From f783ca4d6b1f545cff1a27ee952026844ccbd36c Mon Sep 17 00:00:00 2001 From: Pavel Alexeev Date: Aug 27 2009 20:14:26 +0000 Subject: Initial import 3proxy into Fedora --- diff --git a/.cvsignore b/.cvsignore index e69de29..e7857b0 100644 --- a/.cvsignore +++ b/.cvsignore @@ -0,0 +1 @@ +3proxy-0.6.tgz diff --git a/3proxy.cfg b/3proxy.cfg new file mode 100644 index 0000000..8212546 --- /dev/null +++ b/3proxy.cfg @@ -0,0 +1,178 @@ +# Yes, 3proxy.cfg can be executable, in this case you should place +# something like +#config /usr/local/3proxy/3proxy.cfg +# to show which configuration 3proxy should re-read on realod. + +#system "echo Hello world!" +# you may use system to execute some external command if proxy starts + +# We can configure nservers to avoid unsafe gethostbyname() usage +#nserver 10.1.2.1 +#nserver 10.2.2.2 +# nscache is good to save speed, traffic and bandwidth +nscache 65536 + +#nsrecord porno.security.nnov.ru 0.0.0.0 +# nobody will be able to access porno.security.nnov.ru by the name. +#nsrecord wpad.security.nnov.ru www.security.nnov.ru +# wpad.security.nnov.ru will resolve to www.security.nnov.ru for +# clients + + +timeouts 1 5 30 60 180 1800 15 60 +# Here we can change timeout values + +users 3APA3A:CL:3apa3a "test:CR:$1$qwer$CHFTUFGqkjue9HyhcMHEe1" +# note that "" required, overvise $... is treated as include file name. +# $1$qwer$CHFTUFGqkjue9HyhcMHEe1 is 'test' in MD5 crypt format. +#users $/usr/local/etc/3proxy/passwd +# this example shows you how to include passwd file. For included files +# and are treated as field separators. + +daemon +# now we will not depend on any console (daemonize). daemon must be given +# before any significant command on *nix. + +#service +# service is required under NT if you want 3proxy to start as service + +#log /usr/local/etc/3proxy/logs/3proxy.log D +log /var/log/3proxy/3proxy.log +# log allows to specify log file location and rotation, D means logfile +# is created daily + +# in log file we want to have underscores instead of spaces +logformat "- +_L%t.%. %N.%p %E %U %C:%c %R:%r %O %I %h %T" +#logformat "L%d-%m-%Y %H:%M:%S %z %N.%p %E %U %C:%c %R:%r %O %I %h %T" +#logformat "Linsert into log (l_date, l_user, l_service, l_in, l_out, l_descr) values ('%d-%m-%Y %H:%M:%S', '%U', '%N', %I, %O, '%T')" + +archiver gz /bin/gzip %F +#archiver zip zip -m -qq %A %F +#archiver zip pkzipc -add -silent -move %A %F +#archiver rar rar a -df -inul %A %F +# if archiver specified log file will be compressed after closing. +# you should specify extension, path to archiver and command line, %A will be +# substituted with archive file name, %f - with original file name. +# Original file will not be removed, so archiver should care about it. + +rotate 30 +# We will keep last 30 log files + +auth iponly +#auth nbname +#auth strong +# auth specifies type of user authentication. If you specify none proxy +# will not do anything to check name of the user. If you specify +# nbname proxy will send NetBIOS name request packet to UDP/137 of +# client and parse request for NetBIOS name of messanger service. +# Strong means that proxy will check password. For strong authentication +# unknown user will not be allowed to use proxy regardless of ACL. +# If you do not want username to be checked but wanna ACL to work you should +# specify auth iponly. + + +#allow ADMINISTRATOR,root +#allow * 127.0.0.1,192.168.1.1 * * +#redirect 192.168.1.2 80 * * * 80 +#allow * 192.168.1.0/24 * 25,53,110,20-21,1024-65535 +# we will allow everything if username matches ADMINISTRATOR or root or +# client ip is 127.0.0.1 or 192.168.1.1. Overwise we will redirect any request +# to port 80 to our Web-server 192.168.0.2. +# We will allow any outgoing connections from network 192.168.1.0/24 to +# SMTP, POP3, FTP, DNS and unprivileged ports. +# Note, that redirect may also be used with proxy or portmapper. It will +# allow you to redirect requests to different ports or different server +# for different clients. + +# sharing access to internet + +#external 10.1.1.1 +external 0.0.0.0 +# external is address 3proxy uses for outgoing connections. 0.0.0.0 means any +# interface. Using 0.0.0.0 is not good because it allows to connect to 127.0.0.1 + +#internal 192.168.1.1 +internal 127.0.0.1 +# internal is address of interface proxy will listen for incoming requests +# 127.0.0.1 means only localhost will be able to use this proxy. This is +# address you should specify for clients as proxy IP. +# You MAY use 0.0.0.0 but you shouldn't, because it's a chance for you to +# have open proxy in your network in this case. + +auth none +# no authentication is requires + +dnspr + +# dnsproxy listens on UDP/53 to answer client's DNS requests. It requires +# nserver/nscache configuration. + + +#external $./external.ip +#internal $./internal.ip +# this is just an alternative form fo giving external and internal address +# allows you to read this addresses from files + +auth strong +# We want to protect internal interface +deny * * 127.0.0.1,192.168.1.1 +# and llow HTTP and HTTPS traffic. +allow * * * 80-88,8080-8088 HTTP +allow * * * 443,8443 HTTPS +proxy -n + +auth none +# pop3p will be used without any authentication. It's bad choice +# because it's possible to use pop3p to access any port +pop3p + +tcppm 25 mail.my.provider 25 +#udppm -s 53 ns.my.provider 53 +# we can portmap port TCP/25 to provider's SMTP server and UDP/53 +# to provider's DNS. +# Now we can use our proxy as SMTP and DNS server. +# -s switch for UDP means "single packet" service - instead of setting +# association for period of time association will only be set for 1 packet. +# It's very userfull for services like DNS but not for some massive services +# like multimedia streams or online games. + +auth strong +flush +allow 3APA3A,test +maxconn 20 +socks +# for socks we will use password authentication and different access control - +# we flush previously configured ACL list and create new one to allow users +# test and 3APA3A to connect from any location + + +auth strong +flush +internal 127.0.0.1 +allow 3APA3A 127.0.0.1 +maxconn 3 +admin +#only allow acces to admin interface for user 3APA3A from 127.0.0.1 address +#via 127.0.0.1 address. + +# map external 80 and 443 ports to internal Web server +# examples below show how to use 3proxy to publish Web server in internal +# network to Internet. We must switch internal and external addresses and +# flush any ACLs + +#auth none +#flush +#external $./internal.ip +#internal $./external.ip +#maxconn 300 +#tcppm 80 websrv 80 +#tcppm 443 websrv 443 + + +#chroot /usr/local/jail +#setgid 65535 +#setuid 65535 +# now we needn't any root rights. We can chroot and setgid/setuid. + + +###$Id: 3proxy.cfg,v 1.1 2009/08/27 20:14:25 hubbitus Exp $####### diff --git a/3proxy.init b/3proxy.init new file mode 100644 index 0000000..47948da --- /dev/null +++ b/3proxy.init @@ -0,0 +1,87 @@ +#!