diff --git a/net/l7-protocols/Makefile b/net/l7-protocols/Makefile new file mode 100644 index 000000000..0258216f2 --- /dev/null +++ b/net/l7-protocols/Makefile @@ -0,0 +1,87 @@ +# +# Copyright (C) 2014 OpenWrt.org +# +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. +# + +include $(TOPDIR)/rules.mk + +PKG_NAME:=l7-protocols +PKG_VERSION:=2009-05-28 +PKG_RELEASE:=2 +PKG_LICENSE:=GPL-2.0 + +PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz +PKG_SOURCE_URL:=@SF/l7-filter +PKG_MD5SUM:=91be154d12134dcdbc560cc7aa7fe4ce + +include $(INCLUDE_DIR)/uclibc++.mk +include $(INCLUDE_DIR)/package.mk + +define Package/l7-protocols + SECTION:=net + CATEGORY:=Network + TITLE:=Protocols for layer7 filtering + URL:=http://l7-filter.sourceforge.net/ + SUBMENU:=Firewall + MAINTAINER:=Lim Guo Wei + DEPENDS:=iptables-mod-filter +endef + +define Package/l7-protocols/description + l7-filter classifies packets based on patterns in application + layer data. This allows correct classification of P2P traffic that + uses unpredictable ports as well as standard protocols running on + non-standard ports. +endef + +define Package/l7-protocols-testing + $(call Package/l7-protocols) + TITLE:=testing utilities for layer7 + DEPENDS+=l7-protocols $(CXX_DEPENDS) +endef + +define Package/l7-protocols-testing/description + testing utilities for layer 7 patterns +endef + +define Build/Configure +endef + +ifneq ($(SDK)$(CONFIG_PACKAGE_l7-protocols-testing),) + define Build/Compile + cd $(PKG_BUILD_DIR)/testing && $(MAKE) $(CONFIGURE_VARS) + endef +else + define Build/Compile + endef +endif + +define Package/l7-protocols/install + find $(PKG_BUILD_DIR) -name "README" -delete + $(INSTALL_DIR) $(1)/etc/l7-protocols + $(CP) $(PKG_BUILD_DIR)/extra \ + $(PKG_BUILD_DIR)/file_types \ + $(PKG_BUILD_DIR)/groups.sh \ + $(PKG_BUILD_DIR)/malware \ + $(PKG_BUILD_DIR)/protocols \ + $(1)/etc/l7-protocols +endef + +define Package/l7-protocols-testing/install + $(INSTALL_DIR) $(1)/etc/l7-protocols/testing + $(CP) $(PKG_BUILD_DIR)/testing/data \ + $(1)/etc/l7-protocols/testing + $(INSTALL_BIN) \ + $(PKG_BUILD_DIR)/testing/rand{chars,printable} \ + $(PKG_BUILD_DIR)/testing/test_speed-{kernel,userspace} \ + $(PKG_BUILD_DIR)/testing/match_kernel \ + $(PKG_BUILD_DIR)/testing/doallspeeds.sh \ + $(PKG_BUILD_DIR)/testing/test_match.sh \ + $(PKG_BUILD_DIR)/testing/timeit.sh \ + $(1)/etc/l7-protocols/testing +endef + +$(eval $(call BuildPackage,l7-protocols)) +$(eval $(call BuildPackage,l7-protocols-testing)) diff --git a/net/l7-protocols/patches/100-testing_crosscompile.patch b/net/l7-protocols/patches/100-testing_crosscompile.patch new file mode 100644 index 000000000..b5d395307 --- /dev/null +++ b/net/l7-protocols/patches/100-testing_crosscompile.patch @@ -0,0 +1,27 @@ +--- a/testing/Makefile ++++ b/testing/Makefile +@@ -1,19 +1,19 @@ + all: randchars randprintable test_speed-kernel test_speed-userspace match_kernel + + randchars: randchars.c +- gcc -O2 -o randchars randchars.c ++ $(CC) $(CFLAGS) -o randchars randchars.c + + randprintable: randprintable.c +- gcc -O2 -o randprintable randprintable.c ++ $(CC) $(CFLAGS) -o randprintable randprintable.c + + test_speed-kernel: test_speed-kernel.c +- gcc -o test_speed-kernel test_speed-kernel.c ++ $(CC) $(CFLAGS) -o test_speed-kernel test_speed-kernel.c + + test_speed-userspace: test_speed-userspace.cpp l7-parse-patterns.cpp l7-parse-patterns.h +- g++ -Wall -o test_speed-userspace test_speed-userspace.cpp l7-parse-patterns.cpp ++ $(CXX) $(CXXFLAGS) -Wall -o test_speed-userspace test_speed-userspace.cpp l7-parse-patterns.cpp + + match_kernel: match-kernel.c +- gcc -O2 -o match_kernel match-kernel.c ++ $(CC) $(CFLAGS) -o match_kernel match-kernel.c + + clean: + rm -f randprintable randchars test_speed-kernel test_speed-userspace match_kernel diff --git a/net/l7-protocols/patches/101-testing-timeit.patch b/net/l7-protocols/patches/101-testing-timeit.patch new file mode 100644 index 000000000..665688927 --- /dev/null +++ b/net/l7-protocols/patches/101-testing-timeit.patch @@ -0,0 +1,102 @@ +--- a/testing/timeit.sh ++++ b/testing/timeit.sh +@@ -1,11 +1,8 @@ + #!