/conftest.err
/aclocal.m4
/libtool
+/changelog-auto
/Makefile
/Makefile.in
include qpb/subdir.am
include fpm/subdir.am
include tools/subdir.am
-include debianpkg/subdir.am
include solaris/subdir.am
include bgpd/subdir.am
README.md \
m4/README.txt \
config.version \
+ changelog-auto \
+ changelog-auto.in \
\
python/clidef.py \
python/clippy/__init__.py \
--- /dev/null
+frr (@VERSION@-0) UNRELEASED; urgency=medium
+
+ * autoconf changelog entry -- for git autobuilds only.
+ remove and replace when creating releases!
+ (tools/tarsource.sh will handle this)
+
+ -- FRRouting-Dev <dev@lists.frrouting.org> Thu, 25 Oct 2018 16:36:50 +0200
+
+frr (6.0-2) testing; urgency=medium
+
+ * add install-info to build deps
+ * remove trailing whitespace from control
+ * cleanup tcp-zebra configure options
+ * drop unused SMUX client OID MIBs
+ * remove /proc check
+ * remove --enable-poll
+ * remove libtool .la files
+ * drop texlive-latex-base, texlive-generic-recommended build deps
+ * consistently allow python2 or python3
+ * remove bad USE_* options, add WERROR
+ * drop libncurses5 dep
+ * remove backports mechanism
+ * use better dependency for pythontools (binNMU compatible)
+ * remove bogus shlib:Depends on frr-dbg
+ * create frr-snmp and frr-rpki-rtrlib
+ * make frr-pythontools a "Recommends:"
+ * use redistclean target
+ * update to Debian Policy version 4.2.1
+ * raise debhelper compat level to 9
+ * ditch development-only files
+ * modernise dh_missing and use fail mode
+ * disable zeromq and FPM
+ * always install /etc/init.d/frr
+ * put frr-doc package in 'doc' section
+ * install HTML docs, drop tools/
+ * fix install for {frr,rfptest,ospfclient}
+ * add watch file
+ * change python dependency and shebang to python3:any
+ * use set -e in maintscripts
+ * put myself in as maintainer
+ * update copyright file
+ * closes: #863249
+
+ -- David Lamparter <equinox-debian@diac24.net> Thu, 25 Oct 2018 16:36:50 +0200
+
+frr (6.0-1) RELEASED; urgency=medium
+
+ * Staticd: New daemon responsible for management of static routes
+ * ISISd: Implement dst-src routing as per draft-ietf-isis-ipv6-dst-src-routing
+ * BFDd: new daemon for BFD (Bidrectional Forwarding Detection). Responsible
+ for notifying link changes to make routing protocols converge faster.
+ * various bug fixes
+
+ -- FRRouting-Dev <dev@lists.frrouting.org> Sun, 7 Oct 2018 08:10:00 -0700
+
+frr (5.0.1-0) RELEASED; urgency=medium
+
+ * Support Automake 1.16.1
+ * BGPd: Support for flowspec ICMP, DSCP, packet length, fragment and tcp flags
+ * BGPd: fix rpki validation for ipv6
+ * VRF: Workaround for kernel bug on Linux 4.14 and newer
+ * Zebra: Fix interface based routes from zebra not marked up
+ * Zebra: Fix large zebra memory usage when redistribute between protocols
+ * Zebra: Allow route-maps to match on source instance
+ * BGPd: Backport peer-attr overrides, peer-level enforce-first-as and filtered-routes fix
+ * BGPd: fix for crash during display of filtered-routes
+ * BGPd: Actually display labeled unicast routes received
+ * Label Manager: Fix to work correctly behind a label manager proxy
+ * Debian Pkg: Fix build dependency for install-info
+
+ -- FRRouting-Dev <dev@lists.frrouting.org> Thu, 5 Jul 2018 00:38:00 -0700
+
+frr (5.0-0) RELEASED; urgency=medium
+
+ * PIM: Add a Multicast Trace Command draft-ietf-idmr-traceroute-ipm-05
+ * IS-IS: Implement Three-Way Handshake as per RFC5303
+ * BGPD: Implement VPN-VRF route leaking per RFC4364.
+ * BGPD: Implement VRF with NETNS backend
+ * BGPD: Flowspec
+ * PBRD: Add a new Policy Based Routing Daemon
+
+ -- FRRouting-Dev <dev@lists.frrouting.org> Thu, 7 Jun 2018 17:47:00 -0700
+
+frr (4.0-0) RELEASED; urgency=medium
+
+ * ISIS-MT - https://tools.ietf.org/html/rfc5120
+ * BGP - RPKI (RFC 6810)
+ * BGP - v4 labeled unicast as per RFC 3107
+ * BGP/Zebra - Type 2 and 3 EVPN with symmetric and asymmetric routing
+ * EIGRP - https://tools.ietf.org/html/rfc7868
+ * FRR - Tab completion for iface names, prefix-lists, route-maps, BGP peers
+ * BABEL - https://tools.ietf.org/html/rfc6126
+ * PIM VRF - Added the ability to work with VRF’s to PIM
+ * OSPFv2 VRF - Added the ability to work with VRF’s to OSPFv2
+ * OSPFv2 Experimental SR - draft-ietf-ospf-segment-routing-extensions-24
+ * ZEBRA - Add ability to create a static route that leaks across VRF’s.
+
+ -- FRRouting-Dev <dev@lists.frrouting.org> Sun, 11 Mar 2018 17:22:20 -0700
+
+frr (3.0.3-1) RELEASED; urgency=medium
+
+ * New Enabled: PIM draft Unnumbered
+
+ -- FRRouting-Dev <dev@lists.frrouting.org> Wed, 18 Oct 2017 17:01:42 -0700
+
+frr (3.0-1) RELEASED; urgency=medium
+
+ * Added Debian 9 Backport
+
+ -- FRRouting-Dev <dev@lists.frrouting.org> Mon, 16 Oct 2017 03:28:00 -0700
+
+frr (3.0-0) RELEASED; urgency=medium
+
+ * New Enabled: BGP Shutdown Message
+ * New Enabled: BGP Large Community
+ * New Enabled: BGP RFC 7432 Partial Support w/ Ethernet VPN
+ * New Enabled: BGP EVPN RT-5
+ * New Enabled: LDP RFC 5561
+ * New Enabled: LDP RFC 5918
+ * New Enabled: LDP RFC 5919
+ * New Enabled: LDP RFC 6667
+ * New Enabled: LDP RFC 7473
+ * New Enabled: OSPF RFC 4552
+ * New Enabled: ISIS SPF Backoff draft
+ * New Enabled: PIM Unnumbered Interfaces
+ * New Enabled: PIM RFC 4611
+ * New Enabled: PIM Sparse Mode
+ * New Enabled: NHRP RFC 2332
+ * New Enabled: Label Manager
+ * Switched from hardening-wrapper to dpkg-buildflags.
+
+ -- FRRouting-Dev <dev@lists.frrouting.org> Fri, 13 Oct 2017 16:17:26 -0700
+
+frr (2.0-0) RELEASED; urgency=medium
+
+ * Switchover to FRR
+
+ -- FRRouting-Dev <dev@lists.frrouting.org> Mon, 23 Jan 2017 16:30:22 -0400
+
+quagga (0.99.24+cl3u5) RELEASED; urgency=medium
+
+ * Closes: CM-12846 - Resolve Memory leaks in 'show ip bgp neighbor json'
+ * Closes: CM-5878 - Display all ospf peers with 'show ip ospf neighbor detail all'
+ * Closes: CM-5794 - Add support for IPv6 static to null0
+ * Closes: CM-13060 - Reduce JSON memory usage.
+ * Closes: CM-10394 - protect 'could not get instance' error messages with debug
+ * Closes: CM-11173 - Move netlink error messages undeer a debug
+ * Closes: CM-13328 - Fixes route missing in hardware after reboot
+
+ -- dev-support <dev-support@cumulusnetworks.com> Fri, 11 Nov 2016 22:13:29 -0400
+
+quagga (0.99.24+cl3u4) RELEASED; urgency=medium
+
+ * Closes: CM-12687 - Buffer overflow in zebra RA code
+
+ -- dev-support <dev-support@cumulusnetworks.com> Wed, 31 Aug 2016 12:36:10 -0400
+
+quagga (0.99.24+cl3u3) RELEASED; urgency=medium
+
+ * New Enabled: Merge up-to 0.99.24 code from upstream
+ * New Enabled: Additional CLI simplification
+ * New Enabled: Various Bug Fixes
+
+ -- dev-support <dev-support@cumulusnetworks.com> Thu, 04 Aug 2016 08:43:36 -0700
+
+quagga (0.99.23.1-1+cl3u2) RELEASED; urgency=medium
+
+ * New Enabled: VRF - See Documentation for how to use
+ * New Enabled: Improved interface statistics
+ * New Enabled: Various vtysh improvements
+ * New Enabled: Numerous compile warnings and SA fixes
+ * New Enabled: Improved priviledge handlingA
+ * New Enabled: Various OSPF CLI fixes
+ * New Enabled: Prefix-list Performance Improvements.
+ * New Enabled: Allow more than 1k peers in Quagga
+ and Performance Improvements
+ * New Enabled: Systemd integration
+ * New Enabled: Various ISIS fixes
+ * New Enabled: BGP MRT improvements
+ * New Enabled: Lowered default MRAI timers
+ * New Enabled: Lowered default 'timers connect'
+ * New Enabled: 'bgp log-neighbor-changes' enabled by default
+ * New Enabled: BGP default keepalive to 3s and holdtime to 9s
+ * New Enabled: OSPF spf timers are now '0 50 5000' by default
+ * New Enabled: BGP hostname is displayed by default
+ * New Enabled: BGP 'no-as-set' is the default for
+ 'bgp as-path multipath-relax"
+ * New Enabled: RA is on by default if using 5549 on an interface
+ * New Enabled: peer-group restrictions relaxed, update-groups determine
+ outbund policy anyway
+ * New Enabled: BGP enabled 'maximum-paths 64' by default
+ * New Enabled: OSPF "log-adjacency-changes" on by default
+ * New Enabled: Zebra: Add IPv6 protocol filtering support
+ * and setting src of IPv6 routes.
+ * New Enabled: BGP and OSPF JSON commands added.
