debian/0000755000000000000000000000000012141421214007156 5ustar debian/control0000644000000000000000000000153712141420300010562 0ustar Source: tayga Section: net Priority: optional Maintainer: Andrew Shadura Uploaders: Barak A. Pearlmutter Build-Depends: debhelper (>= 9), dh-autoreconf Standards-Version: 3.9.4 Vcs-Hg: http://hg.debian.org/hg/collab-maint/tayga/ Vcs-Browser: http://hg.debian.org/hg/collab-maint/tayga/ Homepage: http://www.litech.org/tayga/ Package: tayga Architecture: linux-any Depends: ${misc:Depends}, ${shlibs:Depends} Description: userspace stateless NAT64 TAYGA is an out-of-kernel stateless NAT64 implementation for Linux that uses the TUN driver to exchange IPv4 and IPv6 packets with the kernel. It is intended to provide production-quality NAT64 service for networks where dedicated NAT64 hardware would be overkill. TAYGA needs no kernel patches or out-of-tree modules, and it is compatible with all 2.4 and 2.6 kernels. debian/watch0000644000000000000000000000016711576121677010240 0ustar # watch control file for uscan # See uscan(1) for format version=3 http://www.litech.org/tayga/tayga-(.*)\.tar\.bz2 debian/docs0000644000000000000000000000003211550400636010034 0ustar README tayga.conf.example debian/clean0000644000000000000000000000001311576121326010171 0ustar config.log debian/changelog0000644000000000000000000000436612141420322011040 0ustar tayga (0.9.2-6) unstable; urgency=low * Upload to unstable. -- Andrew Shadura Sun, 05 May 2013 11:05:10 +0200 tayga (0.9.2-5) experimental; urgency=low * Don't try to configure routes if options aren't set (LP: #1031772, also closes: #673491, #700712). * Bring more sanity to the init script. * Redirect TUN creation and removal messages to the system log. * Update Standards-Version to 3.9.4 (no changes required). -- Andrew Shadura Sun, 03 Mar 2013 11:32:42 +0100 tayga (0.9.2-4) unstable; urgency=low [ Andrew O. Shadura ] * Fix a syntax error in the initscript. [ Barak A. Pearlmutter ] * Silence lintian init.d-script-missing-lsb-description. * Tweak rules: dh --parallel, dh --with=autoreconf. * Bump to dh9. * Update Standards-Version to 3.9.3. * Add self to uploaders. * Patches: - Refresh - Avoid trailing-whitespace warning - Tweak configure.ac: default CFLAGS, fix underquoting, autoupdate. - Guard chdir() and write() in response to gcc -Wall -- Barak A. Pearlmutter Wed, 18 Apr 2012 12:05:23 +0100 tayga (0.9.2-3) unstable; urgency=low * Perform some additional configuration; users should check if that doesn't break any of existing manual setups (Closes: #637889). * Change the spelling of maintainer's name. -- Andrew O. Shadura Sat, 10 Sep 2011 13:03:36 +0300 tayga (0.9.2-2) unstable; urgency=low * Update Standards-Version to 3.9.2. * Fix init script a bit. -- Andrew O. Shadura Wed, 15 Jun 2011 17:52:55 +0300 tayga (0.9.2-1) unstable; urgency=low * New upstream release. -- Andrew O. Shadura Wed, 15 Jun 2011 15:08:29 +0300 tayga (0.9.1-3) unstable; urgency=low * Updated the initscript to generate pidfile correctly. -- Andrew O. Shadura Mon, 11 Apr 2011 09:30:18 +0300 tayga (0.9.1-2) unstable; urgency=low * Fix a typo in /etc/default/tayga (Closes: #622178) * Depend on the correct version of autotools-dev. -- Andrew O. Shadura Sun, 10 Apr 2011 22:10:59 +0300 tayga (0.9.1-1) unstable; urgency=low * Initial release (Closes: #608136) -- Andrew O. Shadura Wed, 02 Feb 2011 16:35:14 +0200 debian/source/0000755000000000000000000000000011550400636010466 5ustar debian/source/format0000644000000000000000000000001411550400636011674 0ustar 3.0 (quilt) debian/init0000755000000000000000000001737512114625660010077 0ustar #!