Go Back   Phoenix Labs > Projects > PeerGuardian Linux
Reload this Page repackaging pg for debian
Register FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply
Page 1 of 3 1 23 >
 
Thread Tools Display Modes

 
Old 03-02-2006, 07:19 AM   #1
lestlest

Member
Join Date: Mar 2006
Posts: 53
Default repackaging pg for debian
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I did repackage peerguardian for debian.
The new package includes start/stop scripts for init.d, automatic logfile rotation of /var/log/peerguardnf.log and automated updating of /etc/p2p.p2b.p2p using bluetack.co.uk.

If you can spare a directory on an ftp or http host somewhere please drop me a line for we could set up a small debian repository for pg.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)

iD8DBQFEEHrGPaqdad7aBVkRAi9RAJwNoegQLqzqCb8r9beR+u U+mBB8PQCfQgtg
FggYI7fPqbrw8HDldDPPUPY=
=mdDI
-----END PGP SIGNATURE-----

At the moment you can get my packages from
Code:
deb http://mitglied.lycos.de/clessing/ unstable main contrib non-free
deb-src http://mitglied.lycos.de/clessing/ unstable main contrib non-free
Attached Files
File Type: txt clessing.key.txt (2.3 KB, 23 views)
Last edited by lestlest : 03-11-2006 at 06:52 AM. Reason: package repository location
lestlest is offline   Reply With Quote

 
Old 03-02-2006, 11:04 AM   #2
jre

Senior Member
Join Date: Sep 2005
Posts: 588
Default Re: repackaging pg for debian
First: Nice package, one step nearer to the goal to get the best from PG 1.5. As I see you used parts from an old script from me. Have you also checked these newer versions, they're more flexible and easier in handling the different blocklists to download. But at least you gave me a wonderful inspiration for my script to comply better to formal rules. And the most important thing: The blocking seems to works.

etc/cron.daily/peerguardnf
Unfortunately the daily update doesn't work because your test if there is a connection to the internet always gives a negative result here. But pinging www.sourceforge.net manually works here, so it's a problem in your script.

etc/PG.conf
Code:
# Please edit below if you wish not to block certain ports with
# were in the format 80,25,x,x; or leave it blank if you don't wish
# to use this feature.
# jabber: 5222, 5223
# icq: 5190
# irc: 6667
# msn: 1863
# imaps: 993
# pop3: 110
# https: 443
PORTS_NOT_TO_BLOCK=80,5222,5223,5190,6667,1863, 993, 110, 443;
I wouldn't unblock that many ports in a package for the public.

etc/init.d/peerguardnf
Code:
DAEMON_ARGS="-d -l /var/log/peerguardnf.log -c /etc/PG.conf -m"
You start the webserver. That's ok, but it's also a small security risk.

/var/log/peerguardnf.log
I agree the naming with PG/peerguardnf/peerguardian is messed up. But I'd recommend to use /var/log/PG.log since otherwise JFM's Gambas GUI doesn't work.

usr/sbin
Unnecessary that you create this folder.

usr/share/doc/peerguardnf/NEWS
Still refers to methlabs.org

usr/share/doc/peerguardnf/ipcopinstall.txt:
Code:
to install for ipcop:

copy over peerguardnf to your ipcop box
copy over the blocklist to your ipcop box

login to your ipcop box and move peerguardnf to the /usr/bin directory. Now
go to the directory with the blocklist in it and type:

peerguardnf -d -m -l /var/log/PG.log -h <blocklistfile>

where <blocklistfile> is the name of your blocklist.
Are you sure your advise is right? See the other threads in this forum about the iptables-problems!
Some minutes later: I think I take that back, at least before I think about it again. Did you change the code from PG? Because there's also a QUEUE in the FORWARD rule.
What else did you change in the code?

