From cc8ac76307ebb11b010dd6cbc83ad14c0c0c3d83 Mon Sep 17 00:00:00 2001 From: Erik Kapfer Date: Tue, 13 Nov 2012 22:31:39 +0100 Subject: [PATCH 01/41] stress: New package. --- config/rootfiles/packages/stress | 3 ++ lfs/stress | 69 ++++++++++++++++++++++++++++++++ make.sh | 1 + 3 files changed, 73 insertions(+) create mode 100644 config/rootfiles/packages/stress create mode 100644 lfs/stress diff --git a/config/rootfiles/packages/stress b/config/rootfiles/packages/stress new file mode 100644 index 000000000..2b0a0003a --- /dev/null +++ b/config/rootfiles/packages/stress @@ -0,0 +1,3 @@ +usr/bin/stress +#usr/share/info/stress.info +#usr/share/man/man1/stress.1 \ No newline at end of file diff --git a/lfs/stress b/lfs/stress new file mode 100644 index 000000000..166d840f9 --- /dev/null +++ b/lfs/stress @@ -0,0 +1,69 @@ +############################################################################### +# IPFire.org - An Open Source Firewall Solution # +# Copyright (C) - IPFire Development Team # +############################################################################### + +############################################################################### +# Definitions +############################################################################### + +include Config + +VER = 1.0.4 + +THISAPP = stress-$(VER) +DL_FILE = $(THISAPP).tar.gz +DL_FROM = $(URL_IPFIRE) +DIR_APP = $(DIR_SRC)/$(THISAPP) +TARGET = $(DIR_INFO)/$(THISAPP) +PROG = stress +PAK_VER = 1 + +DEPS = "" + +############################################################################### +# Top-level Rules +############################################################################### + +objects = $(DL_FILE) + +$(DL_FILE) = $(DL_FROM)/$(DL_FILE) + +$(DL_FILE)_MD5 = a607afa695a511765b40993a64c6e2f4 + +install : $(TARGET) + +check : $(patsubst %,$(DIR_CHK)/%,$(objects)) + +download :$(patsubst %,$(DIR_DL)/%,$(objects)) + +md5 : $(subst %,%_MD5,$(objects)) + +dist: + @$(PAK) + +############################################################################### +# Downloading, checking, md5sum +############################################################################### + +$(patsubst %,$(DIR_CHK)/%,$(objects)) : + @$(CHECK) + +$(patsubst %,$(DIR_DL)/%,$(objects)) : + @$(LOAD) + +$(subst %,%_MD5,$(objects)) : + @$(MD5) + +############################################################################### +# Installation Details +############################################################################### + +$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) + @$(PREBUILD) + @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE) + cd $(DIR_APP) && ./configure --prefix=/usr + cd $(DIR_APP) && make $(MAKETUNING) + cd $(DIR_APP) && make install + @rm -rf $(DIR_APP) + @$(POSTBUILD) diff --git a/make.sh b/make.sh index ea908d948..3cb3e0793 100755 --- a/make.sh +++ b/make.sh @@ -772,6 +772,7 @@ buildipfire() { ipfiremake minidlna ipfiremake fping ipfiremake telnet + ipfiremake stress echo Build on $HOSTNAME > $BASEDIR/build/var/ipfire/firebuild cat /proc/version >> $BASEDIR/build/var/ipfire/firebuild echo >> $BASEDIR/build/var/ipfire/firebuild From ce819132f353a4ae2103fa752ffddb3fae6f01a1 Mon Sep 17 00:00:00 2001 From: Erik Kapfer Date: Tue, 13 Nov 2012 23:49:45 +0100 Subject: [PATCH 02/41] libstatgrab: New package. --- config/rootfiles/packages/libstatgrab | 35 ++++++++++++++ lfs/libstatgrab | 69 +++++++++++++++++++++++++++ make.sh | 1 + 3 files changed, 105 insertions(+) create mode 100644 config/rootfiles/packages/libstatgrab create mode 100644 lfs/libstatgrab diff --git a/config/rootfiles/packages/libstatgrab b/config/rootfiles/packages/libstatgrab new file mode 100644 index 000000000..2c6141163 --- /dev/null +++ b/config/rootfiles/packages/libstatgrab @@ -0,0 +1,35 @@ +usr/bin/saidar +usr/bin/statgrab +#usr/bin/statgrab-make-mrtg-config +#usr/bin/statgrab-make-mrtg-index +#usr/include/statgrab.h +#usr/include/statgrab_deprecated.h +#usr/lib/libstatgrab.a +#usr/lib/libstatgrab.la +#usr/lib/libstatgrab.so +usr/lib/libstatgrab.so.6 +usr/lib/libstatgrab.so.6.2.3 +#usr/lib/pkgconfig/libstatgrab.pc +#usr/share/man/man1/saidar.1 +#usr/share/man/man1/statgrab-make-mrtg-config.1 +#usr/share/man/man1/statgrab-make-mrtg-index.1 +#usr/share/man/man1/statgrab.1 +#usr/share/man/man3/sg_get_cpu_percents.3 +#usr/share/man/man3/sg_get_cpu_stats.3 +#usr/share/man/man3/sg_get_cpu_stats_diff.3 +#usr/share/man/man3/sg_get_disk_io_stats.3 +#usr/share/man/man3/sg_get_disk_io_stats_diff.3 +#usr/share/man/man3/sg_get_fs_stats.3 +#usr/share/man/man3/sg_get_host_info.3 +#usr/share/man/man3/sg_get_load_stats.3 +#usr/share/man/man3/sg_get_mem_stats.3 +#usr/share/man/man3/sg_get_network_iface_stats.3 +#usr/share/man/man3/sg_get_network_io_stats.3 +#usr/share/man/man3/sg_get_network_io_stats_diff.3 +#usr/share/man/man3/sg_get_page_stats.3 +#usr/share/man/man3/sg_get_page_stats_diff.3 +#usr/share/man/man3/sg_get_process_count.3 +#usr/share/man/man3/sg_get_process_stats.3 +#usr/share/man/man3/sg_get_swap_stats.3 +#usr/share/man/man3/sg_get_user_stats.3 +#usr/share/man/man3/statgrab.3 diff --git a/lfs/libstatgrab b/lfs/libstatgrab new file mode 100644 index 000000000..8bcb1330d --- /dev/null +++ b/lfs/libstatgrab @@ -0,0 +1,69 @@ +############################################################################### +# IPFire.org - An Open Source Firewall Solution # +# Copyright (C) - IPFire Development Team # +############################################################################### + +############################################################################### +# Definitions +############################################################################### + +include Config + +VER = 0.17 + +THISAPP = libstatgrab-$(VER) +DL_FILE = $(THISAPP).tar.gz +DL_FROM = $(URL_IPFIRE) +DIR_APP = $(DIR_SRC)/$(THISAPP) +TARGET = $(DIR_INFO)/$(THISAPP) +PROG = libstatgrab +PAK_VER = 1 + +DEPS = "" + +############################################################################### +# Top-level Rules +############################################################################### + +objects = $(DL_FILE) + +$(DL_FILE) = $(DL_FROM)/$(DL_FILE) + +$(DL_FILE)_MD5 = 58385c9392898be3b09ffc5e3ebe8717 + +install : $(TARGET) + +check : $(patsubst %,$(DIR_CHK)/%,$(objects)) + +download :$(patsubst %,$(DIR_DL)/%,$(objects)) + +md5 : $(subst %,%_MD5,$(objects)) + +dist: + @$(PAK) + +############################################################################### +# Downloading, checking, md5sum +############################################################################### + +$(patsubst %,$(DIR_CHK)/%,$(objects)) : + @$(CHECK) + +$(patsubst %,$(DIR_DL)/%,$(objects)) : + @$(LOAD) + +$(subst %,%_MD5,$(objects)) : + @$(MD5) + +############################################################################### +# Installation Details +############################################################################### + +$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) + @$(PREBUILD) + @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE) + cd $(DIR_APP) && ./configure --prefix=/usr + cd $(DIR_APP) && make $(MAKETUNING) + cd $(DIR_APP) && make install + @rm -rf $(DIR_APP) + @$(POSTBUILD) \ No newline at end of file diff --git a/make.sh b/make.sh index 3cb3e0793..0675d8e6f 100755 --- a/make.sh +++ b/make.sh @@ -773,6 +773,7 @@ buildipfire() { ipfiremake fping ipfiremake telnet ipfiremake stress + ipfiremake libstatgrab echo Build on $HOSTNAME > $BASEDIR/build/var/ipfire/firebuild cat /proc/version >> $BASEDIR/build/var/ipfire/firebuild echo >> $BASEDIR/build/var/ipfire/firebuild From 2ee746be048e2667c3fd6537873eb1763aa8b7b7 Mon Sep 17 00:00:00 2001 From: Stefan Schantl Date: Sun, 11 Nov 2012 17:53:53 +0100 Subject: [PATCH 03/41] Add support for mtu-disc to openvpn. OpenVPN now have support for an automaticaly mtu path discovery. This feature can be enabled on roadwarrior or net-to-net connections. It can be fully configured by using the webinterface. --- html/cgi-bin/ovpnmain.cgi | 120 +++++++++++++++++++++++++++++++++++--- langs/de/cgi-bin/de.pl | 7 +++ langs/en/cgi-bin/en.pl | 7 +++ 3 files changed, 126 insertions(+), 8 deletions(-) diff --git a/html/cgi-bin/ovpnmain.cgi b/html/cgi-bin/ovpnmain.cgi index 990fe6600..5fc5dd4ad 100644 --- a/html/cgi-bin/ovpnmain.cgi +++ b/html/cgi-bin/ovpnmain.cgi @@ -77,6 +77,7 @@ $cgiparams{'DHCP_WINS'} = ''; $cgiparams{'ROUTES_PUSH'} = ''; $cgiparams{'DCOMPLZO'} = 'off'; $cgiparams{'MSSFIX'} = ''; +$cgiparams{'PMTU_DISCOVERY'} = ''; $routes_push_file = "${General::swroot}/ovpn/routes_push"; unless (-e $routes_push_file) { system("touch $routes_push_file"); } @@ -329,7 +330,6 @@ sub writeserverconf { print CONF "#DAN prepare OpenVPN for listening on blue and orange\n"; print CONF ";local $sovpnsettings{'VPN_IP'}\n"; print CONF "dev $sovpnsettings{'DDEVICE'}\n"; - print CONF "$sovpnsettings{'DDEVICE'}-mtu $sovpnsettings{'DMTU'}\n"; print CONF "proto $sovpnsettings{'DPROTOCOL'}\n"; print CONF "port $sovpnsettings{'DDEST_PORT'}\n"; print CONF "script-security 3 system\n"; @@ -343,7 +343,18 @@ sub writeserverconf { my @tempovpnsubnet = split("\/",$sovpnsettings{'DOVPN_SUBNET'}); print CONF "server $tempovpnsubnet[0] $tempovpnsubnet[1]\n"; print CONF "push \"route $netsettings{'GREEN_NETADDRESS'} $netsettings{'GREEN_NETMASK'}\"\n"; - + + # Check if we are using mssfix, fragment or mtu-disc and set the corretct mtu of 1500. + # If we doesn't use one of them, we can use the configured mtu value. + if ($sovpnsettings{'MSSFIX'} eq 'on') + { print CONF "$sovpnsettings{'DDEVICE'}-mtu 1500\n"; } + elsif ($sovpnsettings{'FRAGMENT'} ne '' && $sovpnsettings{'DPROTOCOL'} ne 'tcp') + { print CONF "$sovpnsettings{'DDEVICE'}-mtu 1500\n"; } + elsif ($sovpnsettings{'PMTU_DISCOVERY'} ne 'off') + { print CONF "$sovpnsettings{'DDEVICE'}-mtu 1500\n"; } + else + { print CONF "$sovpnsettings{'DDEVICE'}-mtu $sovpnsettings{'DMTU'}\n"; } + if ($vpnsettings{'ROUTES_PUSH'} ne '') { @temp = split(/\n/,$vpnsettings{'ROUTES_PUSH'}); foreach (@temp) @@ -362,6 +373,11 @@ sub writeserverconf { if ($sovpnsettings{FRAGMENT} ne '' && $sovpnsettings{'DPROTOCOL'} ne 'tcp') { print CONF "fragment $sovpnsettings{'FRAGMENT'}\n"; } + + if ($sovpnsettings{PMTU_DISCOVERY} ne 'off') { + print CONF "mtu-disc $sovpnsettings{'PMTU_DISCOVERY'}\n"; + } + if ($sovpnsettings{KEEPALIVE_1} > 0 && $sovpnsettings{KEEPALIVE_2} > 0) { print CONF "keepalive $sovpnsettings{'KEEPALIVE_1'} $sovpnsettings{'KEEPALIVE_2'}\n"; } @@ -516,6 +532,7 @@ if ($cgiparams{'ACTION'} eq $Lang::tr{'save-adv-options'}) { $vpnsettings{'DHCP_DNS'} = $cgiparams{'DHCP_DNS'}; $vpnsettings{'DHCP_WINS'} = $cgiparams{'DHCP_WINS'}; $vpnsettings{'ROUTES_PUSH'} = $cgiparams{'ROUTES_PUSH'}; + $vpnsettings{'PMTU_DISCOVERY'} = $cgiparams{'PMTU_DISCOVERY'}; my @temp=(); if ($cgiparams{'FRAGMENT'} eq '') { @@ -533,6 +550,14 @@ if ($cgiparams{'ACTION'} eq $Lang::tr{'save-adv-options'}) { } else { $vpnsettings{'MSSFIX'} = $cgiparams{'MSSFIX'}; } + + if ($cgiparams{'PMTU_DISCOVERY'} ne 'off') { + if (($cgiparams{'MSSFIX'} eq 'on') || ($cgiparams{'FRAGMENT'} ne '')) { + $errormessage = $Lang::tr{'ovpn mtu-disc with mssfix or fragment'}; + goto ADV_ERROR; + } + } + if ($cgiparams{'DHCP_DOMAIN'} ne ''){ unless (&General::validfqdn($cgiparams{'DHCP_DOMAIN'}) || &General::validip($cgiparams{'DHCP_DOMAIN'})) { $errormessage = $Lang::tr{'invalid input for dhcp domain'}; @@ -656,6 +681,13 @@ unless(-d "${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}"){mkdir "${General if ($cgiparams{'FRAGMENT'} ne '') {print SERVERCONF "fragment $cgiparams{'FRAGMENT'}\n";} if ($cgiparams{'MSSFIX'} eq 'on') {print SERVERCONF "mssfix\n"; }; } + if ($cgiparams{'PMTU_DISCOVERY'} ne 'off') { + if(($cgiparams{'MSSFIX'} ne 'on') || ($cgiparams{'FRAGMENT'} eq '')) { + if($cgiparams{'MTU'} eq '1500') { + print SERVERCONF "mtu-disc $cgiparams{'PMTU_DISCOVERY'}\n"; + } + } + } print SERVERCONF "# Auth. Server\n"; print SERVERCONF "tls-server\n"; print SERVERCONF "ca ${General::swroot}/ovpn/ca/cacert.pem\n"; @@ -734,7 +766,13 @@ unless(-d "${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}"){mkdir "${General if ($cgiparams{'FRAGMENT'} ne '') {print CLIENTCONF "fragment $cgiparams{'FRAGMENT'}\n";} if ($cgiparams{'MSSFIX'} eq 'on') {print