summaryrefslogtreecommitdiff
path: root/packages/openwrt
diff options
context:
space:
mode:
Diffstat (limited to 'packages/openwrt')
-rw-r--r--packages/openwrt/README.md14
-rw-r--r--packages/openwrt/net/nDPId-testing/001-enable-in-source-build.patch31
-rw-r--r--packages/openwrt/net/nDPId-testing/Makefile168
-rw-r--r--packages/openwrt/net/nDPId-testing/nDPId-testing.config58
-rw-r--r--packages/openwrt/net/nDPId-testing/nDPId-testing.init286
5 files changed, 557 insertions, 0 deletions
diff --git a/packages/openwrt/README.md b/packages/openwrt/README.md
new file mode 100644
index 000000000..487dcabf7
--- /dev/null
+++ b/packages/openwrt/README.md
@@ -0,0 +1,14 @@
+Notice
+======
+
+You should only use this as a feed if you are aware that you will get an unstable `nDPId` version.
+To get a more stable `nDPId` experience, use the https://github.com/utoni/my-openwrt-packages feed.
+
+HowTo use this
+==============
+
+Simply add `src-link ndpid_testing [path-to-this-dir]` to your OpenWrt repository feeds (`feeds.conf`).
+
+Run `./scripts/feeds update -a && ./scripts/feeds install -a` from the OpenWrt repository directory.
+
+There should be a new package named `nDPId-testing` available.
diff --git a/packages/openwrt/net/nDPId-testing/001-enable-in-source-build.patch b/packages/openwrt/net/nDPId-testing/001-enable-in-source-build.patch
new file mode 100644
index 000000000..5a9f81683
--- /dev/null
+++ b/packages/openwrt/net/nDPId-testing/001-enable-in-source-build.patch
@@ -0,0 +1,31 @@
+From a9e21c707e5edaf1db14b3dd78d5cc397ebc624c Mon Sep 17 00:00:00 2001
+From: Toni Uhlig <matzeton@googlemail.com>
+Date: Mon, 12 Jun 2023 19:54:31 +0200
+Subject: [PATCH] Allow in-source builds required for OpenWrt toolchain.
+
+Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
+---
+ CMakeLists.txt | 7 -------
+ 1 file changed, 7 deletions(-)
+
+diff --git a/CMakeLists.txt b/CMakeLists.txt
+index 43f8f31b..b88f0f0c 100644
+--- a/CMakeLists.txt
++++ b/CMakeLists.txt
+@@ -10,13 +10,6 @@ if(CMAKE_COMPILER_IS_GNUCXX)
+ endif(CMAKE_COMPILER_IS_GNUCXX)
+ set(CMAKE_C_STANDARD 11)
+ set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -std=c11 -D_DEFAULT_SOURCE=1 -D_GNU_SOURCE=1")
+-if("${PROJECT_SOURCE_DIR}" STREQUAL "${PROJECT_BINARY_DIR}")
+- message(FATAL_ERROR "In-source builds are not allowed.\n"
+- "Please remove ${PROJECT_SOURCE_DIR}/CMakeCache.txt\n"
+- "and\n"
+- "${PROJECT_SOURCE_DIR}/CMakeFiles\n"
+- "Create a build directory somewhere and run CMake again.")
+-endif()
+ set(CMAKE_MODULE_PATH ${CMAKE_SOURCE_DIR}/cmake)
+ find_package(PkgConfig REQUIRED)
+
+--
+2.30.2
+
diff --git a/packages/openwrt/net/nDPId-testing/Makefile b/packages/openwrt/net/nDPId-testing/Makefile
new file mode 100644
index 000000000..995250527
--- /dev/null
+++ b/packages/openwrt/net/nDPId-testing/Makefile
@@ -0,0 +1,168 @@
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=nDPId-testing
+PKG_VERSION:=1.0
+PKG_RELEASE:=$(AUTORELEASE)
+
+ifneq ($(wildcard /artifacts),)
+PKG_DIRECTORY:=/artifacts
+else
+PKG_DIRECTORY:=../../../..