+ * New Enabled: BGP Enable multiple instances support by default
+ * New Enabled: 'banner motd file' command
+ * New Enabled: Remove bad default passwords from default conf
+ * New Enabled: BGP addpath TX
+ * New Enabled: Simplified configuration for BGP Unnumbered
+
+ * New Deprecated: Remove unused 'show memory XXX' functionality
+ * New Deprecated: Remove babel protocol
+
+ * Closes: CM-10435 Addition on hidden command
+ "bfd multihop/singlehop" and "ptm-enable" per interface command
+ * Closes: CM-9974 Get route counts right for show ip route summary
+ * Closes: CM-9786 BGP memory leak in peer hostname
+ * Closes: CM-9340 BGP: Ensure correct sequence of processing at exit
+ * Closes: CM-9270 ripd: Fix crash when a default route is passed to rip
+ * Closes: CM-9255 BGPD crash around bgp_config_write ()
+ * Closes: CM-9134 ospf6d: Fix for crash when non area 0 network
+ entered first
+ * Closes: CM-8934 OSPFv3: Check area before scheduling SPF
+ * Closes: CM-8514 zebra: Crash upon disabling a link
+ * Closes: CM-8295 BGP crash in group_announce_route_walkcb
+ * Closes: CM-8191 BGP: crash in update_subgroup_merge()
+ * Closes: CM-8015 lib: Memory reporting fails over 2GB
+ * Closes: CM-7926 BGP: crash from not NULLing freed pointers
+
+ -- dev-support <dev-support@cumulusnetworks.com> Wed, 04 May 2016 16:22:52 -0700
+
+quagga (0.99.23.1-1) unstable; urgency=medium
+
+ * New upstream release
+ * Added .png figures for info files to quagga-doc package.
+ * Changed dependency from iproute to iproute2 (thanks to Andreas
+ Henriksson). Closes: #753736
+ * Added texlive-fonts-recommended to build-depends to get ecrm1095 font
+ (thanks to Christoph Biedl). Closes: #651545
+
+ -- Christian Brunotte <ch@debian.org> Tue, 30 Sep 2014 00:20:12 +0200
+
+quagga (0.99.23-1) unstable; urgency=low
+
+ * New upstream release
+ * Removed debian/patches/readline-6.3.diff which was already in upstream.
+
+ -- Christian Hammers <ch@debian.org> Tue, 08 Jul 2014 09:15:48 +0200
+
+quagga (0.99.22.4-4) unstable; urgency=medium
+
+ * Fix build failure with readline-6.3 (thanks to Matthias Klose).
+ Closes: #741774
+
+ -- Christian Hammers <ch@debian.org> Sun, 23 Mar 2014 15:28:42 +0100
+
+quagga (0.99.22.4-3) unstable; urgency=low
+
+ * Added status to init script (thanks to Peter J. Holzer). Closes: #730625
+ * Init script now sources /lib/lsb/init-functions.
+ * Switched from hardening-wrapper to dpkg-buildflags.
+
+ -- Christian Hammers <ch@debian.org> Wed, 01 Jan 2014 19:12:01 +0100
+
+quagga (0.99.22.4-2) unstable; urgency=low
+
+ * Fixed typo in package description (thanks to Davide Prina).
+ Closes: #625860
+ * Added Italian Debconf translation (thanks to Beatrice Torracca)
+ Closes: #729798
+
+ -- Christian Hammers <ch@debian.org> Tue, 26 Nov 2013 00:47:11 +0100
+
+quagga (0.99.22.4-1) unstable; urgency=high
+
+ * SECURITY:
+ "ospfd: CVE-2013-2236, stack overrun in apiserver
+
+ the OSPF API-server (exporting the LSDB and allowing announcement of
+ Opaque-LSAs) writes past the end of fixed on-stack buffers. This leads
+ to an exploitable stack overflow.
+
+ For this condition to occur, the following two conditions must be true:
+ - Quagga is configured with --enable-opaque-lsa
+ - ospfd is started with the "-a" command line option
+
+ If either of these does not hold, the relevant code is not executed and
+ the issue does not get triggered."
+ Closes: #726724
+
+ * New upstream release
+ - ospfd: protect vs. VU#229804 (malformed Router-LSA)
+ (Quagga is said to be non-vulnerable but still adds some protection)
+
+ -- Christian Hammers <ch@debian.org> Thu, 24 Oct 2013 22:58:37 +0200
+
+quagga (0.99.22.1-2) unstable; urgency=low
+
+ * Added autopkgtests (thanks to Yolanda Robla). Closes: #710147
+ * Added "status" command to init script (thanks to James Andrewartha).
+ Closes: #690013
+ * Added "libsnmp-dev" to Build-Deps. There not needed for the official
+ builds but for people who compile Quagga themselves to activate the
+ SNMP feature (which for licence reasons cannot be done by Debian).
+ Thanks to Ben Winslow). Closes: #694852
+ * Changed watchquagga_options to an array so that quotes can finally
+ be used as expected. Closes: #681088
+ * Fixed bug that prevented restarting only the watchquagga daemon
+ (thanks to Harald Kappe). Closes: #687124
+
+ -- Christian Hammers <ch@debian.org> Sat, 27 Jul 2013 16:06:25 +0200
+
+quagga (0.99.22.1-1) unstable; urgency=low
+
+ * New upstream release
+ - ospfd restore nexthop IP for p2p interfaces
+ - ospfd: fix LSA initialization for build without opaque LSA
+ - ripd: correctly redistribute ifindex routes (BZ#664)
+ - bgpd: fix lost passwords of grouped neighbors
+ * Removed 91_ld_as_needed.diff as it was found in the upstream source.
+
+ -- Christian Hammers <ch@debian.org> Mon, 22 Apr 2013 22:21:20 +0200
+
+quagga (0.99.22-1) unstable; urgency=low
+
+ * New upstream release.
+ - [bgpd] The semantics of default-originate route-map have changed.
+ The route-map is now used to advertise the default route conditionally.
+ The old behaviour which allowed to set attributes on the originated
+ default route is no longer supported.
+ - [bgpd] this version of bgpd implements draft-idr-error-handling. This was
+ added in 0.99.21 and may not be desirable. If you need a version
+ without this behaviour, please use 0.99.20.1. There will be a
+ runtime configuration switch for this in future versions.
+ - [isisd] is in "beta" state.
+ - [ospf6d] is in "alpha/experimental" state
+ - More changes are documented in the upstream changelog!
+ * debian/watch: Adjusted to new savannah.gnu.org site, thanks to Bart
+ Martens.
+ * debian/patches/99_CVE-2012-1820_bgp_capability_orf.diff removed as its
+ in the changelog.
+ * debian/patches/99_distribute_list.diff removed as its in the changelog.
+ * debian/patches/10_doc__Makefiles__makeinfo-force.diff removed as it
+ was just for Debian woody.
+
+ -- Christian Hammers <ch@debian.org> Thu, 14 Feb 2013 00:22:00 +0100
+
+quagga (0.99.21-4) unstable; urgency=medium
+
+ * Fixed regression bug that caused OSPF "distribute-list" statements to be
+ silently ignored. The patch has already been applied upstream but there
+ has been no new Quagga release since then.
+ Thanks to Hans van Kranenburg for reporting. Closes: #697240
+
+ -- Christian Hammers <ch@debian.org> Sun, 06 Jan 2013 15:50:32 +0100
+
+quagga (0.99.21-3) unstable; urgency=high
+
+ * SECURITY:
+ CVE-2012-1820 - Quagga contained a bug in BGP OPEN message handling.
+ A denial-of-service condition could be caused by an attacker controlling
+ one of the pre-configured BGP peers. In most cases this means, that the
+ attack must be originated from an adjacent network. Closes: #676510
+
+ -- Christian Hammers <ch@debian.org> Fri, 08 Jun 2012 01:15:32 +0200
+
+quagga (0.99.21-2) unstable; urgency=low
+
+ * Renamed babeld.8 to quagga-babeld.8 as it conflicted with the
+ original mapage of the babeld package which users might want to
+ install in parallel as it is slightly more capable. Closes: #671916
+
+ -- Christian Hammers <ch@debian.org> Thu, 10 May 2012 07:53:01 +0200
+
+quagga (0.99.21-1) unstable; urgency=low
+
+ * New upstream release
+ - [bgpd] BGP multipath support has been merged
+ - [bgpd] SAFI (Multicast topology) support has been extended to propagate
+ the topology to zebra.
+ - [bgpd] AS path limit functionality has been removed
+ - [babeld] a new routing daemon implementing the BABEL ad-hoc mesh routing
+ protocol has been merged.
+ - [isisd] a major overhaul has been picked up. Please note that isisd is
+ STILL NOT SUITABLE FOR PRODUCTION USE.
+ - a lot of bugs have been fixed
+ * Added watchquagga daemon.
+ * Added DEP-3 conforming patch comments.
+
+ -- Christian Hammers <ch@debian.org> Sun, 06 May 2012 15:33:33 +0200
+
+quagga (0.99.20.1-1) unstable; urgency=high
+
+ * SECURITY:
+ CVE-2012-0249 - Quagga ospfd DoS on malformed LS-Update packet
+ CVE-2012-0250 - Quagga ospfd DoS on malformed Network-LSA data
+ CVE-2012-0255 - Quagga bgpd DoS on malformed OPEN message
+ * New upstream release. Closes: #664033
+
+ -- Christian Hammers <ch@debian.org> Fri, 16 Mar 2012 22:14:05 +0100
+
+quagga (0.99.20-4) unstable; urgency=low
+
+ * Switch to dpkg-source 3.0 (quilt) format.
+ * Switch to changelog-format-1.0.
+
+ -- Christian Hammers <ch@debian.org> Sat, 25 Feb 2012 18:52:06 +0100
+
+quagga (0.99.20-3) unstable; urgency=low
+
+ * Added --sysconfdir back to the configure options (thanks to Sven-Haegar
+ Koch). Closes: #645649
+
+ -- Christian Hammers <ch@debian.org> Tue, 18 Oct 2011 00:24:37 +0200
+
+quagga (0.99.20-2) unstable; urgency=low
+
+ * Bumped standards version to 0.9.2.
+ * Migrated to "dh" build system.
+ * Added quagga-dbg package.