CLIENTCONF "mssfix\n"; }; } - + if ($cgiparams{'PMTU_DISCOVERY'} ne 'off') { + if(($cgiparams{'MSSFIX'} ne 'on') || ($cgiparams{'FRAGMENT'} eq '')) { + if ($cgiparams{'MTU'} eq '1500') { + print CLIENTCONF "mtu-disc $cgiparams{'PMTU_DISCOVERY'}\n"; + } + } + } print CLIENTCONF "ns-cert-type server\n"; print CLIENTCONF "# Auth. Client\n"; print CLIENTCONF "tls-client\n"; @@ -1665,6 +1703,13 @@ if ($confighash{$cgiparams{'KEY'}}[3] eq 'net'){ if ($confighash{$cgiparams{'KEY'}}[24] ne '') {print CLIENTCONF "fragment $confighash{$cgiparams{'KEY'}}[24]\n";} if ($confighash{$cgiparams{'KEY'}}[23] eq 'on') {print CLIENTCONF "mssfix\n";} } + if ($confighash{$cgiparams{'KEY'}}[32] ne 'off') { + if (($confighash{$cgiparams{'KEY'}}[23] ne 'on') || ($confighash{$cgiparams{'KEY'}}[24] eq '')) { + if ($tunmtu eq '1500' ) { + print CLIENTCONF "mtu-disc $confighash{$cgiparams{'KEY'}}[32]\n"; + } + } + } print CLIENTCONF "ns-cert-type server\n"; print CLIENTCONF "# Auth. Client\n"; print CLIENTCONF "tls-client\n"; @@ -1723,7 +1768,18 @@ else print CLIENTCONF "client\r\n"; print CLIENTCONF "dev $vpnsettings{'DDEVICE'}\r\n"; print CLIENTCONF "proto $vpnsettings{'DPROTOCOL'}\r\n"; - print CLIENTCONF "$vpnsettings{'DDEVICE'}-mtu $vpnsettings{'DMTU'}\r\n"; + + # Check if we are using fragment, mssfix or mtu-disc and set MTU to 1500 + # or use configured value. + if ($vpnsettings{FRAGMENT} ne '' && $vpnsettings{DPROTOCOL} ne 'tcp' ) + { print CLIENTCONF "$vpnsettings{'DDEVICE'}-mtu 1500\n"; } + elsif ($vpnsettings{MSSFIX} eq 'on') + { print CLIENTCONF "$vpnsettings{'DDEVICE'}-mtu 1500\n"; } + elsif ($vpnsettings{PMTU_DISCOVERY} ne 'off') + { print CLIENTCONF "$vpnsettings{'DDEVICE'}-mtu 1500\n"; } + else + { print CLIENTCONF "$vpnsettings{'DDEVICE'}-mtu $vpnsettings{'DMTU'}\r\n"; } + if ( $vpnsettings{'ENABLED'} eq 'on'){ print CLIENTCONF "remote $vpnsettings{'VPN_IP'} $vpnsettings{'DDEST_PORT'}\r\n"; if ( $vpnsettings{'ENABLED_BLUE'} eq 'on' && (&haveBlueNet())){ @@ -1767,6 +1823,11 @@ else if ($vpnsettings{FRAGMENT} ne '' && $vpnsettings{DPROTOCOL} ne 'tcp' ) { print CLIENTCONF "fragment $vpnsettings{'FRAGMENT'}\r\n"; } + if ($vpnsettings{PMTU_DISCOVERY} ne 'off') { + if(($vpnsettings{MSSFIX} ne 'on') || ($vpnsettings{FRAGMENT} eq '')) { + print CLIENTCONF "mtu-disc $vpnsettings{'PMTU_DISCOVERY'}\n"; + } + } close(CLIENTCONF); $zip->addFile( "$tempdir/$clientovpn", $clientovpn) or die "Can't add file $clientovpn\n"; @@ -1913,6 +1974,7 @@ ADV_ERROR: $checked{'MSSFIX'}{'off'} = ''; $checked{'MSSFIX'}{'on'} = ''; $checked{'MSSFIX'}{$cgiparams{'MSSFIX'}} = 'CHECKED'; + $checked{'PMTU_DISCOVERY'}{$cgiparams{'PMTU_DISCOVERY'}} = 'checked=\'checked\''; $selected{'LOG_VERB'}{'1'} = ''; $selected{'LOG_VERB'}{'2'} = ''; $selected{'LOG_VERB'}{'3'} = ''; @@ -1986,7 +2048,7 @@ print <$Lang::tr{'misc-options'} - + Client-To-Client @@ -2015,7 +2077,15 @@ print <mssfix Default: on - + + + + $Lang::tr{'ovpn mtu-disc'} + $Lang::tr{'ovpn mtu-disc yes'} + $Lang::tr{'ovpn mtu-disc maybe'} + $Lang::tr{'ovpn mtu-disc no'} + $Lang::tr{'ovpn mtu-disc off'} +