net/fort: new port: FORT Validator
FORT Validator is an open source RPKI validator. This solution allows operators to validate BGP routing information against the RPKI repository for use in router configuration and resolution. Submitted by: Toni Kalombo <toni@devboks.com> (maintainer) Tested by: Mark Tinka <mark@tinka.africa>
This commit is contained in:
parent
7758a5695f
commit
a679f9da38
|
@ -157,6 +157,7 @@
|
|||
SUBDIR += findomain
|
||||
SUBDIR += flower
|
||||
SUBDIR += foreman-proxy
|
||||
SUBDIR += fort
|
||||
SUBDIR += fpc-ldap
|
||||
SUBDIR += fpc-libenet
|
||||
SUBDIR += fpc-pcap
|
||||
|
|
41
net/fort/Makefile
Normal file
41
net/fort/Makefile
Normal file
|
@ -0,0 +1,41 @@
|
|||
PORTNAME= fort
|
||||
DISTVERSION= 1.5.2
|
||||
CATEGORIES= net
|
||||
|
||||
MAINTAINER= toni@devboks.com
|
||||
COMMENT= FORT Validator is an open source RPKI validator
|
||||
|
||||
LICENSE= MIT
|
||||
LICENSE_FILE= ${WRKSRC}/LICENSE
|
||||
|
||||
LIB_DEPENDS= libcurl.so:ftp/curl libjansson.so:devel/jansson \
|
||||
libxml2.so:textproc/libxml2
|
||||
RUN_DEPENDS= ${LOCALBASE}/bin/rsync:net/rsync
|
||||
|
||||
USES= autoreconf pkgconfig ssl
|
||||
USE_GCC= yes
|
||||
USE_GITHUB= yes
|
||||
USE_RC_SUBR= fort
|
||||
|
||||
GH_ACCOUNT= NICMx
|
||||
GH_PROJECT= FORT-validator
|
||||
|
||||
GNU_CONFIGURE= yes
|
||||
|
||||
SUB_FILES= pkg-message
|
||||
|
||||
post-patch:
|
||||
@${REINPLACE_CMD} -e "s|/tmp/fort|${ETCDIR}|" \
|
||||
${WRKSRC}/examples/config.json
|
||||
@${REINPLACE_CMD} -e "s|/usr/local/ssl|/etc/ssl|" \
|
||||
${WRKSRC}/examples/config.json
|
||||
@${REINPLACE_CMD} -e "s|rsync\",|${LOCALBASE}/bin/rsync\",|" \
|
||||
${WRKSRC}/examples/config.json
|
||||
@${REINPLACE_CMD} -e "/\"daemon\": false,/d" \
|
||||
${WRKSRC}/examples/config.json
|
||||
post-install:
|
||||
@${MKDIR} ${STAGEDIR}${ETCDIR}/repository ${STAGEDIR}${ETCDIR}/tal
|
||||
${INSTALL_DATA} ${WRKSRC}/examples/config.json \
|
||||
${STAGEDIR}${ETCDIR}/fort-config.json.sample
|
||||
|
||||
.include <bsd.port.mk>
|
3
net/fort/distinfo
Normal file
3
net/fort/distinfo
Normal file
|
@ -0,0 +1,3 @@
|
|||
TIMESTAMP = 1634812159
|
||||
SHA256 (NICMx-FORT-validator-1.5.2_GH0.tar.gz) = c49b7badcf6dae05b7c9ae9cb3b1514d2b742d868b83f8b8deb0d7ae0a3e6bf2
