summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorjow <jow@3c298f89-4303-0410-b956-a3cf2f4a3e73>2013-05-06 08:44:54 +0000
committerjow <jow@3c298f89-4303-0410-b956-a3cf2f4a3e73>2013-05-06 08:44:54 +0000
commit7fcd308f5487ca56232786e87e9fd862b830e89b (patch)
tree116ab009eaca998f579951e0496ae3998876013f
parentf84b697c231ab36e0460008983dfc5645b8048e2 (diff)
Add ipset-dns - a tiny DNS proxy service which puts resolved ip addresses into a specified ipset
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@36552 3c298f89-4303-0410-b956-a3cf2f4a3e73
-rw-r--r--package/network/services/ipset-dns/Makefile60
-rw-r--r--package/network/services/ipset-dns/files/ipset-dns.config13
-rwxr-xr-xpackage/network/services/ipset-dns/files/ipset-dns.init64
3 files changed, 137 insertions, 0 deletions
diff --git a/package/network/services/ipset-dns/Makefile b/package/network/services/ipset-dns/Makefile
new file mode 100644
index 000000000..431c77915
--- /dev/null
+++ b/package/network/services/ipset-dns/Makefile
@@ -0,0 +1,60 @@
+#
+# Copyright (C) 2013 OpenWrt.org
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=ipset-dns
+PKG_VERSION:=2013-05-03
+PKG_RELEASE=$(PKG_SOURCE_VERSION)
+
+PKG_SOURCE_PROTO:=git
+PKG_SOURCE_URL:=http://git.zx2c4.com/ipset-dns
+PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
+PKG_SOURCE_VERSION:=6be3afd819a86136b51c5ae722ab48266187155b
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
+PKG_MAINTAINER:=Jo-Philipp Wich <jow@openwrt.org>
+
+PKG_LICENSE:=GPLv2
+PKG_LICENSE_FILES:=COPYING
+
+include $(INCLUDE_DIR)/package.mk
+
+define Package/ipset-dns/Default
+endef
+
+define Package/ipset-dns
+ SECTION:=net
+ CATEGORY:=Network
+ TITLE:=A lightweight DNS forwarder to populate ipsets
+ URL:=http://git.zx2c4.com/ipset-dns/about/
+ DEPENDS:=+libmnl
+endef
+
+define Package/ipset-dns/description
+ The ipset-dns daemon is a lightweight DNS forwarding server that adds all
+ resolved IPs to a given netfilter ipset. It is designed to be used in
+ conjunction with dnsmasq's upstream server directive.
+
+ Practical use cases include routing over a given gateway traffic for
+ particular web services or webpages that do not have a priori predictable
+ IP addresses and instead rely on dizzying arrays of DNS resolutions.
+endef
+
+define Package/ipset-dns/conffiles
+/etc/config/ipset-dns
+endef
+
+define Package/ipset-dns/install
+ $(INSTALL_DIR) $(1)/usr/sbin
+ $(INSTALL_BIN) $(PKG_BUILD_DIR)/ipset-dns $(1)/usr/sbin/ipset-dns
+ $(INSTALL_DIR) $(1)/etc/init.d
+ $(INSTALL_BIN) ./files/ipset-dns.init $(1)/etc/init.d/ipset-dns
+ $(INSTALL_DIR) $(1)/etc/config
+ $(INSTALL_CONF) ./files/ipset-dns.config $(1)/etc/config/ipset-dns
+endef
+
+$(eval $(call BuildPackage,ipset-dns))
diff --git a/package/network/services/ipset-dns/files/ipset-dns.config b/package/network/services/ipset-dns/files/ipset-dns.config
new file mode 100644
index 000000000..52e87b27c
--- /dev/null
+++ b/package/network/services/ipset-dns/files/ipset-dns.config
@@ -0,0 +1,13 @@
+# declare an ipset-dns listener instance, multiple allowed
+config ipset-dns
+ # use given ipset
+ option ipset 'domain-filter'
+
+ # use given listening port
+ # defaults to 53000 + instance number
+ #option port '53001'
+
+ # use given upstream DNS server,
+ # defaults to first entry in /tmp/resolv.conf.auto
+ #option dns '8.8.8.8'
+
diff --git a/package/network/services/ipset-dns/files/ipset-dns.init b/package/network/services/ipset-dns/files/ipset-dns.init
new file mode 100755
index 000000000..5d41539a7
--- /dev/null
+++ b/package/network/services/ipset-dns/files/ipset-dns.init
@@ -0,0 +1,64 @@
+#!/bin/sh /etc/rc.common
+# Copyright (C) 2013 OpenWrt.org
+
+START=61
+
+SERVICE_DAEMONIZE=1
+SERVICE_WRITE_PID=1
+
+
+find_nameserver() {
+ . /lib/functions/network.sh
+
+ local tmp
+ if network_find_wan tmp && network_get_dnsserver tmp "$tmp"; then
+ echo "${tmp%% *}"
+ return 0
+ fi
+
+ return 1
+}
+
+start_instance() {
+ local cfg="$1"
+ local ipset port dns
+
+ config_get ipset "$cfg" ipset
+ [ -n "$ipset" ] || {
+ echo "No ipset specified for instance $cfg" >&2
+ return 1
+ }
+
+ config_get dns "$cfg" dns "$DEFNS"
+ [ -n "$dns" ] || {
+ echo "No DNS server specified for instance $cfg" >&2
+ return 1
+ }
+
+ config_get port "$cfg" port $((PORT++))
+
+ SERVICE_PID_FILE="/var/run/ipset-dns-$port.pid" \
+ service_start /usr/sbin/ipset-dns "$ipset" "$port" "$dns"
+}
+
+start() {
+ PORT=53001
+ DEFNS="$(find_nameserver)"
+
+ # required by ipset-dns to not daemonize itself
+ export NO_DAEMONIZE=1
+
+ config_load ipset-dns
+ config_foreach start_instance ipset-dns
+}
+
+stop() {
+ local pid
+ for pid in /var/run/ipset-dns-*.pid; do
+ [ -f "$pid" ] || continue
+ SERVICE_PID_FILE="$pid" \
+ service_stop /usr/sbin/ipset-dns
+ rm -f "$pid"
+ done
+}
+