/bin/sh # # Copyright (c) 2007 Javier Fernandez-Sanguino # Modified by Andrew Shadura # # This is free software; you may redistribute it and/or modify # it under the terms of the GNU General Public License as # published by the Free Software Foundation; either version 2, # or (at your option) any later version. # # This is distributed in the hope that it will be useful, but # WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License with # the Debian operating system, in /usr/share/common-licenses/GPL; if # not, write to the Free Software Foundation, Inc., 59 Temple Place, # Suite 330, Boston, MA 02111-1307 USA # ### BEGIN INIT INFO # Provides: tayga # Required-Start: $network $local_fs $remote_fs # Required-Stop: $remote_fs # Should-Start: # Should-Stop: # Default-Start: 2 3 4 5 # Default-Stop: 0 1 6 # Short-Description: userspace NAT64 # Description: TAYGA is a stateless NAT64 userspace daemon. Using the # in-kernel TUN network driver, TAYGA receives IPv4 and # IPv6 packets, translates them to the other protocol, # and sends the translated packets back using the same # TUN interface. ### END INIT INFO PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin DAEMON=/usr/sbin/tayga # Introduce the server's location here NAME=tayga # Introduce the short server's name here DESC="userspace NAT64" # Introduce a short description here PIDFILE=/var/run/$NAME.pid test -x "$DAEMON" || exit 0 . /lib/lsb/init-functions # Default options, these can be overriden by the information # at /etc/default/$NAME DAEMON_OPTS="--nodetach" # Additional options given to the server DIETIME=10 # Time to wait for the server to die, in seconds # If this value is set too low you might not # let some servers to die gracefully and # 'restart' will not work STARTTIME=2 # Time to wait for the server to start, in seconds # If this value is set each time the server is # started (on start or restart) the script will # stall to try to determine if it is running # If it is not set and the server takes time # to setup a pid file the log message might # be a false positive (says it did not start # when it actually did) TUN_DEVICE=$(sed -rn "/^[ \t]*tun-device/s/^[ \t]*tun-device[ \t]+//p" /etc/tayga.conf) IPV6_PREFIX=$(sed -rn "/^[ \t]*prefix/s/^[ \t]*prefix[ \t]+//p" /etc/tayga.conf) DYNAMIC_POOL=$(sed -rn "/^[ \t]*dynamic-pool/s/^[ \t]*dynamic-pool[ \t]+//p" /etc/tayga.conf) CONFIGURE_IFACE="no" CONFIGURE_NAT44="no" # Include defaults if available if [ -f "/etc/default/$NAME" ] ; then . "/etc/default/$NAME" fi if [ "$RUN" != "yes" ] ; then log_failure_msg "$NAME disabled, please adjust the configuration to your needs " log_failure_msg "and then set RUN to 'yes' in /etc/default/$NAME to enable it." exit 0 fi set -e running_pid() { # Check if a given process pid's cmdline matches a given name pid="$1" name="$2" [ -z "$pid" ] && return 1 [ ! -d "/proc/$pid" ] && return 1 return 0 } running() { # Check if the process is running looking at /proc # (works for all users) # No pidfile, probably no daemon present [ ! -f "$PIDFILE" ] && return 1 pid=$(cat $PIDFILE) running_pid "$pid" "$DAEMON" || return 1 return 0 } start_server() { if [ "$CONFIGURE_IFACE" = "yes" ] ; then "$DAEMON" --mktun | logger -t "$NAME" -i ip link set "$TUN_DEVICE" up [ -n "$DYNAMIC_POOL" ] && ip route add "$DYNAMIC_POOL" dev "$TUN_DEVICE" [ -n "$IPV6_PREFIX" ] && ip route add "$IPV6_PREFIX" dev "$TUN_DEVICE" [ -n "$IPV4_TUN_ADDR" ] && ip addr add "$IPV4_TUN_ADDR" dev "$TUN_DEVICE" [ -n "$IPV6_TUN_ADDR" ] && ip addr add "$IPV6_TUN_ADDR" dev "$TUN_DEVICE" fi [ "$CONFIGURE_NAT44" = "yes" ] && [ -n "$DYNAMIC_POOL" ] && iptables -t nat -A POSTROUTING -s "$DYNAMIC_POOL" -j MASQUERADE || true start-stop-daemon --start --quiet \ -b --exec "$DAEMON" -- --pidfile "$PIDFILE" $DAEMON_OPTS } stop_server() { start-stop-daemon --stop --quiet --pidfile "$PIDFILE" errcode=$? if [ "$CONFIGURE_IFACE" = "yes" ] ; then ip link set "$TUN_DEVICE" down "$DAEMON" --rmtun | logger -t "$NAME" -i fi [ "$CONFIGURE_NAT44" = "yes" ] && [ -n "$DYNAMIC_POOL" ] && iptables -t nat -D POSTROUTING -s "$DYNAMIC_POOL" -j MASQUERADE || true rm -f "$PIDFILE" return $errcode } force_stop() { # Force the process to die killing it manually [ ! -e "$PIDFILE" ] && return if running ; then kill -15 $pid # Is it really dead? sleep "$DIETIME"s if running ; then kill -9 $pid sleep "$DIETIME"s if running ; then echo "Cannot kill $NAME (pid=$pid)!" exit 1 fi fi fi rm -f "$PIDFILE" } case "$1" in start) log_daemon_msg "Starting $DESC" "$NAME" # Check if it's running first if running ; then log_progress_msg "apparently