aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--packages/doorman.xml93
-rw-r--r--packages/doormanusers.xml90
-rw-r--r--pkg_config.xml12
3 files changed, 195 insertions, 0 deletions
diff --git a/packages/doorman.xml b/packages/doorman.xml
new file mode 100644
index 00000000..a88dca5d
--- /dev/null
+++ b/packages/doorman.xml
@@ -0,0 +1,93 @@
+<packagegui>
+ <name>doorman</name>
+ <title>Doorman: Settings</title>
+ <aftersaveredirect>pkg_edit.php?xml=freeradiussettings.xml&amp;id=0</aftersaveredirect>
+ <menu>
+ <name>Doorman</name>
+ <tooltiptext>Modify doormand settings and users.</tooltiptext>
+ <section>Services</section>
+ <configfile>doorman.xml</configfile>
+ </menu>
+ <tabs>
+ <tab>
+ <text>Settings</text>
+ <url>/pkg_edit.php?xml=doorman.xml&amp;id=0</url>
+ <active/>
+ </tab>
+ <tab>
+ <text>Users</text>
+ <url>/pkg.php?xml=doormanusers.xml</url>
+ </tab>
+ </tabs>
+ <additional_files_needed>
+ <item>http://www.pfsense.com/packages/config/doormanusers.xml</item>
+ </additional_files_needed>
+ <configpath>installedpackages->package->$packagename->configuration->settings</configpath>
+ <fields>
+ <field>
+ <fielddescr>Initial connection timeout</fielddescr>
+ <fieldname>initdelay</fieldname>
+ <description>Enter the desired number of *microseconds* to wait for a complete 3-way handshake between the client and requested service. (default one half second)</description>
+ <type>input</type>
+ <value>500000</value>
+ </field>
+ <field>
+ <fielddescr>Connection check interval</fielddescr>
+ <fieldname>checkdelay</fieldname>
+ <description>Enter the desired number of *seconds* between checking for broken connections. (default 5 seconds)</description>
+ <type>input</type>
+ <value>5</value>
+ </field>
+ <field>
+ <fielddescr>Connection initiation timeout</fielddescr>
+ <fieldname>inittimeout</fieldname>
+ <description>Enter the desired number of *seconds* to wait for a connection to be established after a successful knock.i (default 10 seconds)</description>
+ <type>input</type>
+ <value>10</value>
+ <field>
+ <fielddescr>Listening interface(s)</fielddescr>
+ <fieldname>interface</fieldname>
+ <description>Select the interfaces that doormand should listen on. (default WAN)</description>
+ <value>wan</value>
+ <type>interfaces_selection</type>
+ </field>
+ <field>
+ <fielddescr>Listening port</fielddescr>
+ <fieldname>port</fieldname>
+ <description>Enter the port that doormand should listen on. (default 1001)</description>
+ <value>1001</value>
+ <type>input</type>
+ </field>
+ </fields>
+ <custom_php_install_command>
+ global $config;
+ $fout = fopen("/usr/local/etc/rc.d/doormand.sh","w");
+ fwrite($fout, $!/bin/sh\n\n/usr/local/sbin/doormand\n");
+ fclose($fout);
+ </custom_php_install_command>
+ <custom_php_command_before_form>
+ function sync_package_doorman() {
+ if ($_POST == "") $_POST = $config['installedpackages']['doorman']['config'];
+ conf_mount_rw();
+ config_lock();
+ global $config;
+ $fout = fopen("/usr/local/etc/doormand/doormand.cf","w");
+ fwrite($fout, "# This file was automatically generated by the pfSense\n# package management system.\n\n");
+ $int = convert_friendly_interface_to_real_interface_name($_POST['interface']);
+ fwrite($fout, "interface " . $int . "\n");
+ if($_POST['port'] != "") fwrite($fout, "port " . $_POST['port'] . "\n");
+ if($_POST['inittimeout'] != "") fwrite($fout, "waitfor " . $_POST['inittimeout'] . "\n");
+ if($_POST['initdelay'] != "") fwrite($fout, "connection_delay_1 " . $_POST['initdelay'] . "\n");
+ if($_POST['checkdelay'] != "") fwrite($fout, "connection_delay_2 " . $_POST['checkdelay'] . "\n");
+ fwrite($fout, "pidfile /var/run/doormand.pid\nlogfile /var/log/messages\nloglevel NOTICE\nguestlist /usr/local/etc/doormand/guestlist\nfirewall-add /usr/local/etc/doormand/pfctl_add\nfirewall-del /usr/local/etc/doormand/pfctl_del\ntag-queue /var/doorman_tag_queue\ntag-db /var/doorman_tag_db.db\n");
+ fclose($fout);
+ mwexec("killall -HUP doormand");
+ conf_mount_ro();
+ config_unlock();
+ }
+ </custom_php_command_before_form>
+ <custom_add_php_command>
+ sync_package_doorman();
+ </custom_add_php_command>
+</packagegui>
+