+endif
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
+
+PKG_MAINTAINER:=Toni
+PKG_LICENSE:=GPL-3
+PKG_LICENSE_FILES:=COPYING
+
+CMAKE_INSTALL:=1
+
+include $(INCLUDE_DIR)/kernel.mk
+include $(INCLUDE_DIR)/package.mk
+include $(INCLUDE_DIR)/cmake.mk
+
+define Package/nDPId-testing
+ TITLE:=nDPId is a tiny nDPI based daemons / toolkit (nDPId source repository)
+ SECTION:=net
+ CATEGORY:=Network
+ DEPENDS:=@!SMALL_FLASH @!LOW_MEMORY_FOOTPRINT +libpcap +zlib +LIBNDPI_GCRYPT:libgcrypt +NDPID_TESTING_INFLUXDB:libcurl +NDPID_TESTING_PFRING:libpfring
+ URL:=http://github.com/lnslbrty/nDPId
+endef
+
+define Package/nDPId-testing/description
+ nDPId is a set of daemons and tools to capture, process and classify network flows.
+ It's only dependencies (besides a half-way modern c library and POSIX threads) are libnDPI (>= 3.6.0 or current github dev branch) and libpcap.
+endef
+
+define Package/nDPId-testing/config
+config NDPID_TESTING_COLLECTD_SUPPORT
+ bool "nDPId collectd support"
+ depends on PACKAGE_nDPId-testing && PACKAGE_collectd-mod-exec && !CONFIG_NDPID_COLLECTD_SUPPORT
+ default n
+ help
+ This option enables collectd to gather nDPId statistics via plugin-exec.
+ Disabled by default.
+
+config NDPID_TESTING_LIBNDPI_COMMIT_HASH
+ string "libnDPI commit hash"
+ depends on PACKAGE_nDPId-testing
+ default ""
+ help
+ Set the desired libnDPI git commit hash you want to link nDPId against.
+ Leave empty to use the dev branch.
+ Disabled by default.
+
+config NDPID_TESTING_INFLUXDB
+ bool "nDPIsrvd-influxdb"
+ depends on PACKAGE_nDPId-testing
+ default n
+ help
+ An InfluxDB push daemon. It aggregates various statistics gathered from nDPId.
+ The results are sent to a specified InfluxDB endpoint.
+
+config NDPID_TESTING_PFRING
+ bool "PF_RING support"
+ depends on PACKAGE_nDPId-testing
+ default n
+ help
+ Enable PF_RING support for faster packet capture.
+endef
+
+CMAKE_OPTIONS += -DBUILD_EXAMPLES=ON
+CMAKE_OPTIONS += -DBUILD_NDPI=OFF
+CMAKE_OPTIONS += -DNDPI_NO_PKGCONFIG=ON
+CMAKE_OPTIONS += -DENABLE_ZLIB=ON
+CMAKE_OPTIONS += -DENABLE_SANITIZER=OFF
+CMAKE_OPTIONS += -DENABLE_MEMORY_PROFILING=OFF
+CMAKE_OPTIONS += -DNEED_LINKING_AGAINST_LIBM=ON
+CMAKE_OPTIONS += -DSTATIC_LIBNDPI_INSTALLDIR="$(PKG_BUILD_DIR)/libnDPI/install"
+
+TARGET_CFLAGS += -DLIBNDPI_STATIC=1
+TARGET_CFLAGS += -Werror
+
+ifneq ($(CONFIG_NDPID_TESTING_PFRING),)
+# FIXME: PFRING kernel include directory is hardcoded (not installed to linux header directory).