+
+ -- Christian Hammers <ch@debian.org> Fri, 14 Oct 2011 23:59:26 +0200
+
+quagga (0.99.20-1) unstable; urgency=low
+
+ * New upstream release:
+ "The primary focus of this release is a fix of SEGV regression in ospfd,
+ which was introduced in 0.99.19. It also features a series of minor
+ improvements, including better RFC compliance in bgpd, better support
+ of FreeBSD and some enhancements to isisd."
+ * Fixes off-by-one bug (removed 20_ospf6_area_argv.dpatch). Closes: #519488
+
+ -- Christian Hammers <ch@debian.org> Fri, 30 Sep 2011 00:59:24 +0200
+
+quagga (0.99.19-1) unstable; urgency=high
+
+ * SECURITY:
+ "This release provides security fixes, which address assorted
+ vulnerabilities in bgpd, ospfd and ospf6d (CVE-2011-3323,
+ CVE-2011-3324, CVE-2011-3325, CVE-2011-3326 and CVE-2011-3327).
+ * New upstream release.
+ * Removed incorporated debian/patches/92_opaque_lsa_enable.dpatch.
+ * Removed incorporated debian/patches/93_opaque_lsa_fix.dpatch.
+ * Removed obsolete debian/README.Debian.Woody and README.Debian.MD5.
+
+ -- Christian Hammers <ch@debian.org> Tue, 27 Sep 2011 00:16:27 +0200
+
+quagga (0.99.18-1) unstable; urgency=low
+
+ * SECURITY:
+ "This release fixes 2 denial of services in bgpd, which can be remotely
+ triggered by malformed AS-Pathlimit or Extended-Community attributes.
+ These issues have been assigned CVE-2010-1674 and CVE-2010-1675.
+ Support for AS-Pathlimit has been removed with this release."
+ * Added Brazilian Portuguese debconf translation. Closes: #617735
+ * Changed section for quagga-doc from "doc" to "net".
+ * Added patch to fix FTBFS with latest GCC. Closes: #614459
+
+ -- Christian Hammers <ch@debian.org> Tue, 22 Mar 2011 23:13:34 +0100
+
+quagga (0.99.17-4) unstable; urgency=low
+
+ * Added comment to init script (thanks to Marc Haber). Closes: #599524
+
+ -- Christian Hammers <ch@debian.org> Thu, 13 Jan 2011 23:53:29 +0100
+
+quagga (0.99.17-3) unstable; urgency=low
+
+ * Fix FTBFS with ld --as-needed (thanks to Matthias Klose at Ubuntu).
+ Closes: #609555
+
+ -- Christian Hammers <ch@debian.org> Thu, 13 Jan 2011 23:27:06 +0100
+
+quagga (0.99.17-2) unstable; urgency=low
+
+ * Added Danisch Debconf translation (thanks to Joe Dalton). Closes: #596259
+
+ -- Christian Hammers <ch@debian.org> Sat, 18 Sep 2010 12:20:07 +0200
+
+quagga (0.99.17-1) unstable; urgency=high
+
+ * SECURITY:
+ "This release provides two important bugfixes, which address remote crash
+ possibility in bgpd discovered by CROSS team.":
+ 1. Stack buffer overflow by processing certain Route-Refresh messages
+ CVE-2010-2948
+ 2. DoS (crash) while processing certain BGP update AS path messages
+ CVE-2010-2949
+ Closes: #594262
+
+ -- Christian Hammers <ch@debian.org> Wed, 25 Aug 2010 00:52:48 +0200
+
+quagga (0.99.16-1) unstable; urgency=low
+
+ * New upstream release. Closes: #574527
+ * Added chrpath to debian/rules to fix rpath problems that lintian spottet.
+
+ -- Christian Hammers <ch@debian.org> Sun, 21 Mar 2010 17:05:40 +0100
+
+quagga (0.99.15-2) unstable; urgency=low
+
+ * Applied patch for off-by-one bug in ospf6d that caused a segmentation
+ fault when using the "area a.b.c.d filter-list prefix" command (thanks
+ to Steinar H. Gunderson). Closes: 519488
+
+ -- Christian Hammers <ch@debian.org> Sun, 14 Feb 2010 20:02:03 +0100
+
+quagga (0.99.15-1) unstable; urgency=low
+
+ * New upstream release
+ "This fixes some annoying little ospfd and ospf6d regressions, which made
+ 0.99.14 a bit of a problem release (...) This release still contains a
+ regression in the "no ip address ..." command, at least on Linux.
+ See bug #486, which contains a workaround patch. This release should be
+ considered a 1.0.0 release candidate. Please test this release as widely
+ as possible."
+ * Fixed wrong port number in zebra.8 (thanks to Thijs Kinkhorst).
+ Closes: #517860
+ * Added Russian Debconf tanslation (thanks to Yuri Kozlov).
+ Closes: #539464
+ * Removed so-version in build-dep to libreadline-dev on request of
+ Matthias Klose.
+ * Added README.source with reference to dpatch as suggested by lintian.
+ * Bumped standards versionto 3.8.3.
+
+ -- Christian Hammers <ch@debian.org> Sun, 13 Sep 2009 18:12:06 +0200
+
+quagga (0.99.14-1) unstable; urgency=low
+
+ * New upstream release
+ "This release contains a regression fix for ospf6d, various small fixes
+ and some hopefully very significant bgpd stability fixes.
+ This release should be considered a 1.0.0 release candidate. Please test
+ this release as widely as possible."
+ * Fixes bug with premature LSA aging in ospf6d. Closes: #535030
+ * Fixes section number in zebra.8 manpage. Closes: #517860
+
+ -- Christian Hammers <ch@debian.org> Sat, 25 Jul 2009 00:40:38 +0200
+
+quagga (0.99.13-2) unstable; urgency=low
+
+ * Added Japanese Debconf translation (thanks to Hideki Yamane).
+ Closes: #510714
+ * When checking for obsoleted config options in preinst, print filename
+ where it occures (thanks to Michael Bussmann). Closes: #339489
+
+ -- Christian Hammers <ch@debian.org> Sun, 19 Jul 2009 17:13:23 +0200
+
+quagga (0.99.13-1) unstable; urgency=low
+
+ * New upstream release
+ "This release is contains a number of small fixes, for potentially
+ irritating issues, as well as small enhancements to vtysh and support
+ for linking to PCRE (a much faster regex library)."
+ * Added build-dep to gawk as configure required it for memtypes.awk
+ * Replaced build-dep to gs-gpl with ghostscript as requested by lintian
+ * Minor changes to copyright and control files to make lintian happy.
+
+ -- Christian Hammers <ch@debian.org> Wed, 24 Jun 2009 17:53:28 +0200
+
+quagga (0.99.12-1) unstable; urgency=high
+
+ * New upstream release
+ "This release fixes an urgent bug in bgpd where it could hit an assert
+ if it received a long AS_PATH with a 4-byte ASN." Noteworthy bugfixes:
+ + [bgpd] Fix bgp ipv4/ipv6 accept handling
+ + [bgpd] AS4 bugfix by Chris Caputo
+ + [bgpd] Allow accepted peers to progress even if realpeer is in Connect
+ + [ospfd] Switch Fletcher checksum back to old ospfd version
+
+ -- Christian Hammers <ch@debian.org> Mon, 22 Jun 2009 00:16:33 +0200
+
+quagga (0.99.11-1) unstable; urgency=low
+
+ * New upstream release
+ "Most regressions in 0.99 over 0.98 are now believed to be fixed. This
+ release should be considered a release-candidate for a new stable series."
+ + bgpd: Preliminary UI and Linux-IPv4 support for TCP-MD5 merged
+ + zebra: ignore dead routes in RIB update
+ + [ospfd] Default route needs to be refreshed after neighbour state change
+ + [zebra:netlink] Set proto/scope on all route update messages
+ * Removed debian/patches/20_*bgp*md5*.dpatch due to upstream support.
+
+ -- Christian Hammers <ch@debian.org> Thu, 09 Oct 2008 22:56:38 +0200
+
+quagga (0.99.10-1) unstable; urgency=medium
+
+ * New upstream release
+ + bgpd: 4-Byte AS Number support
+ + Sessions were incorrectly reset if a partial AS-Pathlimit attribute
+ was received.
+ + Advertisement of Multi-Protocol prefixes (i.e. non-IPv4) had been
+ broken in the 0.99.9 release. Closes: #467656
+
+ -- Christian Hammers <ch@debian.org> Tue, 08 Jul 2008 23:32:42 +0200
+
+quagga (0.99.9-6) unstable; urgency=low
+
+ * Fixed FTBFS by adding a build-dep to libpcre3-dev (thanks to Luk Claes).
+ Closes: #469891
+
+ -- Christian Hammers <ch@debian.org> Sat, 12 Apr 2008 12:53:51 +0200
+
+quagga (0.99.9-5) unstable; urgency=low
+
+ * C.J. Adams-Collier and Paul Jakma suggested to build against libpcre3
+ which is supposed to be faster.
+
+ -- Christian Hammers <ch@debian.org> Sun, 02 Mar 2008 13:19:42 +0100
+
+quagga (0.99.9-4) unstable; urgency=low
+
+ * Added hardening-wrapper to the build-deps (thanks to Moritz Muehlenhoff).
+
+ -- Christian Hammers <ch@debian.org> Tue, 29 Jan 2008 22:33:56 +0100
+
+quagga (0.99.9-3) unstable; urgency=low
+
+ * Replaced the BGP patch by a new one so that the package builds again
+ with kernels above 2.6.21!
+ * debian/control:
+ + Moved quagga-doc to section doc to make lintian happy.
+ * Added Spanish debconf translation (thanks to Carlos Galisteo de Cabo).
+ Closes: #428574
+ * debian/control: (thanks to Marco Rodrigues)
+ + Bump Standards-Version to 3.7.3 (no changes needed).
+ + Add Homepage field.
+
+ -- Christian Hammers <ch@debian.org> Mon, 28 Jan 2008 22:29:18 +0100
+
+quagga (0.99.9-2.1) unstable; urgency=low
+
+ * Non-maintainer upload.
+ * debian/rules: fixed bashisms. (Closes: #459122)
+
+ -- Miguel Angel Ruiz Manzano <debianized@gmail.com> Tue, 22 Jan 2008 14:37:21 -0300
+
+quagga (0.99.9-2) unstable; urgency=low
+
+ * Added CVE id for the security bug to the last changelog entry.