|
||||
SIZE (NICMx-FORT-validator-1.5.2_GH0.tar.gz) = 482094
|
47
net/fort/files/fort.in
Normal file
47
net/fort/files/fort.in
Normal file
|
@ -0,0 +1,47 @@
|
|||
#!/bin/sh
|
||||
|
||||
# PROVIDE: fort
|
||||
# REQUIRE: DAEMON fort
|
||||
# BEFORE: LOGIN
|
||||
# KEYWORD: shutdown
|
||||
|
||||
# Define fort_enable in /etc/rc.conf[.local] to enable it.
|
||||
#
|
||||
# fort_enable (bool): Set to "NO" by default.
|
||||
# Set it to "YES" to enable fort.
|
||||
|
||||
. /etc/rc.subr
|
||||
|
||||
name="fort"
|
||||
rcvar=fort_enable
|
||||
start_precmd=check_init
|
||||
command="%%PREFIX%%/bin/${name}"
|
||||
|
||||
load_rc_config $name
|
||||
: ${fort_enable="NO"}
|
||||
: ${wrkdir:="%%ETCDIR%%"}
|
||||
|
||||
|
||||
fort_config=${fort_conf:-"%%ETCDIR%%/fort-config.json"}
|
||||
required_file=${fort_config}
|
||||
command_args="--configuration-file=${fort_config} --daemon=true"
|
||||
|
||||
check_init() {
|
||||
if [ ! -d ${wrkdir}/tal ]; then
|
||||
echo
|
||||
echo -n "Need to initialize fort with tals, "
|
||||
echo "see man fort"
|
||||
echo
|
||||
exit 1
|
||||
fi
|
||||
if [ ! -f ${fort_config} ]; then
|
||||
echo
|
||||
echo -n "Configuration file not found at ${fort_config} "
|
||||
echo "Please create one before starting Fort, "
|
||||
echo "see man fort"
|
||||
echo
|
||||
exit 1
|
||||
fi
|
||||
}
|
||||
|
||||
run_rc_command "$1"
|
11
net/fort/files/patch-src_Makefile.am
Normal file
11
net/fort/files/patch-src_Makefile.am
Normal file
|
@ -0,0 +1,11 @@
|
|||
--- src/Makefile.am.orig 2021-09-20 02:51:17 UTC
|
||||
+++ src/Makefile.am
|
||||
@@ -130,7 +130,7 @@ fort_SOURCES += $(ASN_MODULE_SRCS) $(ASN_MODULE_HDRS)
|
||||
fort_CFLAGS = -Wall -Wno-cpp -Wpedantic
|
||||
# Feel free to temporarily remove this one if you're not using gcc 7.3.0.
|
||||
#fort_CFLAGS += $(GCC_WARNS)
|
||||
-fort_CFLAGS += -std=gnu11 -O2 -g $(FORT_FLAGS) ${XML2_CFLAGS}
|
||||
+fort_CFLAGS += -std=gnu11 -O2 -g $(FORT_FLAGS) ${XML2_CFLAGS} ${JANSSON_CFLAGS}
|
||||
fort_LDFLAGS = $(LDFLAGS_DEBUG)
|
||||
fort_LDADD = ${JANSSON_LIBS} ${CURL_LIBS} ${XML2_LIBS}
|
||||
|
25
net/fort/files/pkg-message.in
Normal file
25
net/fort/files/pkg-message.in
Normal file
|
@ -0,0 +1,25 @@
|
|||
[
|
||||
{ type: install
|
||||
message: <<EOM
|
||||
A default configuration file has been installed in
|
||||
%%ETCDIR%%/fort-config.json.sample.
|
||||
|
||||
To use FORT, you will need the Trust Anchor Locator (TAL) files.
|
||||
You can download these by running "fort --init-tals" as follows:
|
||||
|
||||
# fort --init-tals --tal %%ETCDIR%%/tal
|
||||
|
||||
When you have downloaded the TAL files, you can start the RTR
|
||||
server and validator:
|
||||
|
||||
# sysrc fort_enable=YES # or edit /etc/rc.conf manually
|
||||
# service fort start
|
||||
|
||||
The default configuration will bind the RTR server to localhost
|
||||
on port 8323.
|
||||
|
||||
Consult the FORT manual for more information:
|
||||
https://nicmx.github.io/FORT-validator/run.html
|
||||
EOM
|
||||
}
|
||||
]
|
7
net/fort/pkg-descr
Normal file
7
net/fort/pkg-descr
Normal file
|
@ -0,0 +1,7 @@
|
|||
FORT validator is an MIT-licensed RPKI Relying Party, this is a tool offered as
|
||||
part of the FORT project. It is a solution that allows operators to validate BGP
|
||||
routing information against the RPKI repository for use in router configuration
|
||||
and resolution. The service performs the validation of the entire RPKI
|
||||
repository, and which serves the resulting ROAs for easy access by your routers.
|
||||
|
||||
WWW: https://fortproject.net/en/validator
|
5
net/fort/pkg-plist
Normal file
5
net/fort/pkg-plist
Normal file
|
@ -0,0 +1,5 @@
|
|||
bin/fort
|
||||
man/man8/fort.8.gz
|
||||
@dir %%ETCDIR%%/repository
|
||||
@dir %%ETCDIR%%/tal
|
||||
@sample %%ETCDIR%%/fort-config.json.sample
|
Loading…
Reference in New Issue
Block a user