+CMAKE_OPTIONS += -DENABLE_PFRING=ON \
+ -DPFRING_KERNEL_INC="$(KERNEL_BUILD_DIR)/PF_RING-8.4.0/kernel" \
+ -DPFRING_INSTALLDIR="$(STAGING_DIR)/usr" \
+ -DPFRING_LINK_STATIC=OFF
+endif
+
+ifneq ($(CONFIG_NDPID_TESTING_INFLUXDB),)
+CMAKE_OPTIONS += -DENABLE_CURL=ON
+endif
+
+ifneq ($(CONFIG_LIBNDPI_GCRYPT),)
+CMAKE_OPTIONS += -DNDPI_WIDTH_GCRYPT=ON
+endif
+
+ifdef CONFIG_NDPID_TESTING_COLLECTD_SUPPORT
+define Package/nDPId-testing/install-collectd-files
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/nDPIsrvd-collectd $(1)/usr/bin/nDPIsrvd-testing-collectd
+endef
+endif
+
+ifdef CONFIG_NDPID_TESTING_LIBNDPI_COMMIT_HASH
+define Package/nDPId-testing/get-and-build-libndpi
+ @echo 'Using commit hash: $(CONFIG_NDPID_TESTING_LIBNDPI_COMMIT_HASH)'
+ env \
+ CC="$(TARGET_CC)" \
+ AR="$(TARGET_AR)" \
+ RANLIB="$(TARGET_RANLIB)" \
+ CFLAGS="$(TARGET_CFLAGS)" \
+ CPPFLAGS="$(TARGET_CPPFLAGS)" \
+ LDFLAGS="$(TARGET_LDFLAGS)" \
+ MAKE_PROGRAM="$(MAKE)" \
+ NDPI_COMMIT_HASH=$(CONFIG_NDPID_TESTING_LIBNDPI_COMMIT_HASH) \
+ $(PKG_BUILD_DIR)/scripts/get-and-build-libndpi.sh
+endef
+else
+define Package/nDPId-testing/get-and-build-libndpi
+ @echo 'Using dev branch.'
+ env \
+ CC="$(TARGET_CC)" \
+ AR="$(TARGET_AR)" \
+ RANLIB="$(TARGET_RANLIB)" \
+ CFLAGS="$(TARGET_CFLAGS)" \
+ CPPFLAGS="$(TARGET_CPPFLAGS)" \
+ LDFLAGS="$(TARGET_LDFLAGS)" \
+ MAKE_PROGRAM="$(MAKE)" \
+ $(PKG_BUILD_DIR)/scripts/get-and-build-libndpi.sh
+endef
+endif
+
+define Build/Prepare
+ @rm -f '$(DL_DIR)/$(PKG_SOURCE)'
+ @rm -rf '$(PKG_BUILD_DIR)/*'
+ @echo 'tar: $(DL_DIR)/$(PKG_SOURCE)'
+ @echo 'pwd: $(shell pwd)'
+ @echo 'PKG_DIRECTORY=$(PKG_DIRECTORY)'
+ @echo 'PKG_SOURCE_SUBDIR=$(PKG_SOURCE_SUBDIR)'
+ cd '$(PKG_DIRECTORY)' && git archive --prefix '$(PKG_SOURCE_SUBDIR)/' -o '$(DL_DIR)/new_$(PKG_SOURCE)' HEAD
+ mv '$(DL_DIR)/new_$(PKG_SOURCE)' '$(DL_DIR)/$(PKG_SOURCE)'; \
+ $(PKG_UNPACK)
+ cd '$(PKG_BUILD_DIR)' && patch -p1 < $(PKG_BUILD_DIR)/packages/openwrt/net/nDPId-testing/001-enable-in-source-build.patch
+ $(call Package/nDPId-testing/get-and-build-libndpi)
+endef
+
+define Package/nDPId-testing/install
+ $(INSTALL_DIR) $(1)/usr/sbin
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/nDPId $(1)/usr/sbin/nDPId-testing
+
+ $(INSTALL_DIR) $(1)/usr/bin
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/nDPId-test $(1)/usr/bin/nDPId-testing-test
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/nDPIsrvd $(1)/usr/bin/nDPIsrvd-testing
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/nDPIsrvd-analysed $(1)/usr/bin/nDPIsrvd-testing-analysed
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/nDPIsrvd-captured $(1)/usr/bin/nDPIsrvd-testing-captured
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/nDPIsrvd-collectd $(1)/usr/bin/nDPIsrvd-testing-collectd
+
+ $(INSTALL_DIR) $(1)/etc/init.d/
+ $(INSTALL_BIN) $(PKG_NAME).init $(1)/etc/init.d/$(PKG_NAME)
+ $(INSTALL_DIR) $(1)/etc/config