+ Closes: 442133
+
+ -- Christian Hammers <ch@debian.org> Tue, 25 Sep 2007 22:01:31 +0200
+
+quagga (0.99.9-1) unstable; urgency=high
+
+ * SECURITY:
+ "This release fixes two potential DoS conditions in bgpd, reported by Mu
+ Security, where a bgpd could be crashed if a peer sent a malformed OPEN
+ message or a malformed COMMUNITY attribute. Only configured peers can do
+ this, hence we consider these issues to be very low impact." CVE-2007-4826
+
+ -- Christian Hammers <ch@debian.org> Wed, 12 Sep 2007 21:12:41 +0200
+
+quagga (0.99.8-1) unstable; urgency=low
+
+ * New upstream version.
+
+ -- Christian Hammers <ch@debian.org> Fri, 17 Aug 2007 00:07:04 +0200
+
+quagga (0.99.7-3) unstable; urgency=medium
+
+ * Applied patch for FTBFS with linux-libc-dev (thanks to Andrew J. Schorr
+ and Lucas Nussbaum). Closes: #429003
+
+ -- Christian Hammers <ch@debian.org> Fri, 22 Jun 2007 21:34:55 +0200
+
+quagga (0.99.7-2) unstable; urgency=low
+
+ * Added Florian Weimar as co-maintainer. Closes: 421977
+ * Added Dutch debconf translation (thanks to Bart Cornelis).
+ Closes: #420932
+ * Added Portuguese debconf translation (thanks to Rui Branco).
+ Closes: #421185
+ * Improved package description (thanks to Reuben Thomas).
+ Closes: #418933
+ * Added CVE Id to 0.99.6-5 changelog entry.
+
+ -- Christian Hammers <ch@debian.org> Wed, 02 May 2007 20:27:12 +0200
+
+quagga (0.99.7-1) unstable; urgency=low
+
+ * New upstream release. Closes: #421553
+
+ -- Christian Hammers <ch@debian.org> Mon, 30 Apr 2007 14:22:34 +0200
+
+quagga (0.99.6-6) unstable; urgency=medium
+
+ * Fixes FTBFS with tetex-live. Closes: #420468
+
+ -- Christian Hammers <ch@debian.org> Mon, 23 Apr 2007 21:34:13 +0200
+
+quagga (0.99.6-5) unstable; urgency=high
+
+ * SECURITY:
+ The bgpd daemon was vulnerable to a Denial-of-Service. Configured peers
+ could cause a Quagga bgpd to, typically, assert() and abort. The DoS
+ could be triggered by peers by sending an UPDATE message with a crafted,
+ malformed Multi-Protocol reachable/unreachable NLRI attribute.
+ This is CVE-2007-1995 and Quagga Bug#354. Closes: #418323
+
+ -- Christian Hammers <ch@debian.org> Thu, 12 Apr 2007 23:21:58 +0200
+
+quagga (0.99.6-4) unstable; urgency=low
+
+ * Improved note in README.Debian for SNMP self-builders (thanks to Matthias
+ Wamser). Closes: #414788
+
+ -- Christian Hammers <ch@debian.org> Wed, 14 Mar 2007 02:18:57 +0100
+
+quagga (0.99.6-3) unstable; urgency=low
+
+ * Updated German Debconf translation (thanks to Matthias Julius).
+ Closes: #409327
+
+ -- Christian Hammers <ch@debian.org> Sat, 10 Feb 2007 15:06:16 +0100
+
+quagga (0.99.6-2) unstable; urgency=low
+
+ * Updated config.guess/config.sub as suggested by lintian.
+ * Corrected README.Debian text regarding the WANT_SNMP flag.
+
+ -- Christian Hammers <ch@debian.org> Sun, 17 Dec 2006 01:45:37 +0100
+
+quagga (0.99.6-1) unstable; urgency=low
+
+ * New upstream release. Closes: #402361
+
+ -- Christian Hammers <ch@debian.org> Mon, 11 Dec 2006 00:28:09 +0100
+
+quagga (0.99.5-5) unstable; urgency=high
+
+ * Changed Depends on adduser to Pre-Depends to avoid uninstallability
+ in certain cases (thanks to Steve Langasek, Lucas Nussbaum).
+ Closes: #398562
+
+ -- Christian Hammers <ch@debian.org> Wed, 15 Nov 2006 17:46:34 +0100
+
+quagga (0.99.5-4) unstable; urgency=low
+
+ * Added default PAM file and some explanations regarding PAM authentication
+ of vtysh which could prevent the start at boot-time when used wrong.
+ Now PAM permits anybody to access the vtysh tool (a malicious user could
+ build his own vtysh without PAM anyway) and the access is controled by
+ the read/write permissions of the vtysh socket which are only granted to
+ users belonging to the quaggavty group (thanks to Wakko Warner).
+ Closes: #389496
+ * Added "case" to prerm script so that the Debconf question is not called a
+ second time in e.g. "new-prerm abort-upgrade" after being NACKed in the
+ old-prerm.
+
+ -- Christian Hammers <ch@debian.org> Fri, 3 Nov 2006 01:22:15 +0100
+
+quagga (0.99.5-3) unstable; urgency=medium
+
+ * Backport CVS fix for an OSPF DD Exchange regression (thanks to Matt
+ Brown). Closes: #391040
+
+ -- Christian Hammers <ch@debian.org> Wed, 25 Oct 2006 19:47:11 +0200
+
+quagga (0.99.5-2) unstable; urgency=medium
+
+ * Added LSB info section to initscript.
+ * Removed unnecessary depends to libncurses5 to make checklib happy.
+ The one to libcap should remain though as it is just temporarily
+ unused.
+
+ -- Christian Hammers <ch@debian.org> Thu, 21 Sep 2006 00:04:07 +0200
+
+quagga (0.99.5-1) unstable; urgency=low
+
+ * New upstream release. Closes: #38704
+ * Upstream fixes ospfd documentary inconsistency. Closes: #347897
+ * Changed debconf question in prerm to "high" (thanks to Rafal Pietrak).
+
+ -- Christian Hammers <ch@debian.org> Mon, 11 Sep 2006 23:43:42 +0200
+
+quagga (0.99.4-4) unstable; urgency=low
+
+ * Recreate /var/run if not present because /var is e.g. on a tmpfs
+ filesystem (thanks to Martin Pitt). Closes: #376142
+ * Removed nonexistant option from ospfd.8 manpage (thanks to
+ David Medberry). Closes: 378274
+
+ -- Christian Hammers <ch@debian.org> Sat, 15 Jul 2006 20:22:12 +0200
+
+quagga (0.99.4-3) unstable; urgency=low
+
+ * Removed invalid semicolon from rules file (thanks to Philippe Gramoulle).
+
+ -- Christian Hammers <ch@debian.org> Tue, 27 Jun 2006 23:36:07 +0200
+
+quagga (0.99.4-2) unstable; urgency=high
+
+ * Set urgency to high as 0.99.4-1 fixes a security problem!
+ * Fixed building of the info file.
+
+ -- Christian Hammers <ch@debian.org> Sun, 14 May 2006 23:04:28 +0200
+
+quagga (0.99.4-1) unstable; urgency=low
+
+ * New upstream release to fix a security problem in the telnet interface
+ of the BGP daemon which could be used for DoS attacks (CVE-2006-2276).
+ Closes: 366980
+
+ -- Christian Hammers <ch@debian.org> Sat, 13 May 2006 19:54:40 +0200
+
+quagga (0.99.3-3) unstable; urgency=low
+
+ * Added CVE numbers for the security patch in 0.99.3-2.
+
+ -- Christian Hammers <ch@debian.org> Sat, 6 May 2006 17:14:22 +0200
+
+quagga (0.99.3-2) unstable; urgency=high
+
+ * SECURITY:
+ Added security bugfix patch from upstream BTS for security problem
+ that could lead to injected routes when using RIPv1.
+ CVE-2006-2223 - missing configuration to disable RIPv1 or require
+ plaintext or MD5 authentication
+ CVE-2006-2224 - lack of enforcement of RIPv2 authentication requirements
+ Closes: #365940
+ * First amd64 upload.
+
+ -- Christian Hammers <ch@debian.org> Thu, 4 May 2006 00:22:09 +0200
+
+quagga (0.99.3-1) unstable; urgency=low
+
+ * New upstream release
+
+ -- Christian Hammers <ch@debian.org> Wed, 25 Jan 2006 13:37:27 +0100
+
+quagga (0.99.2-1) unstable; urgency=low
+
+ * New upstream release
+ Closes: #330248, #175553
+
+ -- Christian Hammers <ch@debian.org> Wed, 16 Nov 2005 00:25:52 +0100
+
+quagga (0.99.1-7) unstable; urgency=low
+
+ * Changed debian/rules check for mounted /proc directory to check
+ for /proc/1 as not all systems (e.g. 2.6 arm kernels) have
+ /proc/kcore which is a optional feature only (thanks to Lennert
+ Buytenhek). Closes: #335695
+ * Added Swedish Debconf translation (thanks to Daniel Nylander).
+ Closes: #331367
+
+ -- Christian Hammers <ch@debian.org> Thu, 27 Oct 2005 20:53:19 +0200
+
+quagga (0.99.1-6) unstable; urgency=low
+
+ * Fixed debconf dependency as requested by Joey Hess.
+
+ -- Christian Hammers <ch@debian.org> Mon, 26 Sep 2005 20:47:35 +0200
+
+quagga (0.99.1-5) unstable; urgency=low
+
+ * Rebuild with libreadline5-dev as build-dep as requested by
+ Matthias Klose. Closes: #326306
+ * Made initscript more fault tolerant against missing lines in
+ /etc/quagga/daemons (thanks to Ralf Hildebrandt). Closes: #323774
+ * Added dependency to adduser.
+
+ -- Christian Hammers <ch@debian.org> Tue, 13 Sep 2005 21:42:17 +0200
+
+quagga (0.99.1-4) unstable; urgency=low
+
+ * Added French Debconf translation (thanks to Mohammed Adnene Trojette).
+ Closes: #319324
+ * Added Czech Debconf translation (thanks to Miroslav Kure).