already running" log_end_msg 0 exit 0 fi if start_server ; then # NOTE: Some servers might die some time after they start, # this code will detect this issue if STARTTIME is set # to a reasonable value [ -n "$STARTTIME" ] && sleep $STARTTIME # Wait some time if running ; then # It's ok, the server started and is running log_end_msg 0 else # It is not running after we did start log_end_msg 1 fi else # Either we could not start it log_end_msg 1 fi ;; stop) log_daemon_msg "Stopping $DESC" "$NAME" if running ; then # Only stop the server if we see it running errcode=0 stop_server || errcode=$? log_end_msg $errcode else # If it's not running don't do anything log_progress_msg "apparently not running" log_end_msg 0 exit 0 fi ;; force-stop) # First try to stop gracefully the program $0 stop if running; then # If it's still running try to kill it more forcefully log_daemon_msg "Stopping (force) $DESC" "$NAME" errcode=0 force_stop || errcode=$? log_end_msg $errcode fi ;; restart|force-reload) log_daemon_msg "Restarting $DESC" "$NAME" errcode=0 stop_server || errcode=$? # Wait some sensible amount, some server need this [ -n "$DIETIME" ] && sleep $DIETIME start_server || errcode=$? [ -n "$STARTTIME" ] && sleep $STARTTIME running || errcode=$? log_end_msg $errcode ;; status) log_daemon_msg "Checking status of $DESC" "$NAME" if running ; then log_progress_msg "running" log_end_msg 0 else log_progress_msg "apparently not running" log_end_msg 1 exit 1 fi ;; # Use this if the daemon cannot reload reload) log_warning_msg "Reloading $NAME daemon: not implemented, as the daemon" log_warning_msg "cannot re-read the config file (use restart)." ;; *) N=/etc/init.d/$NAME echo "Usage: $N {start|stop|force-stop|restart|force-reload|status}" >&2 exit 1 ;; esac exit 0 debian/copyright0000644000000000000000000000233611632632100011117 0ustar This package was debianized by: Andrew O. Shadura on Mon, 27 Dec 2010 18:05:20 +0200 It was downloaded from: Upstream Author: Nathan Lutchansky Copyright: Copyright (C) 2010 Nathan Lutchansky License: This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 2 of the License, or (at your option) any later version. This package is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see . On Debian systems, the complete text of the GNU General Public License version 2 can be found in `/usr/share/common-licenses/GPL-2'. The Debian packaging is: Copyright (C) 2010 Andrew O. Shadura and is licensed under the GPL version 2, see above. debian/manpages0000644000000000000000000000002511550400636010701 0ustar tayga.8 tayga.conf.5 debian/patches/0000755000000000000000000000000011743621501010615 5ustar debian/patches/02-manpage.patch0000644000000000000000000000126511743621501013471 0ustar From: "Andrew O. Shadura" Subject: 02-manpage don't use hyphen as minus sign --- tayga.8 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tayga.8 b/tayga.8 --- a/tayga.8 +++ b/tayga.8 @@ -53,7 +53,7 @@ be configured prior to commencement of packet translation. This may simplify network configuration on the host; for example, systems which use a Debian-style /etc/network/interfaces file may configure TAYGA's TUN device at -boot by running `tayga --mktun` as a "pre-up" command and then configuring the +boot by running `tayga \-\-mktun` as a "pre-up" command and then configuring the TUN device as any other network interface. .SH OPTIONS debian/patches/06-guard-write.patch0000644000000000000000000000200211743621501014305 0ustar From: "Barak A. Pearlmutter" Date: Wed, 18 Apr 2012 11:47:19 +0100 Subject: 06 guard write Guard write call, avoid ignored-return-value warning. (This is not a false positive: a very subtle attack would consist of filling up the filesystem so much that only a partial PID is written, causing the wrong PID to be signaled later.) (Note that, technically speaking, if only some of the buffer is written we should retry the rest in a loop. But in this case, that seems exceedingly unlikely.) --- tayga.