+ $(INSTALL_CONF) $(PKG_NAME).config $(1)/etc/config/$(PKG_NAME)
+
+ $(call Package/nDPId-testing/install-collectd-files,$(1))
+endef
+
+$(eval $(call BuildPackage,nDPId-testing))
diff --git a/packages/openwrt/net/nDPId-testing/nDPId-testing.config b/packages/openwrt/net/nDPId-testing/nDPId-testing.config
new file mode 100644
index 000000000..2e1871d29
--- /dev/null
+++ b/packages/openwrt/net/nDPId-testing/nDPId-testing.config
@@ -0,0 +1,58 @@
+config nDPIsrvd
+ option enabled 0
+ option respawn 0
+ #option tcp_listen '127.0.0.1:7000'
+ #option max_remotes 32
+ #option max_buffered_json_lines 1024
+
+config nDPIsrvd-analysed
+ option enabled 0
+ option respawn 0
+ option csv_dir '/mnt/sda1/nDPId-analysed-csv'
+
+config nDPIsrvd-captured
+ option enabled 0
+ option respawn 0
+ option pcap_rotation 86400
+ option datadir '/mnt/sda1/nDPId-captured-pcaps'
+ option capture_guessed 1
+ option capture_undetected 1
+ option capture_midstream 1
+ option ignore_empty_l4 1
+ list capture_risk '0'
+ list capture_risk '~15'
+
+config nDPId
+ option enabled 0
+ option respawn 0
+ # General
+ #option interface 'br-lan'
+ #option internal_only 0
+ #option external_only 0
+ #option bpf_filter 'tcp'
+ #option udp_connect '127.0.0.1:31337'
+ #option proto_file ''
+ #option cat_file ''
+ #option ja3_file ''
+ #option ssl_file ''
+ #option alias ''
+ #option analysis 0
+ #option compression 0
+ # Tuning
+ #option 'max_flows_per_thread' 2048
+ #option 'max_idle_flows_per_thread' 64
+ #option 'max_reader_threads' 2
+ #option 'daemon_status_interval' 600000000
+ #option 'compression_scan_interval' 20000000
+ #option 'compression_flow_inactivity' 30000000
+ #option 'flow_scan_interval' 10000000
+ #option 'generic_max_idle_time' 600000000
+ #option 'icmp_max_idle_time' 120000000
+ #option 'udp_max_idle_time' 180000000
+ #option 'tcp_max_idle_time' 3145032704
+ #option 'tcp_max_post_end_flow_time' 120000000
+ #option 'max_packets_per_flow_to_send' 15
+ #option 'max_packets_per_flow_to_process' 32
+ #option 'max_packets_per_flow_to_analyse' 32
+ #option 'error_event_threshold_n' 16
+ #option 'error_event_threshold_time' 10000000
diff --git a/packages/openwrt/net/nDPId-testing/nDPId-testing.init b/packages/openwrt/net/nDPId-testing/nDPId-testing.init
new file mode 100644
index 000000000..850ec47a8
--- /dev/null
+++ b/packages/openwrt/net/nDPId-testing/nDPId-testing.init
@@ -0,0 +1,286 @@
+#!/bin/sh /etc/rc.common
+
+START=99
+STOP=80
+
+USE_PROCD=1
+
+NDPID_SUFFIX="-testing"
+NDPISRVD_NAME="nDPIsrvd${NDPID_SUFFIX}"
+NDPISRVD_BIN="/usr/bin/${NDPISRVD_NAME}"
+NDPISRVD_ANALYSED_NAME="nDPIsrvd${NDPID_SUFFIX}-analysed"
+NDPISRVD_ANALYSED_BIN="/usr/bin/${NDPISRVD_ANALYSED_NAME}"
+NDPISRVD_CAPTURED_NAME="nDPIsrvd${NDPID_SUFFIX}-captured"
+NDPISRVD_CAPTURED_BIN="/usr/bin/${NDPISRVD_CAPTURED_NAME}"
+NDPID_NAME="nDPId${NDPID_SUFFIX}"
+NDPID_BIN="/usr/sbin/${NDPID_NAME}"