+ Closes: #318127
+
+ -- Christian Hammers <ch@debian.org> Sun, 31 Jul 2005 04:19:41 +0200
+
+quagga (0.99.1-3) unstable; urgency=low
+
+ * A Debconf question now asks the admin before upgrading if the daemon
+ should really be stopped as this could lead to the loss of network
+ connectivity or BGP flaps (thanks to Michael Horn and Achilleas Kotsis).
+ Also added a hint about setting Quagga "on hold" to README.Debian.
+ Closes: #315467
+ * Added patch to build on Linux/ARM.
+
+ -- Christian Hammers <ch@debian.org> Sun, 10 Jul 2005 22:19:38 +0200
+
+quagga (0.99.1-2) unstable; urgency=low
+
+ * Fixed SNMP enabled command in debian/rules (thanks to Christoph Kluenter).
+ Closes: #306840
+
+ -- Christian Hammers <ch@debian.org> Sat, 4 Jun 2005 14:04:01 +0200
+
+quagga (0.99.1-1) unstable; urgency=low
+
+ * New upstream version. Among others:
+ - BGP graceful restart and "match ip route-source" added
+ - support for interface renaming
+ - improved threading for better responsivness under load
+ * Switched to dpatch to make diffs cleaner.
+ * Made autoreconf unnecessary.
+ * Replaced quagga.dvi and quagga.ps by quagga.pdf in quagga-doc.
+ (the PostScript would have needed Makefile corrections and PDF
+ is more preferable anyway)
+ * Added isisd to the list of daemons in /etc/init.d/quagga (thanks
+ to Ernesto Elbe).
+ * Added hint for "netlink-listen: overrun" messages (thanks to
+ Hasso Tepper).
+ * Added preinst check that bails out if old smux options are in use
+ as Quagga would not start up else anyway (thanks to Bjorn Mork).
+ Closes: #308320
+
+ -- Christian Hammers <ch@debian.org> Fri, 13 May 2005 01:18:24 +0200
+
+quagga (0.98.3-7) unstable; urgency=high
+
+ * Removed SNMP support as linking against NetSNMP introduced a dependency
+ to OpenSSL which is not compatible to the GPL which governs this
+ application (thanks to Faidon Liambotis). See README.Debian for more
+ information. Closes: #306840
+ * Changed listening address of ospf6d and ripngd from 127.0.0.1 to "::1".
+ * Added build-dep to groff to let drafz-zebra-00.txt build correctly.
+
+ -- Christian Hammers <ch@debian.org> Wed, 4 May 2005 20:08:14 +0200
+
+quagga (0.98.3-6) testing-proposed-updates; urgency=high
+
+ * Removed "Recommends kernel-image-2.4" as aptitude then
+ installes a kernel-image for an arbitrary architecture as long
+ as it fullfill that recommendation which can obviously fatal
+ at the next reboot :) Also it is a violation of the policy
+ which mandates a reference to real packages (thanks to Holger Levsen).
+ Closes: #307281
+
+ -- Christian Hammers <ch@debian.org> Tue, 3 May 2005 22:53:39 +0200
+
+quagga (0.98.3-5) unstable; urgency=high
+
+ * The patch which tried to remove the OpenSSL dependency, which is
+ not only unneccessary but also a violation of the licence and thus RC,
+ stopped working a while ago, since autoreconf is no longer run before
+ building the binaries. So now ./configure is patched directly (thanks
+ to Faidon Liambotis for reporting). Closes: #306840
+ * Raised Debhelper compatibility level from 3 to 4. Nothing changed.
+ * Added build-dep to texinfo (>= 4.7) to ease work for www.backports.org.
+
+ -- Christian Hammers <ch@debian.org> Fri, 29 Apr 2005 02:31:03 +0200
+
+quagga (0.98.3-4) unstable; urgency=low
+
+ * Removed Debconf upgrade note as it was considered a Debconf abuse
+ and apart from that so obvious that it was not even worth to be
+ put into NEWS.Debian (thanks to Steve Langasek). Closes: #306384
+
+ -- Christian Hammers <ch@debian.org> Wed, 27 Apr 2005 00:10:24 +0200
+
+quagga (0.98.3-3) unstable; urgency=medium
+
+ * Adding the debconf module due to a lintian suggestion is a very
+ bad idea if no db_stop is called as the script hangs then (thanks
+ to Tore Anderson for reporting). Closes: #306324
+
+ -- Christian Hammers <ch@debian.org> Mon, 25 Apr 2005 21:55:58 +0200
+
+quagga (0.98.3-2) unstable; urgency=low
+
+ * Added debconf confmodule to postinst as lintian suggested.
+
+ -- Christian Hammers <ch@debian.org> Sun, 24 Apr 2005 13:16:00 +0200
+
+quagga (0.98.3-1) unstable; urgency=low
+
+ * New upstream release.
+ Mmost notably fixes last regression in bgpd (reannounce of prefixes
+ with changed attributes works again), race condition in netlink
+ handling while using IPv6, MTU changes handling in ospfd and several
+ crashes in ospfd, bgpd and ospf6d.
+
+ -- Christian Hammers <ch@debian.org> Mon, 4 Apr 2005 12:51:24 +0200
+
+quagga (0.98.2-2) unstable; urgency=low
+
+ * Added patch to let Quagga compile with gcc-4.0 (thanks to
+ Andreas Jochens). Closes: #300949
+
+ -- Christian Hammers <ch@debian.org> Fri, 25 Mar 2005 19:33:30 +0100
+
+quagga (0.98.2-1) unstable; urgency=medium
+
+ * Quoting the upstream announcement:
+ The 0.98.1 release unfortunately was a brown paper bag release with
+ respect to ospfd. [...] 0.98.2 has been released, with one crucial change
+ to fix the unfortunate mistake in 0.98.1, which caused problems if
+ ospfd became DR.
+ * Note: the upstream tarball had a strange problem, apparently redhat.spec
+ was twice in it? At least debuild gave a strange error message so I
+ unpacked it by hand. No changes were made to the .orig.tar.gz!
+
+ -- Christian Hammers <ch@debian.org> Fri, 4 Feb 2005 01:31:36 +0100
+
+quagga (0.98.1-1) unstable; urgency=medium
+
+ * New upstream version
+ "fixing a fatal OSPF + MD5 auth regression, and a non-fatal high-load
+ regression in bgpd which were present in the 0.98.0 release."
+ * Upstream version fixes bug in ospfd that could lead to crash when OSPF
+ packages had a MTU > 1500. Closes: #290566
+ * Added notice regarding capability kernel support to README.Debian
+ (thanks to Florian Weimer). Closes: #291509
+ * Changed permission setting in postinst script (thanks to Bastian Blank).
+ Closes: #292690
+
+ -- Christian Hammers <ch@debian.org> Tue, 1 Feb 2005 02:01:27 +0100
+
+quagga (0.98.0-3) unstable; urgency=low
+
+ * Fixed problem in init script. Closes: #290317
+ * Removed obsolete "smux peer enable" patch.
+
+ -- Christian Hammers <ch@debian.org> Fri, 14 Jan 2005 17:37:27 +0100
+
+quagga (0.98.0-2) unstable; urgency=low
+
+ * Updated broken TCP MD5 patch for BGP (thanks to John P. Looney
+ for telling me).
+
+ -- Christian Hammers <ch@debian.org> Thu, 13 Jan 2005 02:03:54 +0100
+
+quagga (0.98.0-1) unstable; urgency=low
+
+ * New upstream release
+ * Added kernel-image-2.6 as alternative to 2.4 to the recommends
+ (thanks to Faidon Liambotis). Closes: #289530
+
+ -- Christian Hammers <ch@debian.org> Mon, 10 Jan 2005 19:36:17 +0100
+
+quagga (0.97.5-1) unstable; urgency=low
+
+ * New upstream version.
+ * Added Czech debconf translation (thanks to Miroslav Kure).
+ Closes: #287293
+ * Added Brazilian debconf translation (thanks to Andre Luis Lopes).
+ Closes: #279352
+
+ -- Christian Hammers <ch@debian.org> Wed, 5 Jan 2005 23:49:57 +0100
+
+quagga (0.97.4-2) unstable; urgency=low
+
+ * Fixed quagga.info build problem.
+
+ -- Christian Hammers <ch@debian.org> Wed, 5 Jan 2005 22:38:01 +0100
+
+quagga (0.97.4-1) unstable; urgency=low
+
+ * New upstream release.
+
+ -- Christian Hammers <ch@debian.org> Tue, 4 Jan 2005 01:45:22 +0100
+
+quagga (0.97.3-2) unstable; urgency=low
+
+ * Included isisd in the daemon list.
+ * Wrote an isisd manpage.
+ * It is now ensured that zebra is always the last daemon to be stopped.
+ * (Thanks to Hasso Tepper for mailing me a long list of suggestions
+ which lead to this release)
+
+ -- Christian Hammers <ch@debian.org> Sat, 18 Dec 2004 13:14:55 +0100
+
+quagga (0.97.3-1) unstable; urgency=medium
+
+ * New upstream version.
+ - Fixes important OSPF bug.
+ * Added ht-20040911-smux.patch regarding Quagga bug #112.
+ * Updated ht-20041109-0.97.3-bgp-md5.patch for BGP with TCP MD5
+ (thanks to Matthias Wamser).
+
+ -- Christian Hammers <ch@debian.org> Tue, 9 Nov 2004 17:45:26 +0100
+
+quagga (0.97.2-4) unstable; urgency=low
+
+ * Added Portuguese debconf translation (thanks to Andre Luis Lopes).
+ Closes: #279352
+ * Disabled ospfapi server by default on recommendation of Paul Jakma.
+
+ -- Christian Hammers <ch@debian.org> Sun, 7 Nov 2004 15:07:05 +0100
+
+quagga (0.97.2-3) unstable; urgency=low
+
+ * Added Andrew Schorrs VTY Buffer patch from the [quagga-dev 1729].
+
+ -- Christian Hammers <ch@debian.org> Tue, 2 Nov 2004 00:46:56 +0100
+
+quagga (0.97.2-2) unstable; urgency=low
+
+ * Changed file and directory permissions and ownerships according to a
+ suggestion from Paul Jakma. Still not perfect though.
