summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorzsdc <taras@vyos.io>2023-09-28 14:58:47 +0300
committerChristian Breunig <christian@breunig.cc>2023-09-28 21:03:36 +0200
commit4b12762864fb6f4ba06dd8c62d633ab9352c075c (patch)
tree1dcc7d0c90c58692f426da85e42016c5005f5e9c
parentd40bba0e8a585a6dd0e2ef352f37ab8da79cf2c7 (diff)
downloadvyos-build-4b12762864fb6f4ba06dd8c62d633ab9352c075c.tar.gz
vyos-build-4b12762864fb6f4ba06dd8c62d633ab9352c075c.zip
pmacct: T5618: Added build rules for custom pmacct package
The current version of pmacct in Debian (`1.7.7-1`) contains the bug which leads to a crash when IMT is enabled and ICMP traffic is forwarded through a router. This commit adds our build with an extra patch, which solves the problem: https://github.com/pmacct/pmacct/commit/73af9545ea33cd87846306f648f634063ac41765 (cherry picked from commit d5f6445381c44a99459f45e74b792e250d727f44)
-rw-r--r--packages/pmacct/Jenkinsfile33
-rwxr-xr-xpackages/pmacct/build.py49
-rw-r--r--packages/pmacct/patches/0001-fix-pmacctd-SEGV-when-ICMP-ICMPv6-traffic-was-proces.patch49
3 files changed, 131 insertions, 0 deletions
diff --git a/packages/pmacct/Jenkinsfile b/packages/pmacct/Jenkinsfile
new file mode 100644
index 00000000..9b7e8c3e
--- /dev/null
+++ b/packages/pmacct/Jenkinsfile
@@ -0,0 +1,33 @@
+// Copyright (C) 2023 VyOS maintainers and contributors
+//
+// This program is free software; you can redistribute it and/or modify
+// in order to easy exprort images built to "external" world
+// it under the terms of the GNU General Public License version 2 or later as
+// published by the Free Software Foundation.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License
+// along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+@NonCPS
+
+// Using a version specifier library, use 'current' branch. The underscore (_)
+// is not a typo! You need this underscore if the line immediately after the
+// @Library annotation is not an import statement!
+@Library('vyos-build@current')_
+
+def package_name = 'pmacct'
+
+def pkgList = [
+ ['name': "${package_name}",
+ 'scmCommit': 'debian/1.7.7-1',
+ 'scmUrl': 'https://salsa.debian.org/debian/pmacct.git',
+ 'buildCmd': "../build.py"],
+]
+
+// Start package build using library function from https://github.com/vyos/vyos-build
+buildPackage("${package_name}", pkgList, null, true, "**/packages/pmacct/**")
diff --git a/packages/pmacct/build.py b/packages/pmacct/build.py
new file mode 100755
index 00000000..2445eb12
--- /dev/null
+++ b/packages/pmacct/build.py
@@ -0,0 +1,49 @@
+#!/usr/bin/env python3
+
+from pathlib import Path
+from shutil import copy as copy_file
+from subprocess import run
+
+
+# copy patches
+def apply_deb_patches() -> None:
+ """Apply patches to sources directory
+ """
+ patches_dir = Path('../patches')
+ current_dir: str = Path.cwd().as_posix()
+ if patches_dir.exists():
+ patches_list = list(patches_dir.iterdir())
+ patches_list.sort()
+ series_file = Path(f'{current_dir}/debian/patches/series')
+ series_data = ''
+ for patch_file in patches_list:
+ print(f'Applying patch: {patch_file.name}')
+ copy_file(patch_file, f'{current_dir}/debian/patches/')
+ if series_file.exists():
+ series_data: str = series_file.read_text()
+ series_data = f'{series_data}\n{patch_file.name}'
+ series_file.write_text(series_data)
+
+
+def build_package() -> bool:
+ """Build a package
+
+ Returns:
+ bool: build status
+ """
+ build_cmd: list[str] = ['dpkg-buildpackage', '-uc', '-us', '-tc', '-b']
+ build_status: int = run(build_cmd).returncode
+
+ if not build_status:
+ return False
+ return True
+
+
+# build a package
+if __name__ == '__main__':
+ apply_deb_patches()
+
+ if not build_package():
+ exit(1)
+
+ exit()
diff --git a/packages/pmacct/patches/0001-fix-pmacctd-SEGV-when-ICMP-ICMPv6-traffic-was-proces.patch b/packages/pmacct/patches/0001-fix-pmacctd-SEGV-when-ICMP-ICMPv6-traffic-was-proces.patch
new file mode 100644
index 00000000..cb5f7399
--- /dev/null
+++ b/packages/pmacct/patches/0001-fix-pmacctd-SEGV-when-ICMP-ICMPv6-traffic-was-proces.patch
@@ -0,0 +1,49 @@
+From 58900c9d0f98f224577c28dc2323061d33823f39 Mon Sep 17 00:00:00 2001
+From: Paolo Lucente <pl+github@pmacct.net>
+Date: Fri, 4 Mar 2022 22:07:29 +0000
+Subject: [PATCH] * fix, pmacctd: SEGV when ICMP/ICMPv6 traffic was processed
+ and 'flows' primitive was enabled. To address Issue #586
+
+---
+ src/nl.c | 12 +++---------
+ 1 file changed, 3 insertions(+), 9 deletions(-)
+
+diff --git a/src/nl.c b/src/nl.c
+index c42689ed..6a3da94b 100644
+--- a/src/nl.c
++++ b/src/nl.c
+@@ -1,6 +1,6 @@
+ /*
+ pmacct (Promiscuous mode IP Accounting package)
+- pmacct is Copyright (C) 2003-2021 by Paolo Lucente
++ pmacct is Copyright (C) 2003-2022 by Paolo Lucente
+ */
+
+ /*
+@@ -293,10 +293,7 @@ int ip_handler(register struct packet_ptrs *pptrs)
+ }
+ }
+ else {
+- if (pptrs->l4_proto != IPPROTO_ICMP) {
+- pptrs->tlh_ptr = dummy_tlhdr;
+- }
+-
++ pptrs->tlh_ptr = dummy_tlhdr;
+ if (off < caplen) pptrs->payload_ptr = ptr;
+ }
+
+@@ -479,10 +476,7 @@ int ip6_handler(register struct packet_ptrs *pptrs)
+ }
+ }
+ else {
+- if (pptrs->l4_proto != IPPROTO_ICMPV6) {
+- pptrs->tlh_ptr = dummy_tlhdr;
+- }
+-
++ pptrs->tlh_ptr = dummy_tlhdr;
+ if (off < caplen) pptrs->payload_ptr = ptr;
+ }
+
+--
+2.34.1
+