Keep up the work!
jre
jre is offline   Reply With Quote

 
Old 03-02-2006, 11:35 AM   #3
lestlest

Member
Join Date: Mar 2006
Posts: 53
Default Re: repackaging pg for debian
Quote:
Originally Posted by jre
First: Nice package, one step nearer to the goal to get the best from PG 1.5. As I see you used parts from an old script from me. Have you also checked these newer versions, they're more flexible and easier in handling the different blocklists to download. But at least you gave me a wonderful inspiration for my script to comply better to formal rules. And the most important thing: The blocking seems to works.
I'll have a look at the newer scripts. Thanks!

Quote:
Originally Posted by jre
etc/cron.daily/peerguardnf
Unfortunately the daily update doesn't work because your test if there is a connection to the internet always gives a negative result here. But pinging www.sourceforge.net manually works here, so it's a problem in your script.
Hmm. It works for me. At the moment I have no better idea to check for a working connection without a timeout blocking the installation... Maybe I should ping pheonixlabs...

Quote:
Originally Posted by jre

etc/PG.conf
Code:
# Please edit below if you wish not to block certain ports with
PORTS_NOT_TO_BLOCK=80,5222,5223,5190,6667,1863, 993, 110, 443;
I wouldn't unblock that many ports in a package for the public.
I'll fix this.

Quote:
Originally Posted by jre
etc/init.d/peerguardnf
Code:
DAEMON_ARGS="-d -l /var/log/peerguardnf.log -c /etc/PG.conf -m"
You start the webserver. That's ok, but it's also a small security risk.
I'll fix this, too.

Quote:
Originally Posted by jre
/var/log/peerguardnf.log
I agree the naming with PG/peerguardnf/peerguardian is messed up. But I'd recommend to use /var/log/PG.log since otherwise JFM's Gambas GUI doesn't work.
Ok. Missed this, because I did not use the gui so far...

Quote:
Originally Posted by jre
usr/sbin
Unnecessary that you create this folder.
ok. did not notice...

Quote:
Originally Posted by jre
usr/share/doc/peerguardnf/NEWS
Still refers to methlabs.org

usr/share/doc/peerguardnf/ipcopinstall.txt:
Are you sure your advise is right? See the other threads in this forum about the iptables-problems!
I haven't even read this - it was in the cvs source and it was automatically included while constructing the package. I'll remove it from the package for the time being.

Quote:
Originally Posted by jre

Some minutes later: I think I take that back, at least before I think about it again. Did you change the code from PG? Because there's also a QUEUE in the FORWARD rule.
What else did you change in the code?

jre
I changed pg to react to SIGHUP by reopening the logfile (this was necessary for log file rotation)
Last edited by lestlest : 03-02-2006 at 01:00 PM.
lestlest is offline   Reply With Quote

 
Old 03-02-2006, 12:28 PM   #4
jre

Senior Member
Join Date: Sep 2005
Posts: 588
Default Re: repackaging pg for debian
Quote:
Originally Posted by lestlest
I haven't even read this - it was in the cvs source and it was automatically included while constructing the package. I'll remove it from the package for the time being.
CVS source? PeerGuardian Linux is not developed at the moment. AFAIK the only available source is the one in this thread. Or did you get the source from another site?

Hey, that's strange. The filesize of /usr/bin/peerguardnf really differs strongly:
1060769 (Official Debian-Package from here)
682992 (Compiled it myself from source ("configure", "make" and "make install")
76128 (From your package)

Quote:
Originally Posted by lestlest
I changed pg to react to SIGHUP by reopening the logfile (this was necessary for log file rotation)
Ah, nice, you're a programmer (never learned that myself). If you read the thread with my script you will notice that the automatic installation of the iptables rules often causes problems. So if you want to and are able to I propose that you change the source to not installing any iptables rules and that you do it manually in the script instead.

