net-wireless: ebuild for coova chilli which is damn bugged

6 files changed, 201 insertions, 0 deletions

diff --git a/net-wireless/coova-chilli/ChangeLog b/net-wireless/coova-chilli/ChangeLog
new file mode 100644
index 00000000..4820b5b9
--- /dev/null
+++ b/net-wireless/coova-chilli/ChangeLog
@@ -0,0 +1,12 @@
+# ChangeLog for net-wireless/coova-chilli
+# Copyright 1999-2009 Gentoo Foundation; Distributed under the GPL v2
+# $Header: $
+
+  20 Sep 2009; Thomas Sachau (Tommy[D]) <tommy@gentoo.org> metadata.xml:
+  Fix metadata.xml
+
+  18 Sep 2009; Vitor Brandão (noisebleed) <vitorbrandao.pt@gmail.com>
+  +coova-chilli-1.0.11.ebuild, +files/chilli, +files/firewall.iptables,
+  +metadata.xml:
+  New Ebuild for bug 217141. Thanks to Laurento Frittella
+
diff --git a/net-wireless/coova-chilli/Manifest b/net-wireless/coova-chilli/Manifest
new file mode 100644
index 00000000..56ceca0a
--- /dev/null
+++ b/net-wireless/coova-chilli/Manifest
@@ -0,0 +1,6 @@
+AUX firewall.iptables 2013 RMD160 6c81c9f92414b8e846d179917ff5323199564eaa SHA1 b3e2a75b7f37661849e691911a72697b57fb12bf SHA256 484d7d1a8e27c4909088367c66818ccb47057eaeaa2f1e8c205d883528160e4e
+AUX init.d/chilli 939 RMD160 3bb2924863360826b80969e84841ff67aba2ccd7 SHA1 21b36ddf83938412b63019c9a44f8e889b29da22 SHA256 4be8d1393e466bdc06cf37675cad11857ff96e8f4be7e9dbc50a6136ecd50f24
+DIST coova-chilli-1.2.9.tar.gz 869083 RMD160 896d6549f3601e8a940fb9870dcfcd95eb1dc014 SHA1 459042d9445dc05caffb328c51c17a6b355d713a SHA256 73c04988ed827ea5a0b87339671c628340a2a6a5d1864e58787c6e2e4e416100
+EBUILD coova-chilli-1.2.9.ebuild 1587 RMD160 3fab708cde419b0db547c8a41d2c63bf832c358d SHA1 3fe71cf5bea117064e1f747bb449853e9e4cef66 SHA256 18687a9304acfa9a6ce81eedd22c67acad0f2b12689e7817c6d773fa934c1662
+MISC ChangeLog 438 RMD160 a95718cb9cc7093076e4001c769a9ade5e692157 SHA1 953b771321f7a8a1f4915c77ba0e306c27288988 SHA256 709d5fe1e828d5e558561f35b9e471b9eebc0252a15e9b98dc0caa07c7cc58fc
+MISC metadata.xml 604 RMD160 8731846c8dee5b894f1cf51c2b56a36932503c6c SHA1 4fcbcd3802a4adc46720a40587c608c130c88b7a SHA256 79299e2e3f09be5649528b8323fb15fdee1e6a9b67b415bfe64572c420834041
diff --git a/net-wireless/coova-chilli/coova-chilli-1.2.9.ebuild b/net-wireless/coova-chilli/coova-chilli-1.2.9.ebuild
new file mode 100644
index 00000000..65ab553e
--- /dev/null
+++ b/net-wireless/coova-chilli/coova-chilli-1.2.9.ebuild
@@ -0,0 +1,62 @@
+# Copyright 1999-2010 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: $
+
+EAPI=4
+inherit eutils
+
+MY_PN="CoovaChilli"
+DESCRIPTION="CoovaChilli is an open-source software access controller, based on
+the ChilliSpot project."
+HOMEPAGE="http://www.coova.org/CoovaChilli"
+SRC_URI="http://ap.coova.org/chilli/${P}.tar.gz"
+
+LICENSE="GPL-3"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+IUSE="curl ipv6 miniportal netfilter pcap ssl"
+
+DEPEND="kernel_linux? ( sys-kernel/linux-headers )
+	curl? ( net-misc/curl )
+	netfilter? ( net-libs/libnetfilter_queue )
+	pcap? ( net-libs/libpcap )
+	ssl? ( dev-libs/openssl )
+"
+RDEPEND="${DEPEND}"
+
+src_configure() {
+	econf \
+		--enable-statusfile \
+		--without-mmap \
+		--with-poll \
+		--with-ipc-msg \
+		--enable-multiroute \
+		$(use_with curl) \
+		$(use_with ipv6) \
+		$(use_enable miniportal) \
+		$(use_with netfilter nfqueue) \
+		--without-pcap \
+		$(use_with ssl openssl)
+# BUGGED, see 20120324003921.GD3604
+#		--with-mmap \
+#		$(use_with pcap)
+}
+
+src_install() {
+	einstall
+
+	# We need to overwrite the provided init script
+	doinitd "${FILESDIR}"/init.d/chilli
+
+	dodoc ChangeLog CREDITS
+	dodoc doc/attributes doc/dictionary.chillispot
+	dodoc doc/hotspotlogin.cgi
+	dodoc "${FILESDIR}"/firewall.iptables 
+}
+
+pkg_postinst() {
+	elog "$MY_PN uses RADIUS for access provisioning and accounting so be sure"
+	elog "to install and configure a RADIUS server before using ${MY_PN}."
