summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorKarel Kočí <karel.koci@nic.cz>2020-08-04 10:19:23 +0200
committerKarel Kočí <karel.koci@nic.cz>2020-08-04 10:19:23 +0200
commitb2f7f1e3f09d532f55fc3e215a81cdd007b634dd (patch)
tree8847a94b6bbcd21bc96a35a905553e28f7fda96a
parent08cf0c0d8eb36dbee9c86717305dea1094394bdd (diff)
downloadopenwrt-personal-pkgs-b2f7f1e3f09d532f55fc3e215a81cdd007b634dd.tar.gz
openwrt-personal-pkgs-b2f7f1e3f09d532f55fc3e215a81cdd007b634dd.tar.bz2
openwrt-personal-pkgs-b2f7f1e3f09d532f55fc3e215a81cdd007b634dd.zip
sentinel-minipot: remove as no longer needed at the moment
-rw-r--r--sentinel-minipot/Makefile66
-rw-r--r--sentinel-minipot/files/defaults.sh4
-rwxr-xr-xsentinel-minipot/files/init33
-rw-r--r--sentinel-minipot/files/restart-minipot-hook.sh5
-rw-r--r--sentinel-minipot/files/sentinel-firewall.sh53
-rw-r--r--sentinel-minipot/files/uci-defaults25
6 files changed, 0 insertions, 186 deletions
diff --git a/sentinel-minipot/Makefile b/sentinel-minipot/Makefile
deleted file mode 100644
index 5ba9642..0000000
--- a/sentinel-minipot/Makefile
+++ /dev/null
@@ -1,66 +0,0 @@
-#
-## Copyright (C) 2018-2020 CZ.NIC z.s.p.o. (https://www.nic.cz/)
-#
-## This is free software, licensed under the GNU General Public License v3.
-# See /LICENSE for more information.
-# #
-#
-include $(TOPDIR)/rules.mk
-
-PKG_NAME:=sentinel-minipot
-#PKG_VERSION:=2.0.0
-PKG_RELEASE:=1
-PKG_SOURCE_URL:=https://gitlab.nic.cz/turris/sentinel/minipot.git
-#PKG_SOURCE_VERSION:=v$(PKG_VERSION)
-PKG_SOURCE_BRANCH:=telnet-debug
-
-PKG_MAINTAINER:=CZ.NIC <packaging@turris.cz>
-PKG_LICENSE:=GPL-3.0-or-later
-PKG_LICENSE_FILES:=LICENSE
-
-PKG_BUILD_DEPENDS:=argp-standalone
-
-PKG_FIXUP:=autoreconf
-
-include $(INCLUDE_DIR)/autopkg-branch.mk
-include $(INCLUDE_DIR)/package.mk
-
-define Package/sentinel-minipot
- SECTION:=net
- CATEGORY:=Network
- SUBMENU:=Sentinel
- TITLE:=Minipots
- URL:=https://gitlab.nic.cz/turris/sentinel/minipot
- DEPENDS:=\
- +czmq \
- +libevent2 \
- +msgpack-c \
- +base64c \
- +sentinel-firewall \
- +sentinel-proxy
-endef
-
-define Package/sentinel-minipot/description
- Sentinel minipots. These are minimal honeypots.
- Implements protocols: FTP, HTTP, SMTP submission and Telnet
-endef
-
-define Package/sentinel-minipot/install
- $(INSTALL_DIR) $(1)/usr/bin
- $(INSTALL_BIN) $(PKG_BUILD_DIR)/sentinel-minipot $(1)/usr/bin/sentinel-minipot
-
- $(INSTALL_DIR) $(1)/etc/init.d
- $(INSTALL_BIN) ./files/init $(1)/etc/init.d/sentinel-minipot
-
- $(INSTALL_DIR) $(1)/etc/uci-defaults
- $(INSTALL_BIN) ./files/uci-defaults $(1)/etc/uci-defaults/99-sentinel-minipot-telnet
-
- $(INSTALL_DIR) $(1)/usr/libexec/sentinel/firewall.d
- $(INSTALL_BIN) ./files/sentinel-firewall.sh $(1)/usr/libexec/sentinel/firewall.d/70-minipot.sh
- $(INSTALL_DATA) ./files/defaults.sh $(1)/usr/libexec/sentinel/minipot-defaults.sh
-
- $(INSTALL_DIR) $(1)/usr/libexec/sentinel/reload_hooks.d
- $(INSTALL_BIN) ./files/restart-minipot-hook.sh $(1)/usr/libexec/sentinel/reload_hooks.d/60_minipot.sh
-endef
-
-$(eval $(call BuildPackage,sentinel-minipot))
diff --git a/sentinel-minipot/files/defaults.sh b/sentinel-minipot/files/defaults.sh
deleted file mode 100644
index 2e38095..0000000
--- a/sentinel-minipot/files/defaults.sh
+++ /dev/null
@@ -1,4 +0,0 @@
-DEFAULT_FTP_PORT="2133"
-DEFAULT_HTTP_PORT="8033"
-DEFAULT_SMTP_PORT="5873"
-DEFAULT_TELNET_PORT="2333"
diff --git a/sentinel-minipot/files/init b/sentinel-minipot/files/init
deleted file mode 100755
index c243697..0000000
--- a/sentinel-minipot/files/init
+++ /dev/null
@@ -1,33 +0,0 @@
-#!/bin/sh /etc/rc.common
-
-USE_PROCD=1
-START=99
-STOP=10
-
-
-start_service() {
- source /lib/functions/sentinel.sh
- source /usr/libexec/sentinel/minipot-defaults.sh
- allowed_to_run "minipot" || return 1
-
- config_load sentinel
- local ftp_port http_port smtp_port telnet_port
- config_get ftp_port minipot ftp_port "$DEFAULT_FTP_PORT"
- config_get http_port minipot http_port "$DEFAULT_HTTP_PORT"
- config_get smtp_port minipot smtp_port "$DEFAULT_SMTP_PORT"
- config_get telnet_port minipot telnet_port "$DEFAULT_TELNET_PORT"
-
- procd_open_instance
- procd_set_param command /usr/bin/sentinel-minipot
- [ "$ftp_port" = "0" ] || procd_append_param command --ftp="$ftp_port"
- [ "$http_port" = "0" ] || procd_append_param command --http="$http_port"
- [ "$smtp_port" = "0" ] || procd_append_param command --smtp="$smtp_port"
- [ "$telnet_port" = "0" ] || procd_append_param command --telnet="$telnet_port"
- procd_set_param respawn 3600 5 5
- # TODO uncomment or replace logging once debug logs are no longer printed
- # Otherwise this just spams log a lot.