Greetings
jre
jre is offline   Reply With Quote

 
Old 03-02-2006, 12:29 PM   #5
lestlest

Member
Join Date: Mar 2006
Posts: 53
Default Re: repackaging pg for debian
I did update the package file in my first post (it's 1.5b-2 now) and fixed the things that did not need any thinking.
Changelog so far:

Code:
peerguardnf (1.5b-2) unstable; urgency=low

  * moved logfile to /log/PG.log
  * fixed config to just open port 80 and 443
  * changed blocklist update to check for phoenixlabs.org instead
    of www.sourceforge.net

 -- clessing <clessing@freenet.de>  Thu,  2 Mar 2006 18:01:21 +0100

peerguardnf (1.5b-1) unstable; urgency=low

  * Initial release
  * daily rotation of logfile
  * daily syncing with bluetack.co.uk
  * start/stop scripts in init.d

 -- clessing <clessing@freenet.de>  Thu,  2 Mar 2006 12:39:30 +0100
I also fixed the NEWS file to point to phoenixlabs but forgot to mention it in the changelog. I'll update this later.

I attached the sources necessary for building the package to this post for I will not be able to fix things during the upcoming week.

Thought you might want to play with the update script...
Last edited by lestlest : 03-02-2006 at 03:56 PM. Reason: remove outdated attachment
lestlest is offline   Reply With Quote

 
Old 03-02-2006, 12:35 PM   #6
lestlest

Member
Join Date: Mar 2006
Posts: 53
Default Re: repackaging pg for debian
Quote:
Originally Posted by jre
CVS source? PeerGuardian Linux is not developed at the moment. AFAIK the only available source is the one in this thread. Or did you get the source from another site?
I used
http://sourceforge.net/projects/peerguardian/
Maybe I look dumb now. Main.cpp is 9 months old.

Quote:
Originally Posted by jre
Ah, nice, you're a programmer (never learned that myself).
Hmm. I know enough to change other people's code

Quote:
Originally Posted by jre
If you read the thread with my script you will notice that the automatic installation of the iptables rules often causes problems. So if you want to and are able to I propose that you change the source to not installing any iptables rules and that you do it manually in the script instead.
Greetings
jre
I'll go into this toward the end of the next week for I have a BIG test on wednesday...
(medical student)
Last edited by lestlest : 03-02-2006 at 01:06 PM.
lestlest is offline   Reply With Quote

 
Old 03-02-2006, 12:38 PM   #7
lestlest

Member
Join Date: Mar 2006
Posts: 53
Default Re: repackaging pg for debian
Quote:
Originally Posted by lestlest
I used
http://sourceforge.net/projects/peerguardian/
Maybe I look dumb now. Main.cpp is 9 months old.
The forum links to sourceforge, so my sources should be pretty up to date...
Actually there are many files from march 2005 in the archive while in cvs they are changed in may..
At the moment I don't have the time to review all these changes but i'll have a look at them in a few days...
Last edited by lestlest : 03-02-2006 at 03:31 PM.
lestlest is offline   Reply With Quote

 
Old 03-02-2006, 03:56 PM   #8
jre

Senior Member
Join Date: Sep 2005
Posts: 588
Default Re: repackaging pg for debian
I just read some things about SIGHUP (didn't know anything about it before). From that it sounds as if you changed the code so that you can 'reload' (as defined in the LSB) the daemon (peerguardnf). So it isn't necessary to restart the daemon when a new blocklist was installed. Am I right with this??? (I hope so because I missed this feature)

Never knew there was a CVS version. Now I can tell you that you're definitely not dumb! I've just downloaded, compiled and installed it.

I'd propose you call your package peerguardnf_1.5CVS-[somenumber]_i386.deb to make it clear you used the CVS code. I think most other people always used the 1.5beta (which was 1-2 months older than the last changes in the CVS).

The file size of /usr/bin/peerguardnf is now 690196 here. Is this normal? 9 times bigger then your version, but still just 2/3 of the binary from the official 1.5beta debian package. Why this big differences?

