fixed package

6 files changed, 248 insertions, 0 deletions

diff --git a/.SRCINFO b/.SRCINFO
new file mode 100644
index 000000000000..a8004107b7ed
--- /dev/null
+++ b/.SRCINFO
@@ -0,0 +1,27 @@
+pkgbase = redsocks-git
+	pkgdesc = Transparent redirector of any TCP connection to proxy using your firewall
+	pkgver = 0.1.r43.g2e3f648
+	pkgrel = 1
+	url = http://darkk.net.ru/redsocks/
+	install = redsocks.install
+	arch = i686
+	arch = x86_64
+	license = GPL3
+	makedepends = git
+	depends = libevent
+	provides = redsocks
+	conflicts = redsocks
+	backup = etc/redsocks.conf
+	backup = etc/conf.d/redsocks
+	backup = etc/iptables/redsocks.rules
+	source = redsocks-git::git+https://github.com/darkk/redsocks.git
+	source = redsocks.conf
+	source = redsocks.tmpfiles
+	source = redsocks.rules
+	md5sums = SKIP
+	md5sums = ed8b0090ded9de0940b1cd7539c78422
+	md5sums = 9be5e8bea768b1a8fdec55a8e8af33fd
+	md5sums = 04702a7faf31d707d3df4c116bd58a6d
+
+pkgname = redsocks-git
+
diff --git a/PKGBUILD b/PKGBUILD
new file mode 100644
index 000000000000..94f5c9db4291
--- /dev/null
+++ b/PKGBUILD
@@ -0,0 +1,53 @@
+# Maintainer: mortzu <me@mortzu.de>
+# Contributor: David Manouchehri <d@32t.ca>
+# Submitter: fluffylime <fluffylime@gmail.com>
+
+pkgname=redsocks-git
+pkgver=0.1.r43.g2e3f648
+pkgrel=1
+pkgdesc='Transparent redirector of any TCP connection to proxy using your firewall'
+arch=('i686' 'x86_64')
+url='http://darkk.net.ru/redsocks/'
+license=('GPL3')
+depends=('libevent')
+makedepends=('git')
+conflicts=('redsocks')
+provides=('redsocks')
+install=redsocks.install
+backup=('etc/redsocks.conf'
+        'etc/conf.d/redsocks'
+        'etc/iptables/redsocks.rules')
+
+source=("$pkgname"::'git+https://github.com/darkk/redsocks.git'
+        'redsocks.conf'
+        'redsocks.tmpfiles'
+        'redsocks.rules')
+md5sums=('SKIP'
+         'ed8b0090ded9de0940b1cd7539c78422'
+         '9be5e8bea768b1a8fdec55a8e8af33fd'
+         '04702a7faf31d707d3df4c116bd58a6d')
+
+pkgver() {
+  cd "$pkgname"
+
+  git describe | sed -E 's/([^-]*-g)/r\1/;s/-/./g;s/release.//g'
+}
+
+build() {
+  cd "$pkgname"
+
+  make
+}
+
+package() {
+  cd "$pkgname"
+
+  install -Dm644 "$srcdir/redsocks.conf" "$pkgdir/etc/redsocks.conf"
+  install -Dm644 "$srcdir/redsocks.rules" "$pkgdir/etc/iptables/redsocks.rules"
+  install -Dm644 "$srcdir/redsocks.tmpfiles" "$pkgdir/usr/lib/tmpfiles.d/redsocks.conf"
+
+  install -Dm755 "redsocks" "$pkgdir/usr/bin/redsocks"
+  install -Dm644 "README" "$pkgdir/usr/share/doc/redsocks/README"
+  install -Dm644 "redsocks.service" "$pkgdir/usr/lib/systemd/system/redsocks.service"
+  install -Dm644 "redsocks.conf.example" "$pkgdir/usr/share/doc/redsocks/redsocks.conf.example"
+}
diff --git a/redsocks.conf b/redsocks.conf
new file mode 100644
index 000000000000..85875dc0059c
--- /dev/null
+++ b/redsocks.conf
@@ -0,0 +1,106 @@
+base {
+	// debug: connection progress & client list on SIGUSR1
+	log_debug = off;
+
+	// info: start and end of client session
+	log_info = off;
+
+	/* possible `log' values are:
+	 *   stderr
+	 *   "file:/path/to/file"
+	 *   syslog:FACILITY  facility is any of "daemon", "local0"..."local7"
+	 */
+	// log = stderr;
+	// log = "file:/path/to/file";
+	log = "syslog:daemon";
+
+	// detach from console
+	daemon = on;
+
+	/* Change uid, gid and root directory, these options require root
+	 * privilegies on startup.
+	 * Note, your chroot may requre /etc/localtime if you write log to syslog.
+	 * Log is opened before chroot & uid changing.
+	 */
+	user = redsocks;
+	group = redsocks;
+	// chroot = "/var/chroot";
+
+	/* possible `redirector' values are:
+	 *   iptables   - for Linux
+	 *   ipf        - for FreeBSD
+	 *   pf         - for OpenBSD
+	 *   generic    - some generic redirector that MAY work
+	 */
+	redirector = iptables;
+}
+
+redsocks {
+	/* `local_ip' defaults to 127.0.0.1 for security reasons,
+	 * use 0.0.0.0 if you want to listen on every interface.
+	 * `local_*' are used as port to redirect to.