/bin/sh +# +# Init file for Software Watchdog daemon. +# +# Written by Dag Wieers . +# Rewrote for ALT Linux by Pavlov Konstantin +# Modifyed for Fedora by Pavel Alexeev aka Pahan-Hubbitus +# +# chkconfig: - 02 98 +# description: 3proxy Proxy Server +# +# processname: 3proxy +# config: /etc/3proxy.cfg +# pidfile: /var/run/3proxy.pid + +WITHOUT_RC_COMPAT=1 + +. /etc/init.d/functions + +### Default variables +prog=3proxy +CONFIG=/etc/3proxy.cfg +PROXY=/usr/bin/3proxy +RETVAL=0 +PIDFILE=/var/run/3proxy.pid +LOCKFILE=/var/lock/subsys/3proxy +#LOGFILE=/var/log/3proxy.log + +start() { + echo -n $"Starting $prog: " + # daemon --pidfile "${PIDFILE}" sh -c "exec \"$PROXY\" \"$CONFIG\" 2>&1 > \"$LOGFILE\" &" + daemon --pidfile "${PIDFILE}" "$PROXY" "$CONFIG" + RETVAL=$? + echo + [ $RETVAL = 0 ] && touch ${LOCKFILE} + return $RETVAL +} + +stop() { + echo -n $"Stopping $prog: " + killproc -p "${PIDFILE}" -d 1 "$PROXY" + RETVAL=$? + echo + [ $RETVAL = 0 ] && rm -f ${LOCKFILE} ${PIDFILE} + return $RETVAL +} + +restart() { + stop + start +} + +reload(){ + echo -n $"Reloading $prog: " + killproc -p ${pidfile} $httpd -USR1 + RETVAL=$? + echo +} + +case "$1" in + start) + start + ;; + stop) + stop + ;; + restart) + restart + ;; + reload) + reload + ;; + condrestart) + [ -e $LOCKFILE ] && restart + RETVAL=$? + ;; + status) + status -p "$PIDFILE" "$PROXY" + RETVAL=$? + ;; + *) + echo $"Usage: $0 {start|stop|restart|condrestart|status}" + RETVAL=1 + ;; +esac + +exit $RETVAL diff --git a/3proxy.spec b/3proxy.spec new file mode 100644 index 0000000..a902b18 --- /dev/null +++ b/3proxy.spec @@ -0,0 +1,142 @@ +Name: 3proxy +Version: 0.6 +Release: 3%{?dist} + +Summary: Tiny but very powerful proxy +Summary(ru): Маленький, но крайне мощный прокси-сервер + +License: BSD or ASL 2.0 or GPLv2+ or LGPLv2+ +Group: System Environment/Daemons +Url: http://3proxy.ru/?l=EN + +Source0: http://3proxy.ru/%{version}/%{name}-%{version}.tgz +Source1: 3proxy.init +Source2: 3proxy.cfg +# EPEL still require it +BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) +BuildRequires: dos2unix + +%description +3proxy -- light proxy server. +Universal proxy server with HTTP, HTTPS, SOCKS v4, SOCKS v4a, SOCKS v5, FTP, +POP3, UDP and TCP portmapping, access control, bandwith control, traffic +limitation and accounting based on username, client IP, target IP, day time, +day of week, etc. + +%description -l ru +3proxy -- маленький прокси сервер. +Это универсальное решение поддерживающее HTTP, HTTPS, SOCKS v4, SOCKS v4a, +SOCKS v5, FTP, POP3, UDP и TCP проброс портов (portmapping), списки доступа +управление скоростью доступа, ограничением трафика и статистикоу, базирующейся +на имени пользователя, слиентском IP адресе, IP цели, времени дня, дня недели +и т.д. + +%prep +%setup -q + +# To use "fedora" CFLAGS (exported) +sed -i -e "s/CFLAGS =/CFLAGS +=/" Makefile.Linux + +dos2unix Changelog + +%build +%{__make} -f Makefile.Linux + +%install +rm -rf %{buildroot} + +mkdir -p %{buildroot}%{_sysconfdir} +mkdir -p %{buildroot}%{_sysconfdir} +mkdir -p %{buildroot}%{_man3dir} +mkdir -p %{buildroot}%{_man8dir} +mkdir -p %{buildroot}%{_localstatedir}/log/%{name} +install -m755 -D src/3proxy %{buildroot}%{_bindir}/3proxy +install -m755 -D src/dighosts %{buildroot}%{_bindir}/dighosts +install -m755 -D src/ftppr %{buildroot}%{_bindir}/ftppr +install -m755 -D src/mycrypt %{buildroot}%{_bindir}/mycrypt +install -m755 -D src/pop3p %{buildroot}%{_bindir}/pop3p +install -m755 -D src/3proxy %{buildroot}%{_bindir}/3proxy +install -m755 -D src/proxy %{buildroot}%{_bindir}/htproxy +install -m755 -D src/socks %{buildroot}%{_bindir}/socks +install -m755 -D src/tcppm %{buildroot}%{_bindir}/tcppm +install -m755 -D src/udppm %{buildroot}%{_bindir}/udppm + +install -pD -m755 %{SOURCE1} %{buildroot}/%{_initrddir}/%{name} +install -pD -m644 %{SOURCE2} %{buildroot}/%{_sysconfdir}/%{name}.cfg + +%clean +rm -rf %{buildroot} + +%post +# Register service +/sbin/chkconfig --add %{name} + +%preun +if [ $1 = 0 ]; then + /sbin/service %{name} stop > /dev/null 2>&1 + /sbin/chkconfig --del %{name} +fi + +%files +%defattr(-,root,root,-) +%{_bindir}/* +%config(noreplace) %{_sysconfdir}/%{name}.cfg +%{_initrddir}/%{name} +%{_localstatedir}/log/%{name} +%doc Readme Changelog authors copying news + +%changelog +* Thu Aug 20 2009 Pavel Alexeev - 0.6-3 +- Fedora Review started - thank you Peter Lemenkov. +- Change rights (0755->0644) of config. +- Disable service by default. +- Add BR dos2unix. + +* Mon Aug 17 2009 Pavel Alexeev - 0.6-2 +- /usr/bin/proxy renamed to htproxy to avoid name bump with libproxy-bin. +- Add Source2: 3proxy.cfg from Alt Linux (slightly modified) - http://sisyphus.ru/ru/srpm/Sisyphus/3proxy/sources/1 (thanks to Afanasov Dmitry). +- Add log-dir %%{_localstatedir}/log/%%{name} + +* Mon Aug 17 2009 Pavel Alexeev - 0.6-1 +- Ressurect old spec. New version 0.6. +- Rename spec to classic %%{name}.spec. +- Remove Hu part from release and add %%{?dist}. +- Change summary, description, URL. Add Russian localisation of sumamry and description. +- Strip some old comments. +- Add to %%doc Readme Changelog authors copying news. +- Turn macros usage from %%name to %%{name} for consistence. +- Change group from System/Servers to standard System Environment/Daemons. +- Add %%defattr(-,root,root,-) in %%files section. +- Add cleanup in %%install section. +- Add %%clean section with cleanup buildroot. +- License changed from just GPL to "BSD or ASL 2.0 or GPLv2+ or LGPLv2+" (according to Makefile.Linux) +- Add %%config(noreplace) mark to all configs. +- Add file %%{_initdir}/%%{name} +- Old %%{_initdir} macros replaced by %%{_initrddir} +- Hack makefile to use system CFLAGS. +- Add %%post/%%postun sections. + +* Fri Jan 25 2008 Pavel Alexeev - 0.5.3k +- Import from ftp://ftp.nluug.nl/pub/os/Linux/distr/altlinux/4.0/Server/4.0.1/files/SRPMS/3proxy-0.5.3h-alt1.src.rpm + Combine with ftp://ftp.pbone.net/mirror/ftp.sourceforge.net/pub/sourceforge/t/th/three-proxy/3proxy-0.5.3g-1.src.rpm +- Steep to version 0.5.3k +- Comment out packager +- Reformat header of spec with tabs +- Add desc from second src.rpm of import +- Correct source0 +- Add -c key fo %%setup macro +- Add BuildRoot definition (this is not ALT) +- Change + Release: alt1 + to + Release: 0.Hu.0 + +* Fri Apr 13 2007 Lunar Child 0.5.3h-alt1 +- new version + +* Wed Mar 21 2007 Lunar Child 0.5.3g-alt2 +- Added init script. +- Added new trivial config file. + +* Tue Mar 20 2007 Lunar Child 0.5.3g-alt1 +- First build for ALT Linux Sisyphus diff --git a/import.log b/import.log new file mode 100644 index 0000000..6fff697 --- /dev/null +++ b/import.log @@ -0,0 +1 @@ +proxy-0_6-3_fc11:HEAD:3proxy-0.6-3.fc11.src.rpm:1251404030 diff --git a/sources b/sources index e69de29..dd62cf4 100644 --- a/sources +++ b/sources @@ -0,0 +1 @@ +2ebd9c06939021f6c2aca31d67782f71 3proxy-0.6.tgz