+ * Fixed upstream vtysh.conf.sample file.
+ * "ip ospf network broadcast" is now saved correctly. Closes: #244116
+ * Daemon options are now in /etc/quagga/debian.conf to be user
+ configurable (thanks to Simon Raven and Hasso Tepper). Closes: #266715
+
+ -- Christian Hammers <ch@debian.org> Tue, 26 Oct 2004 23:35:45 +0200
+
+quagga (0.97.2-1) unstable; urgency=low
+
+ * New upstream version.
+ Closes: #254541
+ * Fixed warning on unmodular kernels (thanks to Christoph Biedl).
+ Closes: #277973
+
+ -- Christian Hammers <ch@debian.org> Mon, 25 Oct 2004 00:47:04 +0200
+
+quagga (0.97.1-2) unstable; urgency=low
+
+ * Version 0.97 introduced shared libraries. They are now included.
+ (thanks to Raf D'Halleweyn). Closes: #277446
+
+ -- Christian Hammers <ch@debian.org> Wed, 20 Oct 2004 15:32:06 +0200
+
+quagga (0.97.1-1) unstable; urgency=low
+
+ * New upstream version.
+ * Removed some obsolete files from debian/patches.
+ * Added patch from upstream bug 113. Closes: #254541
+ * Added patch from upstream that fixes a compilation problem in the
+ ospfclient code (thanks to Hasso Tepper).
+ * Updated German debconf translation (thanks to Jens Nachtigall)
+ Closes: #277059
+
+ -- Christian Hammers <ch@debian.org> Mon, 18 Oct 2004 01:16:35 +0200
+
+quagga (0.96.5-11) unstable; urgency=low
+
+ * Fixed /tmp/buildd/* paths in binaries.
+ For some unknown reason the upstream Makefile modified a .h file at
+ the end of the "debian/rules build" target. During the following
+ "make install" one library got thus be re*compiled* - with /tmp/buildd
+ paths as sysconfdir (thanks to Peder Chr. Norgaard). Closes: #274050
+
+ -- Christian Hammers <ch@debian.org> Fri, 1 Oct 2004 01:21:02 +0200
+
+quagga (0.96.5-10) unstable; urgency=medium
+
+ * The BGP routing daemon might freeze on network disturbances when
+ their peer is also a Quagga/Zebra router.
+ Applied patch from http://bugzilla.quagga.net/show_bug.cgi?id=102
+ which has been confirmed by the upstream author.
+ (thanks to Gunther Stammwitz)
+ * Changed --enable-pam to --with-libpam (thanks to Hasso Tepper).
+ Closes: #264562
+ * Added patch for vtysh (thanks to Hasso Tepper). Closes: #215919
+
+ -- Christian Hammers <ch@debian.org> Mon, 9 Aug 2004 15:33:02 +0200
+
+quagga (0.96.5-9) unstable; urgency=low
+
+ * Rewrote the documentation chapter about SNMP support. Closes: #195653
+ * Added MPLS docs.
+
+ -- Christian Hammers <ch@debian.org> Thu, 29 Jul 2004 21:01:52 +0200
+
+quagga (0.96.5-8) unstable; urgency=low
+
+ * Adjusted a grep in the initscript to also match a modprobe message
+ from older modutils packages (thanks to Faidon Paravoid).
+
+ -- Christian Hammers <ch@debian.org> Wed, 28 Jul 2004 21:19:02 +0200
+
+quagga (0.96.5-7) unstable; urgency=low
+
+ * Added a "cd /etc/quagga/" to the init script as quagga tries to load
+ the config file first from the current working dir and then from the
+ config dir which could lead to confusion (thanks to Marco d'Itri).
+ Closes: #255078
+ * Removed warning regarding problems with the Debian kernels from
+ README.Debian as they are no longer valid (thanks to Raphael Hertzog).
+ Closes: #257580
+ * Added patch from Hasso Tepper that makes "terminal length 0" work
+ in vtysh (thanks to Matthias Wamser). Closes: #252579
+
+ -- Christian Hammers <ch@debian.org> Thu, 8 Jul 2004 21:53:21 +0200
+
+quagga (0.96.5-6) unstable; urgency=low
+
+ * Try to load the capability module as it is needed now.
+
+ -- Christian Hammers <ch@debian.org> Tue, 8 Jun 2004 23:25:29 +0200
+
+quagga (0.96.5-5) unstable; urgency=low
+
+ * Changed the homedir of the quagga user to /etc/quagga/ to allow
+ admins to put ~/.ssh/authorized_keys there (thanks to Matthias Wamser).
+ Closes: #252577
+
+ -- Christian Hammers <ch@debian.org> Sat, 5 Jun 2004 14:47:31 +0200
+
+quagga (0.96.5-4) unstable; urgency=medium
+
+ * Fixed rules file to use the renamed ./configure option --enable-tcp-md5
+ (thanks to Matthias Wamser). Closes: #252141
+
+ -- Christian Hammers <ch@debian.org> Tue, 1 Jun 2004 22:58:32 +0200
+
+quagga (0.96.5-3) unstable; urgency=low
+
+ * Provided default binary package name to all build depends that were
+ virtual packages (thanks to Goswin von Brederlow). Closes: #251625
+
+ -- Christian Hammers <ch@debian.org> Sat, 29 May 2004 22:48:53 +0200
+
+quagga (0.96.5-2) unstable; urgency=low
+
+ * New upstream version.
+ * New md5 patch version (thanks to Niklas Jakobsson and Hasso Tepper).
+ Closes: #250985
+ * Fixes info file generation (thanks to Peder Chr. Norgaard).
+ Closes: #250992
+ * Added catalan debconf translation (thanks to Aleix Badia i Bosch).
+ Closes: #250118
+ * PATCHES:
+ This release contains BGP4 MD5 support which requires a kernel patch
+ to work. See /usr/share/doc/quagga/README.Debian.MD5.
+ (The patch is ht-20040525-0.96.5-bgp-md5.patch from Hasso Tepper)
+
+ -- Christian Hammers <ch@debian.org> Thu, 27 May 2004 20:09:37 +0200
+
+quagga (0.96.5-1) unstable; urgency=low
+
+ * New upstream version.
+ * PATCHES:
+ This release contains BGP4 MD5 support which also requires a kernel patch.
+ See /usr/share/doc/quagga/README.Debian.MD5 and search for CAN-2004-0230.
+
+ -- Christian Hammers <ch@debian.org> Sun, 16 May 2004 17:40:40 +0200
+
+quagga (0.96.4x-10) unstable; urgency=low
+
+ * SECURITY:
+ This release contains support for MD5 for BGP which is one suggested
+ prevention of the actually long known TCP SYN/RST attacks which got
+ much news in the last days as ideas were revealed that made them much
+ easier probable agains especially the BGP sessions than commonly known.
+ There are a lot of arguments agains the MD5 approach but some ISPs
+ started to require it.
+ See: CAN-2004-0230, http://www.us-cert.gov/cas/techalerts/TA04-111A.html
+ * PATCHES:
+ This release contains the MD5 patch from Hasso Tepper. It also seems to
+ required a kernel patch. See /usr/share/doc/quagga/README.Debian.MD5.
+
+ -- Christian Hammers <ch@debian.org> Thu, 29 Apr 2004 01:01:38 +0200
+
+quagga (0.96.4x-9) unstable; urgency=low
+
+ * Fixed daemon loading order (thanks to Matt Kemner).
+ * Fixed typo in init script (thanks to Charlie Brett). Closes: #238582
+
+ -- Christian Hammers <ch@debian.org> Sun, 4 Apr 2004 15:32:18 +0200
+
+quagga (0.96.4x-8) unstable; urgency=low
+
+ * Patched upstream source so that quagga header files end up in
+ /usr/include/quagga/. Closes: #233792
+
+ -- Christian Hammers <ch@debian.org> Mon, 23 Feb 2004 01:42:53 +0100
+
+quagga (0.96.4x-7) unstable; urgency=low
+
+ * Fixed info file installation (thanks to Holger Dietze). Closes: #227579
+ * Added Japanese translation (thanks to Hideki Yamane). Closes: #227812
+
+ -- Christian Hammers <ch@debian.org> Sun, 18 Jan 2004 17:28:29 +0100
+
+quagga (0.96.4x-6) unstable; urgency=low
+
+ * Added dependency to iproute.
+ * Initscript now checks not only for the pid file but also for the
+ daemons presence (thanks to Phil Gregory). Closes: #224389
+ * Added my patch to configure file permissions.
+
+ -- Christian Hammers <ch@debian.org> Mon, 15 Dec 2003 22:34:29 +0100
+
+quagga (0.96.4x-5) unstable; urgency=low
+
+ * Added patch which gives bgpd the CAP_NET_RAW capability to allow it
+ to bind to special IPv6 link-local interfaces (Thanks to Bastian Blank).
+ Closes: #222930
+ * Made woody backport easier by applying Colin Watsons po-debconf hack.
+ Thanks to Marc Haber for suggesting it. Closes: #223527
+ * Made woody backport easier by applying a patch that removes some
+ obscure whitespaces inside an C macro. (Thanks to Marc Haber).
+ Closes: #223529
+ * Now uses /usr/bin/pager. Closes: #204070
+ * Added note about the "official woody backports" on my homepage.
+
+ -- Christian Hammers <ch@debian.org> Mon, 15 Dec 2003 20:39:06 +0100
+
+quagga (0.96.4x-4) unstable; urgency=high
+
+ * SECURITY:
+ Fixes another bug that was originally reported against Zebra.
+ .
+ http://rhn.redhat.com/errata/RHSA-2003-307.html
+ Herbert Xu reported that Zebra can accept spoofed messages sent on the
+ kernel netlink interface by other users on the local machine. This could
+ lead to a local denial of service attack. The Common Vulnerabilities and
+ Exposures project (cve.mitre.org) has assigned the name CAN-2003-0858 to
+ this issue.
+
+ * Minor improvements to init script (thanks to Iustin Pop).