diff --git a/packages/doormanusers.xml b/packages/doormanusers.xml
new file mode 100644
index 00000000..a195f2ad
--- /dev/null
+++ b/packages/doormanusers.xml
@@ -0,0 +1,90 @@
+<packagegui>
+ <name>doormanusers</name>
+ <title>Doorman: Users</title>
+ <aftersaveredirect>pkg_edit.php?xml=freeradiussettings.xml&amp;id=0</aftersaveredirect>
+ <menu>
+ <name>Doorman</name>
+ <tooltiptext>Modify doormand settings and users.</tooltiptext>
+ <section>Services</section>
+ <configfile>doorman.xml</configfile>
+ </menu>
+ <tabs>
+ <tab>
+ <text>Settings</text>
+ <url>/pkg_edit.php?xml=doorman.xml&amp;id=0</url>
+ </tab>
+ <tab>
+ <text>Users</text>
+ <url>/pkg.php?xml=doormanusers.xml</url>
+ <active/>
+ </tab>
+ </tabs>
+ <configpath>installedpackages->package->$packagename->configuration->settings</configpath>
+ <adddeleteeditpagefields>
+ <columnitem>
+ <fielddescr>Username</fielddescr>
+ <fieldname>username</fieldname>
+ </columnitem>
+ <columnitem>
+ <fielddescr>Ports</fielddescr>
+ <fieldname>ports</fielddescr>
+ </columnitem>
+ <columnitem>
+ <fielddescr>Addresses</fielddescr>
+ <fieldname>addresses</fielddescr>
+ </columnitem>
+ <columnitem>
+ <fielddescr>Description</fielddescr>
+ <fieldname>description</fieldname>
+ </columnitem>
+ </adddeleteeditpagefields>
+ <fields>
+ <field>
+ <fielddescr>Username</fielddescr>
+ <fieldname>username</fieldname>
+ <description>Enter the username here. This may be up to 32 characters in length.</description>
+ <type>input</type>
+ </field>
+ <field>
+ <fielddescr>Password</fielddescr>
+ <fieldname>password</fieldname>
+ <description>Enter the password here. This may be up to 64 characters in length.</description>
+ <type>password</type>
+ </field>
+ <field>
+ <fielddescr>Allowed ports</fielddescr>
+ <fieldname>ports</fieldname>
+ <description>Enter a whitespace-delimited list of the ports or service names *to* which this user may connect.</description>
+ <type>input</type>
+ </field>
+ <field>
+ <fielddescr>Allowed addresses</fielddescr>
+ <fieldname>addresses</fieldname>
+ <description>Enter a whitespace-delimited list of the IP addresses or hostnames *from* which this user may connect. Addresses may be unique or expressed as ranges using CIDR notation.</description>
+ <type>input</type>
+ </field>
+ </fields>
+ <custom_php_command_before_form>
+ function sync_package_doorman_users() {
+ if ($_POST == "") $_POST = $config['installedpackages']['doormanusers']['config'];
+ conf_mount_rw();
+ config_lock();
+ global $config;
+ $fout = fopen("/usr/local/etc/doormand/guestlist","w");
+ fwrite($fout, "# This file was automatically generated by the pfSense\n# package management system.\n\n");
+ if($config['installedpackages']['doormanusers']['config'] != "") {
+ foreach($config['installedpackages']['doormanusers']['config'] as $rowhelper) {
+ fwrite($fout, $rowhelper['username'] . "\t" . $rowhelper['password'] . "\n\t" . $rowhelper['ports'] . "\n\t" . $rowhelper['addresses'] . "\n\n");
+ }
+ }
+ fclose($fout);
+ mwexec("killall -HUP doormand");
+ conf_mount_ro();
+ config_unlock();
+ }
+ </custom_php_command_before_form>
+ <custom_add_php_command>
+ sync_package_doorman_users();
+ </custom_add_php_command>
+</packagegui>
+
diff --git a/pkg_config.xml b/pkg_config.xml
index 75a88c1d..39634884 100644
--- a/pkg_config.xml
+++ b/pkg_config.xml
@@ -213,6 +213,18 @@
<status>ALPHA</status>
<configurationfile>netio.xml</configurationfile>
</package>
+ <package>
+ <name>doorman</name>
+ <website>http://doorman.sourceforge.net</website>
+ <descr>Doorman is a port knocking implementation which allows a server to run silently, invisibly, with all TCP ports closed except to those who know the secret knock.</descr>
+ <category>Services</category>
+ <config_file>http://www.pfsense.com/packages/config/doorman.xml</config_file>
+ <depends_on_package_base_url>http://ftp2.freebsd.org/pub/FreeBSD/ports/i386/packages-5-stable/All</depends_on_package_base_url>
+ <depends_on_package>doorman-0.8.tbz</depends_on_package>
+ <version>0.8</version>
+ <status>ALPHA</status>
+ <configurationfile>doorman.xml</configurationfile>
+ </package>
</packages>
<package>
<name>hula</name>