+DISTRIBUTOR_SOCKET="/var/run/${NDPID_NAME}/nDPIsrvd-distributor.sock"
+
+print_arg_bool() {
+ local cfg="$1"
+ local var="$2"
+ local opt="$3"
+ local aux
+
+ config_get_bool aux "$cfg" "$var" '0'
+ if [ $aux -ne 0 ]; then
+ printf ' %s' "$opt"
+ fi
+}
+
+print_arg_str() {
+ local cfg="$1"
+ local var="$2"
+ local opt="$3"
+ local aux
+
+ config_get aux "$cfg" "$var"
+ if [ ! -z "$aux" ]; then
+ printf ' %s' "$opt$aux"
+ fi
+}
+
+start_ndpid_instance() {
+ local cfg=$1
+ local aux
+ local args
+ local netif
+ local sink
+
+ config_get_bool aux "$cfg" 'enabled' '0'
+ if [ "$aux" -eq 0 ]; then
+ return 1
+ fi
+
+ # General
+ config_get_bool netif "$cfg" 'interface'
+ if [ -z "$netif" ]; then
+ netif='default'
+ fi
+
+ config_get sink "$cfg" 'udp_connect'
+ if [ -z "$sink" ]; then
+ sink="/var/run/${NDPID_NAME}/nDPIsrvd-collector.sock"
+ fi
+
+ args="$(print_arg_str "$cfg" 'interface' '-i')"
+ args="$args$(print_arg_bool "$cfg" 'use_pfring' '-r')"
+ args="$args$(print_arg_bool "$cfg" 'internal_only' '-I')"
+ args="$args$(print_arg_bool "$cfg" 'external_only' '-E')"
+ args="$args$(print_arg_str "$cfg" 'bpf_filter' '-B')"
+ args="$args$(print_arg_bool "$cfg" 'use_poll' '-e')"
+ args="$args$(print_arg_str "$cfg" 'proto_file' '-P')"
+ args="$args$(print_arg_str "$cfg" 'cat_file' '-C')"
+ args="$args$(print_arg_str "$cfg" 'ja3_file' '-J')"
+ args="$args$(print_arg_str "$cfg" 'ssl_file' '-S')"
+ args="$args$(print_arg_str "$cfg" 'alias' '-a')"
+ args="$args$(print_arg_bool "$cfg" 'analysis' '-A')"
+ args="$args$(print_arg_bool "$cfg" 'compression' '-z')"
+
+ # Tuning
+ args="$args$(print_arg_str "$cfg" 'max_flows_per_thread' '-omax-flows-per-thread=')"
+ args="$args$(print_arg_str "$cfg" 'max_idle_flows_per_thread' '-omax-idle-flows-per-thread=')"
+ args="$args$(print_arg_str "$cfg" 'max_reader_threads' '-omax-reader-threads=')"
+ args="$args$(print_arg_str "$cfg" 'daemon_status_interval' '-odaemon-status-interval=')"
+ args="$args$(print_arg_str "$cfg" 'compression_scan_interval' '-ocompression-scan-interval=')"
+ args="$args$(print_arg_str "$cfg" 'compression_flow_inactivity' '-ocompression-flow-inactivity=')"
+ args="$args$(print_arg_str "$cfg" 'flow_scan_interval' '-oflow-scan-interval=')"
+ args="$args$(print_arg_str "$cfg" 'generic_max_idle_time' '-ogeneric-max-idle-time=')"
+ args="$args$(print_arg_str "$cfg" 'icmp_max_idle_time' '-oicmp-max-idle-time=')"
+ args="$args$(print_arg_str "$cfg" 'udp_max_idle_time' '-oudp-max-idle-time=')"
+ args="$args$(print_arg_str "$cfg" 'tcp_max_idle_time' '-otcp-max-idle-time=')"
+ args="$args$(print_arg_str "$cfg" 'tcp_max_post_end_flow_time' '-otcp-max-post-end-flow-time=')"
+ args="$args$(print_arg_str "$cfg" 'max_packets_per_flow_to_send' '-omax-packets-per-flow-to-send=')"
+ args="$args$(print_arg_str "$cfg" 'max_packets_per_flow_to_process' '-omax-packets-per-flow-to-process=')"