+ Closes: #220938
+
+ -- Christian Hammers <ch@debian.org> Sat, 22 Nov 2003 13:27:57 +0100
+
+quagga (0.96.4x-3) unstable; urgency=low
+
+ * Changed "more" to "/usr/bin/pager" as default pager if $PAGER or
+ $VTYSH_PAGER is not set (thanks to Bastian Blank). Closes: #204070
+ * Made the directory (but not the config/log files!) world accessible
+ again on user request (thanks to Anand Kumria)). Closes: #213129
+ * No longer providing sample configuration in /etc/quagga/. They are
+ now only available in /usr/share/doc/quagga/ to avoid accidently
+ using them without changing the adresses (thanks to Marc Haber).
+ Closes: #215918
+
+ -- Christian Hammers <ch@debian.org> Sun, 16 Nov 2003 16:59:30 +0100
+
+quagga (0.96.4x-2) unstable; urgency=low
+
+ * Fixed permission problem with pidfile (thanks to Kir Kostuchenko).
+ Closes: #220938
+
+ -- Christian Hammers <ch@debian.org> Sun, 16 Nov 2003 14:24:08 +0100
+
+quagga (0.96.4x-1) unstable; urgency=low
+
+ * Reupload of 0.96.4. Last upload-in-a-hurry produced a totally
+ crappy .tar.gz file. Closes: #220621
+
+ -- Christian Hammers <ch@debian.org> Fri, 14 Nov 2003 19:45:57 +0100
+
+quagga (0.96.4-1) unstable; urgency=high
+
+ * SECURITY: Remote DoS of protocol daemons.
+ Fix for a remote triggerable crash in vty layer. The management
+ ports ("telnet myrouter ospfd") should not be open to the internet!
+
+ * New upstream version.
+ - OSPF bugfixes.
+ - Some improvements for bgp and rip.
+
+ -- Christian Hammers <ch@debian.org> Thu, 13 Nov 2003 11:52:27 +0100
+
+quagga (0.96.3-3) unstable; urgency=low
+
+ * Fixed pid file generation by substituting the daemons "-d" by the
+ start-stop-daemon option "--background" (thanks to Micha Gaisser).
+ Closes: #218103
+
+ -- Christian Hammers <ch@debian.org> Wed, 29 Oct 2003 05:17:49 +0100
+
+quagga (0.96.3-2) unstable; urgency=low
+
+ * Readded GNOME-PRODUCT-ZEBRA-MIB.
+
+ -- Christian Hammers <ch@debian.org> Thu, 23 Oct 2003 06:17:03 +0200
+
+quagga (0.96.3-1) unstable; urgency=medium
+
+ * New upstream version.
+ * Removed -u and -e in postrm due to problems with debhelper and userdel
+ (thanks to Adam Majer and Jaakko Niemi). Closes: #216770
+ * Removed SNMP MIBs as they are now included in libsnmp-base (thanks to
+ David Engel and Peter Gervai). Closes: #216138, #216086
+ * Fixed seq command in init script (thanks to Marc Haber). Closes: #215915
+ * Improved /proc check (thanks to Marc Haber). Closes: #212331
+
+ -- Christian Hammers <ch@debian.org> Thu, 23 Oct 2003 03:42:02 +0200
+
+quagga (0.96.2-9) unstable; urgency=medium
+
+ * Removed /usr/share/info/dir.* which were accidently there and prevented
+ the installation by dpkg (thanks to Simon Raven). Closes: #212614
+ * Reworded package description (thanks to Anand Kumria). Closes: #213125
+ * Added french debconf translation (thanks to Christian Perrier).
+ Closes: #212803
+
+ -- Christian Hammers <ch@debian.org> Tue, 7 Oct 2003 13:26:58 +0200
+
+quagga (0.96.2-8) unstable; urgency=low
+
+ * debian/rules now checks if /proc is mounted as ./configure needs
+ it but just fails with an obscure error message if it is absent.
+ (Thanks to Norbert Tretkowski). Closes: #212331
+
+ -- Christian Hammers <ch@debian.org> Tue, 23 Sep 2003 12:57:38 +0200
+
+quagga (0.96.2-7) unstable; urgency=low
+
+ * Last build was rejected due to a buggy dpkg-dev version. Rebuild.
+
+ -- Christian Hammers <ch@debian.org> Mon, 22 Sep 2003 20:34:12 +0200
+
+quagga (0.96.2-6) unstable; urgency=low
+
+ * Fixed init script so that is is now possible to just start
+ the bgpd but not the zebra daemon. Also daemons are now actually
+ started in the order defined their priority. (Thanks to Thomas Kaehn
+ and Jochen Friedrich) Closes: #210924
+
+ -- Christian Hammers <ch@debian.org> Fri, 19 Sep 2003 21:17:02 +0200
+
+quagga (0.96.2-5) unstable; urgency=low
+
+ * For using quagga as BGP route server or similar, it is not
+ wanted to have the zebra daemon running too. For this reason
+ it can now be disabled in /etc/quagga/daemons, too.
+ (Thanks to Jochen Friedrich). Closes: #210924
+ * Attached *unapplied* patch for the ISIS protocol. I did not dare
+ to apply it as long as upstream does not do it but this way give
+ users the possibilities to use it if they like to.
+ (Thanks to Remco van Mook)
+
+ -- Christian Hammers <ch@debian.org> Wed, 17 Sep 2003 19:57:31 +0200
+
+quagga (0.96.2-4) unstable; urgency=low
+
+ * Enabled IPV6 router advertisement feature by default on user request
+ (thanks to Jochen Friedrich and Hasso Tepper). Closes: #210732
+ * Updated GNU autoconf to let it build on hppa/parisc64 (thanks to
+ lamont). Closes: #210492
+
+ -- Christian Hammers <ch@debian.org> Sat, 13 Sep 2003 14:11:13 +0200
+
+quagga (0.96.2-3) unstable; urgency=medium
+
+ * Removed unnecessary "-lcrypto" to avoid dependency against OpenSSL
+ which would require further copyright addtions.
+
+ -- Christian Hammers <ch@debian.org> Wed, 10 Sep 2003 01:37:28 +0200
+
+quagga (0.96.2-2) unstable; urgency=low
+
+ * Added note that config files of quagga are in /etc/quagga and
+ not /etc/zebra for the zebra users that migrate to quagga.
+ (Thanks to Roberto Suarez Soto for the idea)
+ * Fixed setgid rights in /etc/quagga.
+
+ -- Christian Hammers <ch@debian.org> Wed, 27 Aug 2003 14:05:39 +0200
+
+quagga (0.96.2-1) unstable; urgency=low
+
+ * This package has formally been known as "zebra-pj"!
+ * New upstream release.
+ Fixes "anoying OSPF problem".
+ * Modified group ownerships so that vtysh can now be used by normal
+ uses if they are in the quaggavty group.
+
+ -- Christian Hammers <ch@debian.org> Mon, 25 Aug 2003 23:40:14 +0200
+
+quagga (0.96.1-1) unstable; urgency=low
+
+ * Zebra-pj, the fork of zebra has been renamed to quagga as the original
+ upstream author asked the new project membed not to use "zebra" in the
+ name. zebra-pj is obsolete.
+
+ -- Christian Hammers <ch@debian.org> Mon, 18 Aug 2003 23:37:20 +0200
+
+zebra-pj (0.94+cvs20030721-1) unstable; urgency=low
+
+ * New CVS build.
+ - OSPF changes (integration of the OSPF API?)
+ - code cleanups (for ipv6?)
+ * Tightened Build-Deps to gcc-2.95 as 3.x does not compile a stable ospfd.
+ This is a known problem and has been discussed on the mailing list.
+ No other solutions so far.
+
+ -- Christian Hammers <ch@debian.org> Mon, 21 Jul 2003 23:52:00 +0200
+
+zebra-pj (0.94+cvs20030701-1) unstable; urgency=low
+
+ * Initial Release.
+
+ -- Christian Hammers <ch@debian.org> Tue, 1 Jul 2003 01:58:06 +0200
AC_CONFIG_FILES([
config.version
+ changelog-auto
redhat/frr.spec
solaris/Makefile
- debianpkg/changelog
alpine/APKBUILD
snapcraft/snapcraft.yaml
lib/version.h
--- /dev/null
+* SAFETY MEASURES:
+==================
+
+Please consider setting this package "on hold" by typing
+ echo "frr hold" | dpkg --set-selections
+and verifying this using
+ dpkg --get-selections | grep 'hold$'
+
+Setting a package "on hold" means that it will not automatically be upgraded.
+Instead apt-get only displays a warning saying that a new version would be
+available forcing you to explicitly type "apt-get install frr" to upgrade it.
+
+
+* What is frr?
+=================
+
+http://www.frrouting.org/
+FRR is a routing software suite, providing implementations of OSPFv2,
+OSPFv3, RIP v1 and v2, RIPng, ISIS, PIM, BGP and LDP for Unix platforms, particularly
+FreeBSD and Linux and also NetBSD, to mention a few. FRR is a fork of Quagga
+which itself is a fork of Zebra.
+Zebra was developed by Kunihiro Ishiguro.
+
+
+* Build Profiles used in the upstream debian/
+=============================================
+
+The following Build Profiles have been added:
+
+- pkg.frr.nortrlib (pkg.frr.rtrlib)
+ controls whether the RPKI module is built.
+ Will be enabled by default at some point, adds some extra dependencies.
+
+- pkg.frr.nosnmp (pkg.frr.snmp)
+ controls whether the SNMP module is built, see below for license issues.
+ Will remain default-off as long as the license issue persists.
+
+- pkg.frr.nosystemd
+ Disables both systemd unit file installation as well as watchfrr sd_notify
+ support at startup. Removes libsystemd dependency.
+
+Note that all options have a "no" form; if you want to have your decision
+be sticky regardless of changes to what it defaults to, then always use one
+of the two. For example, all occurrences of <pkg.frr.rtrlib> will at some
+point be replaced with <!pkg.frr.nortrlib>.
+
+The main frr package has the exact same contents regardless of rtrlib or snmp
+choices. The options only control frr-snmp and frr-rpki-rtrlib packages.
+
+The main frr package does NOT have the same contents if pkg.frr.nosystemd is
+used. This option should only be used for systems that do not have systemd,
+e.g. Ubuntu 14.04.
+
+
+* Why has SNMP support been disabled?
+=====================================
+FRR used to link against the NetSNMP libraries to provide SNMP
+support. Those libraries sadly link against the OpenSSL libraries
+to provide crypto support for SNMPv3 among others.