- #procd_set_param stdout 1
- #procd_set_param stderr 1
- procd_set_param file /etc/config/sentinel
- procd_close_instance
-}
diff --git a/sentinel-minipot/files/restart-minipot-hook.sh b/sentinel-minipot/files/restart-minipot-hook.sh
deleted file mode 100644
index f316413..0000000
--- a/sentinel-minipot/files/restart-minipot-hook.sh
+++ /dev/null
@@ -1,5 +0,0 @@
-#!/bin/sh
-# restart Sentinel:Minipot service
-/etc/init.d/sentinel-minipot restart
-# Reload firewall to apply redirect
-/etc/init.d/firewall reload
diff --git a/sentinel-minipot/files/sentinel-firewall.sh b/sentinel-minipot/files/sentinel-firewall.sh
deleted file mode 100644
index f01ee86..0000000
--- a/sentinel-minipot/files/sentinel-firewall.sh
+++ /dev/null
@@ -1,53 +0,0 @@
-#!/bin/sh
-set -e
-SF_DIR="${0%/*}"
-. "$SF_DIR/common.sh"
-. /lib/functions.sh
-. /lib/functions/sentinel.sh
-. /usr/libexec/sentinel/minipot-defaults.sh
-
-allowed_to_run "minipot" 2>/dev/null || return 0
-
-
-config_load "sentinel"
-config_get ftp_port "minipot" "ftp_port" "$DEFAULT_FTP_PORT"
-config_get http_port "minipot" "http_port" "$DEFAULT_HTTP_PORT"
-config_get smtp_port "minipot" "smtp_port" "$DEFAULT_SMTP_PORT"
-config_get telnet_port "minipot" "telnet_port" "$DEFAULT_TELNET_PORT"
-
-
-port_redirect_zone() {
- local config_section="$1"
- local zone enabled
- config_get zone "$config_section" "name"
- config_get_bool enabled "$config_section" "sentinel_minipot" "0"
- [ "$enabled" = "1" ] || return 0
-
- [ "$ftp_port" = "0" ] || \
- iptables_redirect "$zone" 21 "$ftp_port" "Minipot FTP"
- [ "$http_port" = "0" ] || \
- iptables_redirect "$zone" 80 "$http_port" "Minipot HTTP"
- [ "$smtp_port" = "0" ] || {
- iptables_redirect "$zone" 25 "$smtp_port" "Minipot SMTP"
- iptables_redirect "$zone" 587 "$smtp_port" "Minipot SMTP submission"
- }
- [ "$telnet_port" = "0" ] || \
- iptables_redirect "$zone" 23 "$telnet_port" "Minipot Telnet"
-}
-
-config_load "firewall"
-config_foreach port_redirect_zone "zone"
-
-
-if source_if_exists "$SF_DIR/dynfw-utils.sh"; then
- [ "$ftp_port" = "0" ] || \
- bypass_dynamic_firewall "tcp" "21" "Minipot FTP"
- [ "$http_port" = "0" ] || \
- bypass_dynamic_firewall "tcp" "80" "Minipot HTTP"
- [ "$smtp_port" = "0" ] || {
- bypass_dynamic_firewall "tcp" "25" "Minipot SMTP"
- bypass_dynamic_firewall "tcp" "587" "Minipot SMTP submission"
- }
- [ "$telnet_port" = "0" ] || \
- bypass_dynamic_firewall "tcp" "23" "Minipot Telnet"
-fi
diff --git a/sentinel-minipot/files/uci-defaults b/sentinel-minipot/files/uci-defaults
deleted file mode 100644
index f90516c..0000000
--- a/sentinel-minipot/files/uci-defaults
+++ /dev/null
@@ -1,25 +0,0 @@
-#!/bin/sh
-set -e
-. /lib/functions/sentinel-firewall.sh
-
-# Minipot entry in sentinel config
-if [ "$(uci -q get sentinel.minipot)" != "minipot" ]; then
- uci -q batch <<EOT
- delete sentinel.minipot
- set sentinel.minipot='minipot'
- commit sentinel.minipot
-EOT
-fi
-
-# Remove old firewall rules
-[ -z "$(uci -q get firewall.sentinel_minipot_telnet_mark)" ] || \
- uci -q delete firewall.sentinel_minipot_telnet_mark
-[ -z "$(uci -q get firewall.sentinel_minipot_telnet)" ] || \
- uci -q delete firewall.sentinel_minipot_telnet
-
-
-# Enable for wan interface in default
-config_firewall_default_enable "sentinel_minipot"
-
-# Always reload firewall to use latest version of sentinel-firewall script
-/etc/init.d/firewall reload