/bin/bash + +-# "man 1 time" for details +-export TIME="%U seconds" +- + add() + { +- if ! dc -e ""; then ++ if ! dc p >/dev/null 2>&1; then + echo you do not have dc, so I cannot add these numbers... + exit 1 + fi +@@ -14,7 +11,7 @@ add() + tot=0 + + while read n; do +- tot=`dc -e "$n $tot + pop" 2> /dev/null` ++ tot=`dc $n $tot + p 2> /dev/null` + done + + echo $tot seconds +@@ -34,7 +31,7 @@ extract() + + if [ ! $3 ] || [ $2 == "-h" ] || [ $2 == "--help" ]; then + echo +- echo Syntax: ./timeit.sh patternfile kernel\|userspace all\|print\|real [data_files] ++ echo Syntax: .//usr/bin/timeit.sh patternfile kernel\|userspace all\|print\|real [data_files] + echo + echo \"kernel\" uses the kernel pattern and library + echo \"userspace\" uses userspace pattern and library +@@ -72,12 +69,12 @@ echo Timing $1 + if [ $3 == "all" ]; then + echo Using all characters + if [ $2 == "kernel" ]; then +- if ! ./randchars | time $speedprog "`extract $1`" verbose; then ++ if ! ./randchars | /usr/bin/time $speedprog "`extract $1`" verbose 2>&1 >/dev/null | grep user | cut -d\ -f2; then + echo $speedprog failed. > /dev/stderr + exit 1 + fi + else +- if ! ./randchars | time $speedprog -f "$1" -v; then ++ if ! ./randchars | /usr/bin/time $speedprog -f "$1" -v 2>&1 >/dev/null | grep user | cut -d\ -f2; then + echo $speedprog failed. > /dev/stderr + exit 1 + fi +@@ -85,12 +82,12 @@ if [ $3 == "all" ]; then + elif [ $3 == "print" ]; then + echo Using only printable characters + if [ $2 == "kernel" ]; then +- if ! ./randprintable | time $speedprog "`extract $1`" verbose; then ++ if ! ./randprintable | /usr/bin/time $speedprog "`extract $1`" verbose 2>&1 >/dev/null | grep user | cut -d\ -f2; then + echo $speedprog failed. > /dev/stderr + exit 1 + fi + else +- if ! ./randprintable | time $speedprog -f "$1" -v; then ++ if ! ./randprintable | /usr/bin/time $speedprog -f "$1" -v 2>&1 >/dev/null | grep user | cut -d\ -f2; then + echo $speedprog failed. > /dev/stderr + exit 1 + fi +@@ -107,12 +104,12 @@ elif [ $3 == "real" ]; then + printf $f\\t + #echo `extract $1` + if [ $2 == "kernel" ]; then +- if ! cat $f | time $speedprog "`extract $1`" 2> /dev/stdout | tee -a tmp.$$; then ++ if ! cat $f | /usr/bin/time $speedprog "`extract $1`" 2>&1 >/dev/null | grep user | cut -d\ -f2 | tee -a tmp.$$; then + echo $speedprog failed. > /dev/stderr + exit 1 + fi + else +- if ! cat $f | time $speedprog -f "$1" 2> /dev/stdout | tee -a tmp.$$; then ++ if ! cat $f | /usr/bin/time $speedprog -f "$1" 2>&1 >/dev/null | grep user | cut -d\ -f2 | tee -a tmp.$$; then + echo $speedprog failed. > /dev/stderr + exit 1 + fi +@@ -123,12 +120,12 @@ elif [ $3 == "real" ]; then + for f in data/*; do + printf $f\\t + if [ $2 == "kernel" ]; then +- if ! cat $f | time $speedprog "`extract $1`" 2> /dev/stdout | tee -a tmp.$$; then ++ if ! cat $f | /usr/bin/time $speedprog "`extract $1`" 2>&1 >/dev/null | grep user | cut -d\ -f2 | tee -a tmp.$$; then + echo $speedprog failed. > /dev/stderr + exit 1 + fi + else +- if ! cat $f | time $speedprog -f "$1" 2> /dev/stdout | tee -a tmp.$$; then ++ if ! cat $f | /usr/bin/time $speedprog -f "$1" 2>&1 >/dev/null | grep user | cut -d\ -f2 | tee -a tmp.$$; then + echo $speedprog failed. > /dev/stderr + exit 1 + fi +@@ -137,7 +134,7 @@ elif [ $3 == "real" ]; then + fi + + printf Total:\ +- cat tmp.$$ | cut -d\ -f 2 | add ++ cat tmp.$$ | cut -ds -f 1| add + + rm tmp.$$ + else diff --git a/net/l7-protocols/patches/102-testing-doallspeeds.patch b/net/l7-protocols/patches/102-testing-doallspeeds.patch new file mode 100644 index 000000000..850a1d6a0 --- /dev/null +++ b/net/l7-protocols/patches/102-testing-doallspeeds.patch @@ -0,0 +1,16 @@ +--- a/testing/doallspeeds.sh ++++ b/testing/doallspeeds.sh +@@ -25,11 +25,11 @@ for f in ../*/*.pat; do + printf `basename $f .pat` + + if [ $userspace ]; then +- gtime=`./timeit.sh $f userspace real | grep Total | cut -d\ -f 2` ++ gtime=`./timeit.sh $f userspace real | grep Total | cut -d\ -f 2 | awk '{print $1}'` + printf \\t$gtime + fi + if [ $kernel ]; then +- htime=`./timeit.sh $f kernel real | grep Total | cut -d\ -f 2` ++ htime=`./timeit.sh $f kernel real | grep Total | cut -d\ -f 2 | awk '{print $1}'` + printf \\t$htime + fi + printf \\n