0,0 +1,33 @@ +// Copyright (C) 2023 VyOS maintainers and contributors +// +// This program is free software; you can redistribute it and/or modify +// in order to easy exprort images built to "external" world +// it under the terms of the GNU General Public License version 2 or later as +// published by the Free Software Foundation. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License +// along with this program. If not, see <http://www.gnu.org/licenses/>. + +@NonCPS + +// Using a version specifier library, use 'current' branch. The underscore (_) +// is not a typo! You need this underscore if the line immediately after the +// @Library annotation is not an import statement! +@Library('vyos-build@current')_ + +def package_name = 'pmacct' + +def pkgList = [ + ['name': "${package_name}", + 'scmCommit': 'debian/1.7.7-1', + 'scmUrl': 'https://salsa.debian.org/debian/pmacct.git', + 'buildCmd': "../build.py"], +] + +// Start package build using library function from https://github.com/vyos/vyos-build +buildPackage("${package_name}", pkgList, null, true, "**/packages/pmacct/**") diff --git a/packages/pmacct/build.py b/packages/pmacct/build.py new file mode 100755 index 00000000..2445eb12 --- /dev/null +++ b/packages/pmacct/build.py @@ -0,0 +1,49 @@ +#!/usr/bin/env python3 + +from pathlib import Path +from shutil import copy as copy_file +from subprocess import run + + +# copy patches +def apply_deb_patches() -> None: + """Apply patches to sources directory + """ + patches_dir = Path('../patches') + current_dir: str = Path.cwd().as_posix() + if patches_dir.exists(): + patches_list = list(patches_dir.iterdir()) + patches_list.sort() + series_file = Path(f'{current_dir}/debian/patches/series') + series_data = '' + for patch_file in patches_list: + print(f'Applying patch: {patch_file.name}') + copy_file(patch_file, f'{current_dir}/debian/patches/') + if series_file.exists(): + series_data: str = series_file.read_text() + series_data = f'{series_data}\n{patch_file.name}' + series_file.write_text(series_data) + + +def build_package() -> bool: + """Build a package + + Returns: + bool: build status + """ + build_cmd: list[str] = ['dpkg-buildpackage', '-uc', '-us', '-tc', '-b'] + build_status: int = run(build_cmd).returncode + + if not build_status: + return False + return True + + +# build a package +if __name__ == '__main__': + apply_deb_patches() + + if not build_package(): + exit(1) + + exit() diff --git a/packages/pmacct/patches/0001-fix-pmacctd-SEGV-when-ICMP-ICMPv6-traffic-was-proces.patch b/packages/pmacct/patches/0001-fix-pmacctd-SEGV-when-ICMP-ICMPv6-traffic-was-proces.patch new file mode 100644 index 00000000..cb5f7399 --- /dev/null +++ b/packages/pmacct/patches/0001-fix-pmacctd-SEGV-when-ICMP-ICMPv6-traffic-was-proces.patch @@ -0,0 +1,49 @@ +From 58900c9d0f98f224577c28dc2323061d33823f39 Mon Sep 17 00:00:00 2001 +From: Paolo Lucente <pl+github@pmacct.net> +Date: Fri, 4 Mar 2022 22:07:29 +0000 +Subject: [PATCH] * fix, pmacctd: SEGV when ICMP/ICMPv6 traffic was processed + and 'flows' primitive was enabled. To address Issue #586 + +--- + src/nl.c | 12 +++--------- + 1 file changed, 3 insertions(+), 9 deletions(-) + +diff --git a/src/nl.c b/src/nl.c +index c42689ed..6a3da94b 100644 +--- a/src/nl.c ++++ b/src/nl.c +@@ -1,6 +1,6 @@ + /* + pmacct (Promiscuous mode IP Accounting package) +- pmacct is Copyright (C) 2003-2021 by Paolo Lucente ++ pmacct is Copyright (C) 2003-2022 by Paolo Lucente + */ + + /* +@@ -293,10 +293,7 @@ int ip_handler(register struct packet_ptrs *pptrs) + } + } + else { +- if (pptrs->l4_proto != IPPROTO_ICMP) { +- pptrs->tlh_ptr = dummy_tlhdr; +- } +- ++ pptrs->tlh_ptr = dummy_tlhdr; + if (off < caplen) pptrs->payload_ptr = ptr; + } + +@@ -479,10 +476,7 @@ int ip6_handler(register struct packet_ptrs *pptrs) + } + } + else { +- if (pptrs->l4_proto != IPPROTO_ICMPV6) { +- pptrs->tlh_ptr = dummy_tlhdr; +- } +- ++ pptrs->tlh_ptr = dummy_tlhdr; + if (off < caplen) pptrs->payload_ptr = ptr; + } + +-- +2.34.1 + |