+	elog "Gentoo-wiki has a nice guide regarding this (uses Freeradius):"
+	elog "  http://en.gentoo-wiki.com/wiki/Chillispot_with_FreeRadius_and_MySQL"
+}
diff --git a/net-wireless/coova-chilli/files/firewall.iptables b/net-wireless/coova-chilli/files/firewall.iptables
new file mode 100644
index 00000000..f1c856fd
--- /dev/null
+++ b/net-wireless/coova-chilli/files/firewall.iptables
@@ -0,0 +1,63 @@
+#!/bin/sh
+#
+# Firewall script for ChilliSpot
+# A Wireless LAN Access Point Controller
+#
+# Uses $EXTIF (eth0) as the external interface (Internet or intranet) and
+# $INTIF (eth1) as the internal interface (access points).
+#
+#
+# SUMMARY
+# * All connections originating from chilli are allowed.
+# * Only ssh is allowed in on external interface.
+# * Nothing is allowed in on internal interface.
+# * Forwarding is allowed to and from the external interface, but disallowed
+#   to and from the internal interface.
+# * NAT is enabled on the external interface.
+
+IPTABLES="/sbin/iptables"
+EXTIF="eth0"
+INTIF="eth1"
+
+#Flush all rules
+$IPTABLES -F 
+$IPTABLES -F -t nat
+$IPTABLES -F -t mangle
+
+#Set default behaviour
+$IPTABLES -P INPUT DROP
+$IPTABLES -P FORWARD ACCEPT
+$IPTABLES -P OUTPUT ACCEPT
+
+#Allow related and established on all interfaces (input)
+$IPTABLES -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
+
+#Allow releated, established and ssh on $EXTIF. Reject everything else.
+$IPTABLES -A INPUT -i $EXTIF -p tcp -m tcp --dport 22 --syn -j ACCEPT
+$IPTABLES -A INPUT -i $EXTIF -j REJECT
+
+#Allow related and established from $INTIF. Drop everything else.
+$IPTABLES -A INPUT -i $INTIF -j DROP
+
+#Allow http and https on other interfaces (input).
+#This is only needed if authentication server is on same server as chilli
+$IPTABLES -A INPUT -p tcp -m tcp --dport 80 --syn -j ACCEPT
+$IPTABLES -A INPUT -p tcp -m tcp --dport 443 --syn -j ACCEPT
+
+#Allow 3990 on other interfaces (input).
+$IPTABLES -A INPUT -p tcp -m tcp --dport 3990 --syn -j ACCEPT
+
+#Allow ICMP echo on other interfaces (input).
+$IPTABLES -A INPUT -p icmp --icmp-type echo-request -j ACCEPT
+
+#Allow everything on loopback interface.
+$IPTABLES -A INPUT -i lo -j ACCEPT
+
+# Drop everything to and from $INTIF (forward)
+# This means that access points can only be managed from ChilliSpot
+$IPTABLES -A FORWARD -i $INTIF -j DROP
+$IPTABLES -A FORWARD -o $INTIF -j DROP
+
+#Enable NAT on output device
+$IPTABLES -t nat -A POSTROUTING -o $EXTIF -j MASQUERADE
+
diff --git a/net-wireless/coova-chilli/files/init.d/chilli b/net-wireless/coova-chilli/files/init.d/chilli
new file mode 100644
index 00000000..090851ea
--- /dev/null
+++ b/net-wireless/coova-chilli/files/init.d/chilli
@@ -0,0 +1,44 @@
+#!/sbin/runscript
+# Copyright 1999-2008 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: $
+
+# Import chilli specific functions
+. /etc/chilli/functions
+
+depend() {
+        use net logger
+}
+
+
+checkconfig() {
+	check_required
+
+        if [ -f /etc/chilli.conf ]; then
+                return 0;
+        else
+                eerror "Error starting CoovaChilli. Please create /etc/chilli.conf before."
+                return 1;
+        fi
+}
+
+start() {
+        checkconfig || return 1
+        ebegin "Starting CoovaChilli"
+
+	# TODO: check for tun module and ip_forward
+
+	writeconfig
+	radiusconfig
+
+        start-stop-daemon --start --pidfile /var/run/chilli.pid --quiet \
+                --exec /usr/sbin/chilli -- --pidfile=/var/run/chilli.pid
+        eend $?
+}
+
+stop() {
+        ebegin "Stopping Chillispot"
+        start-stop-daemon --stop --pidfile /var/run/chilli.pid --quiet
+        eend $?
+}
+
diff --git a/net-wireless/coova-chilli/metadata.xml b/net-wireless/coova-chilli/metadata.xml
new file mode 100644
index 00000000..2edd5b11
--- /dev/null
+++ b/net-wireless/coova-chilli/metadata.xml
@@ -0,0 +1,14 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+<maintainer><email>maintainer-wanted@gentoo.org</email></maintainer>
+<longdescription>
+CoovaChilli is an open-source software access controller, based on the 
+popular (but now defunct) ChilliSpot project, and is actively maintained 
+by an original ChilliSpot contributor.
+
+CoovaChilli is a feature rich software access controller that provides a 
+captive portal / walled-garden environment and uses RADIUS for access 
+provisioning and accounting
+</longdescription>
+</pkgmetadata>