+	 */
+	local_ip = 127.0.0.1;
+	local_port = 31338;
+
+	// listen() queue length. Default value is SOMAXCONN and it should be
+	// good enough for most of us.
+	// listenq = 128; // SOMAXCONN equals 128 on my Linux box.
+
+	// `max_accept_backoff` is a delay to retry `accept()` after accept
+	// failure (e.g. due to lack of file descriptors). It's measured in
+	// milliseconds and maximal value is 65535. `min_accept_backoff` is
+	// used as initial backoff value and as a damper for `accept() after
+	// close()` logic.
+	// min_accept_backoff = 100;
+	// max_accept_backoff = 60000;
+
+	// `ip' and `port' are IP and tcp-port of proxy-server
+	// You can also use hostname instead of IP, only one (random)
+	// address of multihomed host will be used.
+	ip = 127.0.0.1;
+	port = 4711;
+
+
+	// known types: socks4, socks5, http-connect, http-relay
+	type = socks5;
+
+	// login = "foobar";
+	// password = "baz";
+}
+
+redudp {
+	// `local_ip' should not be 0.0.0.0 as it's also used for outgoing
+	// packets that are sent as replies - and it should be fixed
+	// if we want NAT to work properly.
+	local_ip = 127.0.0.1;
+	local_port = 10053;
+
+	// `ip' and `port' of socks5 proxy server.
+	ip = 127.0.0.1;
+	port = 4711;
+
+	// login = username;
+	// password = pazzw0rd;
+
+	// kernel does not give us this information, so we have to duplicate it
+	// in both iptables rules and configuration file.  By the way, you can
+	// set `local_ip' to 127.45.67.89 if you need more than 65535 ports to
+	// forward ;-)
+	// This limitation may be relaxed in future versions using contrack-tools.
+	dest_ip = 8.8.8.8;
+	dest_port = 53;
+
+	udp_timeout = 30;
+	udp_timeout_stream = 180;
+}
+
+dnstc {
+	// fake and really dumb DNS server that returns "truncated answer" to
+	// every query via UDP, RFC-compliant resolver should repeat same query
+	// via TCP in this case.
+	local_ip = 127.0.0.1;
+	local_port = 5300;
+}
+
+// you can add more `redsocks' and `redudp' sections if you need.
diff --git a/redsocks.install b/redsocks.install
new file mode 100644
index 000000000000..cbd617601ff5
--- /dev/null
+++ b/redsocks.install
@@ -0,0 +1,33 @@
+#!/bin/sh
+
+add_redsocks_user() {
+  getent group redsocks &>/dev/null || groupadd -r redsocks >/dev/null
+  getent passwd redsocks &>/dev/null || useradd -r -g redsocks -d / -s /bin/false -c redsocks redsocks >/dev/null
+  systemd-tmpfiles --create redsocks.conf
+}
+
+post_install() {
+  add_redsocks_user
+  cat << EOF
+To launch redsocks:
+
+1. Start an ssh tunnel on port 4711
+2. Start the redsocks and iptables daemons:
+
+    rc.d start redsocks iptables
+
+3. Load the redsocks iptables rules:
+
+    iptables-restore /etc/iptables/redsocks.rules
+EOF
+}
+
+post_upgrade() {
+  add_redsocks_user
+}
+
+post_remove() {
+  getent passwd redsocks &>/dev/null && userdel redsocks >/dev/null
+  getent group redsocks &>/dev/null && groupdel redsocks >/dev/null
+  true
+}
diff --git a/redsocks.rules b/redsocks.rules
new file mode 100644
index 000000000000..f9d979e30a4c
--- /dev/null
+++ b/redsocks.rules
@@ -0,0 +1,28 @@
+# Transparent SOCKS proxy
+# See: http://darkk.net.ru/redsocks/
+
+*nat
+:PREROUTING ACCEPT [0:0]
+:INPUT ACCEPT [0:0]
+:OUTPUT ACCEPT [0:0]
+:POSTROUTING ACCEPT [0:0]
+:REDSOCKS - [0:0]
+
+# Redirect all output through redsocks
+-A OUTPUT -p tcp -j REDSOCKS
+
+# Whitelist LANs and some other reserved addresses.
+# https://en.wikipedia.org/wiki/Reserved_IP_addresses#Reserved_IPv4_addresses
+-A REDSOCKS -d 0.0.0.0/8 -j RETURN
+-A REDSOCKS -d 10.0.0.0/8 -j RETURN
+-A REDSOCKS -d 127.0.0.0/8 -j RETURN
+-A REDSOCKS -d 169.254.0.0/16 -j RETURN
+-A REDSOCKS -d 172.16.0.0/12 -j RETURN
+-A REDSOCKS -d 192.168.0.0/16 -j RETURN
+-A REDSOCKS -d 224.0.0.0/4 -j RETURN
+-A REDSOCKS -d 240.0.0.0/4 -j RETURN
+
+# Redirect everything else to redsocks port
+-A REDSOCKS -p tcp -j REDIRECT --to-ports 31338
+
+COMMIT
diff --git a/redsocks.tmpfiles b/redsocks.tmpfiles
new file mode 100644
index 000000000000..beaa109c2f05
--- /dev/null
+++ b/redsocks.tmpfiles
@@ -0,0 +1 @@
+d /run/redsocks 0755 redsocks redsocks - -