+ args="$args$(print_arg_str "$cfg" 'max_packets_per_flow_to_analyse' '-omax-packets-per-flow-to-analyse=')"
+ args="$args$(print_arg_str "$cfg" 'error_event_threshold_n' '-oerror-event-threshold-n=')"
+ args="$args$(print_arg_str "$cfg" 'error_event_threshold_time' '-oerror-event-threshold-time=')"
+
+ procd_open_instance
+ procd_set_param command ${NDPID_BIN}
+ procd_set_param pidfile "/var/run/${NDPID_NAME}/nDPId-${netif}.pid"
+ procd_append_param command -undpi -gndpi -p"/var/run/${NDPID_NAME}/nDPId-${netif}.pid" -c"${sink}" $args
+
+ config_get_bool aux "$cfg" 'respawn' '0'
+ [ "$aux" = 1 ] && procd_set_param respawn
+
+ procd_close_instance
+}
+
+validate_ndpid_section() {
+ uci_load_validate ${NDPID_NAME} nDPId "$1" "$2" \
+ 'enabled:bool:0' \
+ 'respawn:bool:0' \
+ 'interface:string' \
+ 'internal_only:bool:0' \
+ 'external_only:bool:0' \
+ 'bpf_filter:string' \
+ 'udp_connect:string' \
+ 'proto_file:string' \
+ 'cat_file:string' \
+ 'ja3_file:string' \
+ 'ssl_file:string' \
+ 'alias:string' \
+ 'analysis:bool:0' \
+ 'compression:bool:0' \
+ 'max_flows_per_thread:uinteger' \
+ 'max_idle_flows_per_thread:uinteger' \
+ 'max_reader_threads:uinteger' \
+ 'daemon_status_interval:uinteger' \
+ 'compression_scan_interval:uinteger' \
+ 'compression_flow_inactivity:uinteger' \
+ 'flow_scan_interval:uinteger' \
+ 'generic_max_idle_time:uinteger' \
+ 'icmp_max_idle_time:uinteger' \
+ 'udp_max_idle_time:uinteger' \
+ 'tcp_max_idle_time:uinteger' \
+ 'tcp_max_post_end_flow_time:uinteger' \
+ 'max_packets_per_flow_to_send:uinteger' \
+ 'max_packets_per_flow_to_process:uinteger' \
+ 'max_packets_per_flow_to_analyse:uinteger' \
+ 'error_event_threshold_n:uinteger' \
+ 'error_event_threshold_time:uinteger'
+}
+
+start_ndpisrvd_instance() {
+ local cfg=$1
+ local aux
+ local args
+ local collector_sock
+
+ config_get_bool aux "$cfg" 'enabled' '0'
+ if [ "$aux" -eq 0 ]; then
+ return 1
+ fi
+
+ collector_sock="/var/run/${NDPID_NAME}/nDPIsrvd-collector.sock"
+
+ args="$(print_arg_str "$cfg" 'tcp_listen' '-S')"
+ args="$args$(print_arg_str "$cfg" 'max_remotes' '-m')"
+ args="$args$(print_arg_str "$cfg" 'max_buffered_json_lines' '-C')"
+
+ procd_open_instance
+ procd_set_param command ${NDPISRVD_BIN}
+ procd_set_param pidfile "/var/run/${NDPID_NAME}/nDPIsrvd.pid"
+ procd_append_param command -undpi -gndpi -p"/var/run/${NDPID_NAME}/nDPIsrvd.pid" -c"${collector_sock}" -s"${DISTRIBUTOR_SOCKET}" $args
+
+ config_get_bool aux "$cfg" 'respawn' '0'
+ [ "$aux" = 1 ] && procd_set_param respawn
+
+ procd_close_instance
+}
+
+validate_ndpisrvd_section() {
+ uci_load_validate ${NDPID_NAME} nDPId "$1" "$2" \
+ 'enabled:bool:0' \
+ 'respawn:bool:0' \
+ 'tcp_listen:string' \
+ 'max_remotes:uinteger' \
+ 'max_buffered_json_lines:uinteger'
+}
+
+start_ndpisrvd_analysed_instance() {
+ local cfg="$1"
+ local csv_dir
+
+ config_get_bool aux "$cfg" 'enabled' '0'
+ if [ "$aux" -eq 0 ]; then
+ return 1
+ fi
+