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/tayga.c b/tayga.c index 3886831..5027d0a 100644 --- a/tayga.c +++ b/tayga.c @@ -439,7 +439,10 @@ int main(int argc, char **argv) if (pidfile) { snprintf(addrbuf, sizeof(addrbuf), "%ld\n", (long)getpid()); - write(pidfd, addrbuf, strlen(addrbuf)); + if (write(pidfd, addrbuf, strlen(addrbuf)) != strlen(addrbuf)) { + slog(LOG_CRIT, "Error, unable to write PID file.\n"); + exit(1); + } close(pidfd); } debian/patches/04-quote-make-var.patch0000644000000000000000000000103411743621501014713 0ustar From: "Barak A. Pearlmutter" Date: Wed, 18 Apr 2012 09:09:11 +0100 Subject: 04 quote make var Quote filename containing variable modifiable at make time. --- configure.ac | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/configure.ac b/configure.ac index 5640305..fa99305 100644 --- a/configure.ac +++ b/configure.ac @@ -5,7 +5,7 @@ AC_CONFIG_HEADERS(config.h) AC_PROG_CC -tayga_conf_path=${sysconfdir}/tayga.conf +tayga_conf_path='${sysconfdir}/tayga.conf' AC_SUBST(tayga_conf_path) debian/patches/03-configure-no-CFLAGS.patch0000644000000000000000000000100511743621501015402 0ustar From: "Barak A. Pearlmutter" Date: Wed, 18 Apr 2012 09:07:57 +0100 Subject: 03 configure no-CFLAGS Allow CFLAGS to default in configure.ac instead of hardwiring to -g -O2 --- configure.ac | 2 -- 1 file changed, 2 deletions(-) diff --git a/configure.ac b/configure.ac index 3d2a6c9..5640305 100644 --- a/configure.ac +++ b/configure.ac @@ -5,8 +5,6 @@ AC_CONFIG_HEADERS(config.h) AC_PROG_CC -CFLAGS='-g -Wall' - tayga_conf_path=${sysconfdir}/tayga.conf AC_SUBST(tayga_conf_path) debian/patches/05-guard-chdir.patch0000644000000000000000000000175311743621501014257 0ustar From: "Barak A. Pearlmutter" Date: Wed, 18 Apr 2012 11:37:58 +0100 Subject: 05 guard chdir Guard chdir calls to avoid ignored-return-value warnings. --- tayga.c | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/tayga.c b/tayga.c index fbd2e64..3886831 100644 --- a/tayga.c +++ b/tayga.c @@ -388,7 +388,11 @@ int main(int argc, char **argv) "is specified in %s\n", conffile); exit(1); } - chdir("/"); + if (chdir("/")) { + slog(LOG_CRIT, "Error: unable to chdir to /, aborting: %s\n", + strerror(errno)); + exit(1); + } } else if (chdir(gcfg->data_dir) < 0) { if (user || errno != ENOENT) { slog(LOG_CRIT, "Error: unable to chdir to %s, " @@ -460,7 +464,11 @@ int main(int argc, char **argv) gcfg->data_dir, strerror(errno)); exit(1); } - chdir("/"); + if (chdir("/")) { + slog(LOG_CRIT, "Error: unable to chdir to /, aborting: %s\n", + strerror(errno)); + exit(1); + } } if (gr) { debian/patches/series0000644000000000000000000000020711743621501012031 0ustar 01-use-var-spool.patch 02-manpage.patch 03-configure-no-CFLAGS.patch 04-quote-make-var.patch 05-guard-chdir.patch 06-guard-write.patch debian/patches/01-use-var-spool.patch0000644000000000000000000000072511743621501014574 0ustar From: "Andrew O. Shadura" Subject: 01-use-var-spool use /var/spool/tayga instead of /var/db/tayga --- tayga.conf.example | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tayga.conf.example b/tayga.conf.example --- a/tayga.conf.example +++ b/tayga.conf.example @@ -84,7 +84,7 @@ # # Optional. # -data-dir /var/db/tayga +data-dir /var/spool/tayga # # Establishes a single-host map. If an IPv6 host should be consistently debian/default0000644000000000000000000000100312114624645010534 0ustar # Defaults for tayga initscript # sourced by /etc/init.d/tayga # installed at /etc/default/tayga by the maintainer scripts # Change this to "yes" to enable tayga RUN="no" # Configure interface and set the routes up CONFIGURE_IFACE="yes" # Configure NAT44 for the private IPv4 range CONFIGURE_NAT44="yes" # Additional options that are passed to the Daemon. DAEMON_OPTS="" # IPv4 address to assign to the NAT64 tunnel device IPV4_TUN_ADDR="" # IPv6 address to assign to the NAT64 tunnel device IPV6_TUN_ADDR="" debian/rules0000755000000000000000000000027611743621501010253 0ustar #!/usr/bin/make -f %: dh $@ --parallel --with=autoreconf override_dh_auto_install: dh_auto_install mv $(CURDIR)/debian/tayga/etc/tayga.conf.example $(CURDIR)/debian/tayga/etc/tayga.conf debian/compat0000644000000000000000000000000211743621500010363 0ustar 9