The changes from 1.5beta to CVS I saw (without looking into the code):
- QUEUE is also put in the FORWARD rule.
- There's a message in the log: 'Deamon forked, pid is 23202' (The typo is not mine )

Last but not least: Good luck with your test
jre
jre is offline   Reply With Quote

 
Old 03-02-2006, 04:09 PM   #9
lestlest

Member
Join Date: Mar 2006
Posts: 53
Default Re: repackaging pg for debian
Quote:
Originally Posted by jre
I just read some things about SIGHUP (didn't know anything about it before). From that it sounds as if you changed the code so that you can 'reload' (as defined in the LSB) the daemon (peerguardnf). So it isn't necessary to restart the daemon when a new blocklist was installed. Am I right with this??? (I hope so because I missed this feature)
The source code I downloaded from sourceforge just reacted to SIGTERM (for shutting down the program). I added SIGHUP for log file reopening (which is common among other daemons, as far as I know). So at the moment there is no other reaction to sending SIGHUP than reopening the log file. But you are right about the reloading of configuration information. This is not handled yet - though it would be nice.

Quote:
Originally Posted by jre
Never knew there was a CVS version. Now I can tell you that you're definitely not dumb! I've just downloaded, compiled and installed it.

I'd propose you call your package peerguardnf_1.5CVS-[somenumber]_i386.deb to make it clear you used the CVS code. I think most other people always used the 1.5beta (which was 1-2 months older than the last changes in the CVS).
Yes. That's true. I'll change that when I'm uploading something new.

Quote:
Originally Posted by jre
The file size of /usr/bin/peerguardnf is now 690196 here. Is this normal? 9 times bigger then your version, but still just 2/3 of the binary from the official 1.5beta debian package. Why this big differences?
I don't know. I just ran ./configure && make.

Quote:
Originally Posted by jre
The changes from 1.5beta to CVS I saw (without looking into the code):
- QUEUE is also put in the FORWARD rule.
- There's a message in the log: 'Deamon forked, pid is 23202' (The typo is not mine )
There's much more in the code (I had a glance at a recursive diff. Too much for this evening )

For the time being, I uploaded a new package (it's attached to my first post.)

Code:
peerguardnf (1.5b-3) unstable; urgency=low

  * updated Main.cpp to create /var/run/peerguardnf.pid instead of
    /var/run/pg.pid (better for /etc/init.d/peerguardnf)
  * increased timeout from 1 to 2 seconds while checking for list updates

 -- clessing <clessing@freenet.de>  Thu,  2 Mar 2006 21:35:38 +0100

peerguardnf (1.5b-2) unstable; urgency=low

  * moved logfile to /var/log/PG.log
  * fixed config to just open port 80 and 443

  * changed blocklist update to check for phoenixlabs.org instead of
    www.sourceforge.net

  * updated NEWS to point to http://forums.phoenixlabs.org/

 -- clessing <clessing@freenet.de>  Thu,  2 Mar 2006 20:41:44 +0100

peerguardnf (1.5b-1) unstable; urgency=low

  * Initial release
  * daily rotation of logfile
  * daily syncing with bluetack.co.uk
  * start/stop scripts in init.d

 -- clessing <clessing@freenet.de>  Thu,  2 Mar 2006 12:39:30 +0100
Last edited by lestlest : 03-02-2006 at 04:11 PM.
lestlest is offline   Reply With Quote

 
Old 03-02-2006, 06:09 PM   #10
lestlest

Member
Join Date: Mar 2006
Posts: 53
Default Re: repackaging pg for debian
I'll be offline for a few days. Feel free, to send me suggestions and corrections.
lestlest is offline   Reply With Quote
Reply
Page 1 of 3 1 23 >

« Previous Thread | Next Thread »

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT -5. The time now is 05:02 PM.

Contact Us - Phoenix Labs - Archive - Top

  

Powered by vBulletin® Version 3.6.8
Copyright ©2000 - 2009, Jelsoft Enterprises Ltd.
© Phoenix Labs Staff