+ config_get aux "$cfg" 'csv_dir'
+ if [ -z "$aux" ]; then
+ return 1
+ fi
+ mkdir -p "$aux"
+ chown ndpi:ndpi "$aux"
+
+ csv_dir="$(print_arg_str "$cfg" 'csv_dir' '')"
+ csv_dir="-o${csv_dir}/nDPId-analyse.csv"
+
+ procd_open_instance
+ procd_set_param command ${NDPISRVD_ANALYSED_BIN}
+ procd_set_param pidfile "/var/run/${NDPID_NAME}/nDPIsrvd-analysed.pid"
+ procd_append_param command -undpi -gndpi -p"/var/run/${NDPID_NAME}/nDPIsrvd-analysed.pid" -s"${DISTRIBUTOR_SOCKET}" ${csv_dir}
+
+ config_get_bool aux "$cfg" 'respawn' '0'
+ [ "$aux" = 1 ] && procd_set_param respawn
+
+ procd_close_instance
+}
+
+validate_ndpisrvd_analysed_section() {
+ uci_load_validate ${NDPID_NAME} nDPId "$1" "$2" \
+ 'enabled:bool:0' \
+ 'respawn:bool:0' \
+ 'csv_dir:string'
+}
+
+start_ndpisrvd_captured_instance() {
+ local cfg="$1"
+ local args
+ local risk_args
+
+ config_get_bool aux "$cfg" 'enabled' '0'
+ if [ "$aux" -eq 0 ]; then
+ return 1
+ fi
+
+ config_get aux "$cfg" 'datadir'
+ if [ -z "$aux" ]; then
+ return 1
+ fi
+ mkdir -p "$aux"
+ chown ndpi:ndpi "$aux"
+
+ handle_capture_risks() {
+ local risk=" -R$1"
+ printf '%s' "$risk"
+ }
+ risk_args="$(config_list_foreach "$cfg" capture_risk handle_capture_risks)"
+
+ args="$(print_arg_str "$cfg" 'pcap_rotation' '-r')"
+ args="$args$(print_arg_str "$cfg" 'datadir' '-D')"
+ args="$args$(print_arg_bool "$cfg" 'capture_guessed' '-G')"
+ args="$args$(print_arg_bool "$cfg" 'capture_undetected' '-U')"
+ args="$args$(print_arg_bool "$cfg" 'capture_midstream' '-M')"
+ args="$args$(print_arg_bool "$cfg" 'ignore_empty_l4' '-E')"
+
+ procd_open_instance
+ procd_set_param command ${NDPISRVD_CAPTURED_BIN}
+ procd_set_param pidfile "/var/run/${NDPID_NAME}/nDPIsrvd-captured.pid"
+ procd_append_param command -undpi -gndpi -p"/var/run/${NDPID_NAME}/nDPIsrvd-captured.pid" -s"${DISTRIBUTOR_SOCKET}" $args ${risk_args}
+
+ config_get_bool aux "$cfg" 'respawn' '0'
+ [ "$aux" = 1 ] && procd_set_param respawn
+
+ procd_close_instance
+}
+
+validate_ndpisrvd_captured_section() {
+ uci_load_validate ${NDPID_NAME} nDPId "$1" "$2" \
+ 'enabled:bool:0' \
+ 'respawn:bool:0' \
+ 'pcap_rotation:uinteger' \
+ 'datadir:string' \
+ 'capture_guessed:bool:1' \
+ 'capture_undetected:bool:1' \
+ 'capture_midstream:bool:1' \
+ 'ignore_empty_l4:bool:1' \
+ 'capture_risk:list(string)'
+}
+
+start_service() {
+ config_load ${NDPID_NAME}
+
+ user_exists ndpi 6543 || user_add ndpi 6543
+ group_exists ndpi 6543 || group_add ndpi 6543
+
+ mkdir -p "/var/run/${NDPID_NAME}"
+ chown ndpi:ndpi "/var/run/${NDPID_NAME}"
+
+ config_foreach validate_ndpisrvd_section nDPIsrvd start_ndpisrvd_instance
+ config_foreach validate_ndpisrvd_analysed_section nDPIsrvd-analysed start_ndpisrvd_analysed_instance
+ config_foreach validate_ndpisrvd_captured_section nDPIsrvd-captured start_ndpisrvd_captured_instance
+ config_foreach validate_ndpid_section nDPId start_ndpid_instance
+}