From 0c5820662793e27bccb82edf144afb6682a1020b Mon Sep 17 00:00:00 2001 From: cinerea0 Date: Sun, 6 Feb 2022 23:22:11 -0500 Subject: [PATCH 1/4] New package: protobuf-go-1.27.1. --- srcpkgs/protobuf-go/template | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) create mode 100644 srcpkgs/protobuf-go/template diff --git a/srcpkgs/protobuf-go/template b/srcpkgs/protobuf-go/template new file mode 100644 index 000000000000..8f4bddbbae8d --- /dev/null +++ b/srcpkgs/protobuf-go/template @@ -0,0 +1,17 @@ +# Template file for 'protobuf-go' +pkgname=protobuf-go +version=1.27.1 +revision=1 +build_style=go +go_import_path="google.golang.org/protobuf" +go_package="${go_import_path}/cmd/protoc-gen-go" +short_desc="Go support for Google's protocol buffers" +maintainer="cinerea0 " +license="BSD-3-Clause" +homepage="https://github.com/protocolbuffers/protobuf-go" +distfiles="https://github.com/protocolbuffers/protobuf-go/archive/refs/tags/v${version}.tar.gz" +checksum=3ec41a8324431e72f85e0dc0c2c098cc14c3cb1ee8820996c8f46afca2d65609 + +post_install() { + vlicense LICENSE +} From 5926ce6b6843b916058bcb72bdc137a08f70e47d Mon Sep 17 00:00:00 2001 From: cinerea0 Date: Sun, 6 Feb 2022 23:22:32 -0500 Subject: [PATCH 2/4] New package: protoc-gen-go-grpc-1.2.0. --- srcpkgs/protoc-gen-go-grpc/template | 14 ++++++++++++++ 1 file changed, 14 insertions(+) create mode 100644 srcpkgs/protoc-gen-go-grpc/template diff --git a/srcpkgs/protoc-gen-go-grpc/template b/srcpkgs/protoc-gen-go-grpc/template new file mode 100644 index 000000000000..4caeae146e1f --- /dev/null +++ b/srcpkgs/protoc-gen-go-grpc/template @@ -0,0 +1,14 @@ +# Template file for 'protoc-gen-go-grpc' +pkgname=protoc-gen-go-grpc +version=1.2.0 +revision=1 +wrksrc="grpc-go-cmd-${pkgname}-v${version}" +build_wrksrc="cmd/protoc-gen-go-grpc" +build_style=go +go_import_path="google.golang.org/grpc/cmd/protoc-gen-go-grpc" +short_desc="Generates Go language bindings of protobuf services for gRPC" +maintainer="cinerea0 " +license="Apache-2.0" +homepage="https://github.com/grpc/grpc-go/tree/master/cmd/protoc-gen-go-grpc" +distfiles="https://github.com/grpc/grpc-go/archive/refs/tags/cmd/protoc-gen-go-grpc/v${version}.tar.gz" +checksum=cbca93d6dce724248dfdea6303bf27ed24cc3ed9cf8f7485eb825682eab21284 From 8fb07bae9172013174640545f12504adb6e333d4 Mon Sep 17 00:00:00 2001 From: cinerea0 Date: Sun, 6 Feb 2022 23:22:55 -0500 Subject: [PATCH 3/4] New package: python3-unicode-slugify-0.1.5. --- srcpkgs/python3-unicode-slugify/template | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) create mode 100644 srcpkgs/python3-unicode-slugify/template diff --git a/srcpkgs/python3-unicode-slugify/template b/srcpkgs/python3-unicode-slugify/template new file mode 100644 index 000000000000..e1c296b04b8d --- /dev/null +++ b/srcpkgs/python3-unicode-slugify/template @@ -0,0 +1,18 @@ +# Template file for 'python3-unicode-slugify' +pkgname=python3-unicode-slugify +version=0.1.5 +revision=1 +wrksrc="unicode-slugify-${version}" +build_style=python3-module +hostmakedepends="python3-setuptools" +short_desc="Slugifier that generates unicode slugs" +maintainer="cinerea0 " +license="BSD-3-Clause" +homepage="https://pypi.org/project/unicode-slugify/" +distfiles="${PYPI_SITE}/u/unicode-slugify/unicode-slugify-${version}.tar.gz" +checksum=25f424258317e4cb41093e2953374b3af1f23097297664731cdb3ae46f6bd6c3 +make_check=no # checks were not ported from python2 + +post_install() { + vlicense LICENSE +} From 4cae46f0404d45dba3f0722f46ff75e50f9ab758 Mon Sep 17 00:00:00 2001 From: cinerea0 Date: Sun, 6 Feb 2022 23:41:46 -0500 Subject: [PATCH 4/4] New package: opensnitch-1.5.0. --- srcpkgs/opensnitch/files/opensnitchd/run | 4 ++ srcpkgs/opensnitch/patches/cc-check.patch | 14 +++++ srcpkgs/opensnitch/patches/musl.patch | 65 +++++++++++++++++++++++ srcpkgs/opensnitch/template | 34 ++++++++++++ 4 files changed, 117 insertions(+) create mode 100644 srcpkgs/opensnitch/files/opensnitchd/run create mode 100644 srcpkgs/opensnitch/patches/cc-check.patch create mode 100644 srcpkgs/opensnitch/patches/musl.patch create mode 100644 srcpkgs/opensnitch/template diff --git a/srcpkgs/opensnitch/files/opensnitchd/run b/srcpkgs/opensnitch/files/opensnitchd/run new file mode 100644 index 000000000000..17d202f1da0f --- /dev/null +++ b/srcpkgs/opensnitch/files/opensnitchd/run @@ -0,0 +1,4 @@ +#!/bin/sh + +[ -r ./conf ] && . ./conf +exec opensnitchd ${OPTS:--rules-path /etc/opensnitchd/rules} diff --git a/srcpkgs/opensnitch/patches/cc-check.patch b/srcpkgs/opensnitch/patches/cc-check.patch new file mode 100644 index 000000000000..0c3f52b47ef2 --- /dev/null +++ b/srcpkgs/opensnitch/patches/cc-check.patch @@ -0,0 +1,14 @@ +# Adjustment for our cross-cc wrapper +diff --git a/daemon/netfilter/queue.go b/daemon/netfilter/queue.go +index 3797486baf..4ee09d68b5 100644 +--- a/daemon/netfilter/queue.go ++++ b/daemon/netfilter/queue.go +@@ -3,7 +3,7 @@ package netfilter + /* + #cgo pkg-config: libnetfilter_queue + #cgo CFLAGS: -Wall -I/usr/include +-#cgo LDFLAGS: -L/usr/lib64/ -ldl ++#cgo LDFLAGS: -L/usr/lib64 -ldl + + #include "queue.h" + */ diff --git a/srcpkgs/opensnitch/patches/musl.patch b/srcpkgs/opensnitch/patches/musl.patch new file mode 100644 index 000000000000..039d00db7529 --- /dev/null +++ b/srcpkgs/opensnitch/patches/musl.patch @@ -0,0 +1,65 @@ +diff --git a/daemon/netfilter/queue.h.old b/daemon/netfilter/queue.h +index 64c3ea7..998278a 100644 +--- a/daemon/netfilter/queue.h.old ++++ b/daemon/netfilter/queue.h +@@ -15,16 +15,16 @@ + #include + + typedef struct { +- uint verdict; +- uint mark; +- uint mark_set; +- uint length; ++ unsigned int verdict; ++ unsigned int mark; ++ unsigned int mark_set; ++ unsigned int length; + unsigned char *data; + } verdictContainer; + + static void *get_uid = NULL; + +-extern void go_callback(int id, unsigned char* data, int len, uint mark, u_int32_t idx, verdictContainer *vc, uint32_t uid); ++extern void go_callback(int id, unsigned char* data, int len, unsigned int mark, uint32_t idx, verdictContainer *vc, uint32_t uid); + + static uint8_t stop = 0; + +@@ -80,7 +80,7 @@ static int nf_callback(struct nfq_q_handle *qh, struct nfgenmsg *nfmsg, struct n + return nfq_set_verdict2(qh, id, vc.verdict, vc.mark, vc.length, vc.data); + } + +-static inline struct nfq_q_handle* CreateQueue(struct nfq_handle *h, u_int16_t queue, u_int32_t idx) { ++static inline struct nfq_q_handle* CreateQueue(struct nfq_handle *h, uint16_t queue, uint32_t idx) { + struct nfq_q_handle* qh = nfq_create_queue(h, queue, &nf_callback, (void*)((uintptr_t)idx)); + if (qh == NULL){ + printf("ERROR: nfq_create_queue() queue not created\n"); +diff --git a/daemon/netfilter/queue.go.old b/daemon/netfilter/queue.go +index 902d1dd..016ee92 100644 +--- a/daemon/netfilter/queue.go.old ++++ b/daemon/netfilter/queue.go +@@ -92,7 +92,7 @@ func (q *Queue) create(queueID uint16) (err error) { + return fmt.Errorf("Error binding to AF_INET protocol family: %v", err) + } else if ret, err := C.nfq_bind_pf(q.h, AF_INET6); err != nil || ret < 0 { + return fmt.Errorf("Error binding to AF_INET6 protocol family: %v", err) +- } else if q.qh, err = C.CreateQueue(q.h, C.u_int16_t(queueID), C.u_int32_t(q.idx)); err != nil || q.qh == nil { ++ } else if q.qh, err = C.CreateQueue(q.h, C.uint16_t(queueID), C.uint32_t(q.idx)); err != nil || q.qh == nil { + q.destroy() + return fmt.Errorf("Error binding to queue: %v", err) + } +@@ -107,14 +107,14 @@ func (q *Queue) create(queueID uint16) (err error) { + func (q *Queue) setup() (err error) { + var ret C.int + +- queueSize := C.u_int32_t(NF_DEFAULT_QUEUE_SIZE) ++ queueSize := C.uint32_t(NF_DEFAULT_QUEUE_SIZE) + bufferSize := C.uint(NF_DEFAULT_PACKET_SIZE) + totSize := C.uint(NF_DEFAULT_QUEUE_SIZE * NF_DEFAULT_PACKET_SIZE) + + if ret, err = C.nfq_set_queue_maxlen(q.qh, queueSize); err != nil || ret < 0 { + q.destroy() + return fmt.Errorf("Unable to set max packets in queue: %v", err) +- } else if C.nfq_set_mode(q.qh, C.u_int8_t(2), bufferSize) < 0 { ++ } else if C.nfq_set_mode(q.qh, C.uint8_t(2), bufferSize) < 0 { + q.destroy() + return fmt.Errorf("Unable to set packets copy mode: %v", err) + } else if q.fd, err = C.nfq_fd(q.h); err != nil { diff --git a/srcpkgs/opensnitch/template b/srcpkgs/opensnitch/template new file mode 100644 index 000000000000..70166ca6f65b --- /dev/null +++ b/srcpkgs/opensnitch/template @@ -0,0 +1,34 @@ +# Template file for 'opensnitch' +pkgname=opensnitch +version=1.5.0 +revision=1 +build_style=gnu-makefile +hostmakedepends="git go pkg-config protobuf protobuf-go protoc-gen-go-grpc + qt5-host-tools python3-grpcio-tools python3-pip python3-PyQt5-devel-tools + python3-setuptools" +makedepends="libnetfilter_queue-devel libpcap-devel python3-devel + python3-inotify python3-Unidecode python3-unicode-slugify" +depends="python3-googleapis-common-protos python3-grpcio python3-inotify + python3-PyQt5 python3-PyQt5-sql python3-Unidecode python3-unicode-slugify + qt5-wayland qt5-plugin-sqlite" +conf_files="/etc/opensnitchd/default-config.json + /etc/opensnitchd/system-fw.json" +make_dirs="/etc/opensnitchd/rules/ 0755 root root + /etc/opensnitchd/ 0755 root root" +short_desc="GNU/Linux port of the Little Snitch application firewall" +maintainer="cinerea0 " +license="GPL-3.0-only" +homepage="https://github.com/evilsocket/opensnitch" +distfiles="https://github.com/evilsocket/opensnitch/archive/refs/tags/v${version}.tar.gz" +checksum=9af9a72d18d1af70fe82f5e6f2c37cd6e91652521fdfa7cef964ac7d992f0356 +nopie_files="/usr/bin/opensnitchd" +nocross="Go's 'sys' package uses a -m64 compilation flag which breaks certain ARM builds" + +do_install() { + vbin daemon/opensnitchd + vinstall daemon/default-config.json 0644 etc/opensnitchd + vinstall daemon/system-fw.json 0644 etc/opensnitchd + cd ui + python3 setup.py install --prefix=/usr --root=${DESTDIR} + vsv opensnitchd +}