+OpenSSL now is not compatible with the GNU GENERAL PUBLIC LICENSE (GPL)
+licence that FRR is distributed under. For more explanation read:
+ http://www.gnome.org/~markmc/openssl-and-the-gpl.html
+ http://www.gnu.org/licenses/gpl-faq.html#GPLIncompatibleLibs
+Updating the licence to explecitly allow linking against OpenSSL
+would requite the affirmation of all people that ever contributed
+a significant part to Zebra / Quagga or FRR and thus are the collective
+"copyright holder". That's too much work. Using a shrinked down
+version of NetSNMP without OpenSSL or convincing the NetSNMP people
+to change to GnuTLS are maybe good solutions but not reachable
+during the last days before the Sarge release :-(
+
+ *BUT*
+
+It is allowed by the used licence mix that you fetch the sources and
+build FRR yourself with SNMP with
+ # apt-get -b source -Ppkg.frr.snmp frr
+Just distributing it in binary form, linked against OpenSSL, is forbidden.
+
+
+* Debian Policy compliance notes
+================================
+
+- 4.15 Reproducibility
+ FRR build is reproducible as outlined in version 4.2.1 of the Policy, but
+ won't be reproducible when the build directory is varied. This is because
+ configure parameters are burned into the executables which includes CFLAGS
+ like -fdebug-prefix-map=/build/directory/...
+
+
+* Daemon selection:
+===================
+
+The Debian package uses /etc/frr/daemons to tell the
+initscript which daemons to start. It's in the format
+<daemon>=<yes|no|priority>
+with no spaces (it's simply source-d into the initscript).
+Default is not to start anything, since it can hose your
+system's routing table if not set up properly.
+
+Priorities were suggested by Dancer <dancer@zeor.simegen.com>.
+They're used to start the FRR daemons in more than one step
+(for example start one or two at network initialization and the
+rest later). The number of FRR daemons being small, priorities
+must be between 1 and 9, inclusive (or the initscript has to be
+changed). /etc/init.d/frr then can be started as
+
+/etc/init.d/frr <start|stop|restart|<priority>>
+
+where priority 0 is the same as 'stop', priority 10 or 'start'
+means 'start all'
+
+
+* Error message "privs_init: initial cap_set_proc failed":
+==========================================================
+
+This error message means that "capability support" has to be built
+into the kernel.
+
+
+* Error message "netlink-listen: overrun: No buffer space available":
+=====================================================================
+
+If this message occurs the receive buffer should be increased by adding the
+following to /etc/sysctl.conf and "--nl-bufsize" to /etc/frr/daemons.
+> net.core.rmem_default = 262144
+> net.core.rmem_max = 262144
+See message #4525 from 2005-05-09 in the quagga-users mailing list.
+
+
+* vtysh immediately exists:
+===========================
+
+Check /etc/pam.d/frr, it probably denies access to your user. The passwords
+configured in /etc/frr/frr.conf are only for telnet access.
+
--- /dev/null
+#
+# TODO
+#
+
+- check that tests/{control,daemons} actually do something useful and sensible
+- /usr/share/doc/frr-doc should be named just frr?
+- debian/watch pgpsigurlmangle / signing-key
+- multiarch for DSOs?
+- frr try-restart
+
+#
+# To check if the patches still apply on new upstream versions:
+#
+for i in debian/patches/*.diff; do echo -e "#\n# $i\n#"; patch --fuzz=3 --dry-run -p1 < $i; done
+
+#
+# Filename transition from zebra to frr
+#
+
+Files that keep their names
+ /usr/bin/vtysh
+
+Files that got an -pj suffix
+ /etc/default/zebra -> /etc/frr/daemons.conf
+ /etc/init.d/zebra -> /etc/init.d/frr
+ /etc/zebra/ -> /etc/frr/
+ /usr/share/doc/zebra/ -> /usr/share/doc/frr/
+ /var/log/zebra/ -> /var/log/frr/
+ /var/run/ -> /var/run/frr/
+
+Files that were moved
+ /usr/sbin/* -> /usr/lib/frr/
--- /dev/null
+../changelog-auto
\ No newline at end of file
--- /dev/null
+Source: frr
+Section: net
+Priority: optional
+Maintainer: David Lamparter <equinox-debian@diac24.net>
+Uploaders: FRRouting-dev <dev@lists.frrouting.org>
+Build-Depends:
+ autotools-dev,
+ bison,
+ chrpath,
+ debhelper (>= 9),
+ debhelper (>= 9.20160709) <!pkg.frr.nosystemd> | dh-systemd <!pkg.frr.nosystemd>,
+ dh-autoreconf,
+ flex,
+ gawk,
+ install-info,
+ libc-ares-dev,
+ libcap-dev,
+ libjson0 | libjson-c2 | libjson-c3,
+ libjson0-dev | libjson-c-dev,
+ libpam0g-dev | libpam-dev,
+ libpcre3-dev,
+ libpython3-dev,
+ libreadline-dev,
+ librtr-dev <!pkg.frr.nortrlib>,
+ libsnmp-dev,
+ libssh-dev <!pkg.frr.nortrlib>,
+ libsystemd-dev <!pkg.frr.nosystemd>,
+ pkg-config,
+ python3,
+ python3-sphinx,
+ python3-pytest <!nocheck>,
+ texinfo (>= 4.7)
+Standards-Version: 4.2.1
+Homepage: https://www.frrouting.org/
+Vcs-Browser: https://github.com/FRRouting/frr/
+Vcs-Git: https://github.com/FRRouting/frr.git
+
+Package: frr
+Architecture: linux-any
+Depends:
+ ${misc:Depends},
+ ${shlibs:Depends},
+ iproute2 | iproute,
+ logrotate (>= 3.2-11)
+Pre-Depends: adduser
+Recommends: frr-pythontools
+Suggests: frr-doc
+Conflicts: zebra, zebra-pj, quagga
+Replaces: zebra, zebra-pj
+Description: FRRouting suite of internet protocols (BGP, OSPF, IS-IS, ...)
+ FRRouting implements the routing protocols commonly used in the
+ internet and private networks to exchange information between routers.
+ Both IP and IPv6 are supported, as are BGP, OSPF, IS-IS, BABEL, EIGRP,
+ RIP, LDP, BFD, PIM and NHRP protocols.
+ .
+ These protocols are used to turn your system into a dynamic router,
+ exchanging information about available connections with other routers
+ in a standards-compliant way. The actual packet forwarding
+ functionality is provided by the OS kernel.
+ .
+ FRRouting is a fork of Quagga with an open community model. The main
+ git lives on https://github.com/frrouting/frr.git and the project name
+ is commonly abbreviated as "FRR."
+
+Package: frr-snmp
+Architecture: linux-any
+Depends:
+ ${misc:Depends},
+ ${shlibs:Depends},
+ frr (= ${binary:Version})
+Recommends: snmpd
+Description: FRRouting suite - SNMP support
+ Adds SNMP support to FRR's daemons by attaching to net-snmp's snmpd
+ through the AgentX protocol. Provides read-only access to current
+ routing state through standard SNMP MIBs.
+
+Package: frr-rpki-rtrlib
+Architecture: linux-any
+Depends:
+ ${misc:Depends},
+ ${shlibs:Depends},
+ frr (= ${binary:Version})
+Description: FRRouting suite - BGP RPKI support (rtrlib)
+ Adds RPKI support to FRR's bgpd, allowing validation of BGP routes
+ against cryptographic information stored in WHOIS databases. This is
+ used to prevent hijacking of networks on the wider internet. It is only
+ relevant to internet service providers using their own autonomous system
+ number.
+Build-Profiles: <!pkg.frr.nortrlib>
+
+Package: frr-doc
+Section: doc
+Architecture: all
+Depends:
+ ${misc:Depends},
+ libjs-jquery,
+ libjs-underscore
+Suggests: frr
+Description: FRRouting suite - user manual
+ This provides the FRR user manual in HTML form. This is the official
+ manual maintained as part of the package and is also available online
+ at https://frrouting.readthedocs.io/
+
+Package: frr-pythontools
+Architecture: all
+Depends:
+ ${misc:Depends},
+ frr (<< ${source:Upstream-Version}.0-~),
+ frr (>= ${source:Version}~),
+ python3:any
+Description: FRRouting suite - Python tools
+ The FRRouting suite uses a small Python tool to provide configuration
+ reload functionality, particularly useful when the interactive configuration
+ shell is not used.
+ .
+ Without this package installed, "reload" (as a systemd or init script
+ invocation) will not work for the FRR daemons.
--- /dev/null
+Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
+Upstream-Name: FRR
+Upstream-Contact: maintainers@frrouting.org, security@frrouting.org
+Source: https://www.frrouting.org/
+
+Files: *
+Copyright: 1996-2003 by the original Zebra authors:
+ Kunihiro Ishiguro <kunihiro@zebra.org>
+ Toshiaki Takada <takada@zebra.org>
+ Yasuhiro Ohara <yasu@sfc.wide.ad.jp>
+ 2003-2016 by the Quagga Project
+ 2016-2018 by the FRRouting Project
+ Adam Fitzgerald 2017
+ Alex Couloumbis 2017
+ Alexandre Chappuis 2011
+ Alexis Fasquel 2015
+ Ali Rezaee 2018
+ Ameya Dharkar 2018
+ Amritha Nambiar 2015
+ Andreas Jaggi 2017
+ Andrew Certain 2012
+ Andrew J. Schorr 2004-2011
+ Andrew Lunn 2017
+ Andrey Korolyov 2017-2018
+ Ang Way Chuang 2012
+ Anuradha Karuppiah 2016-2018
+ Arthur Jones 2018
+ Avneesh Sachdev 2012, 2016
+ Ayan Banerjee 2012
+ Balaji G. 2011-2016
+ Barry Friedman 2011
+ Bartek Kania 2008
+ Baruch Siach 2016
+ Bingen Eguzkitza 2016-2017
+ Boian Bonev 2013
+ Boris Yakubov 2013
+ Brad Smith 2012
+ Brett Ciphery 2013
+ Brian Bennett 2015
+ Brian Rak 2017
+ Chirag Shah 2017-2018
+ Chris Caputo 2009-2010
+ Chris Hall 2010
+ Chris Luke 2011
+ Christian Franke 2012-2018
+ Christian Hammers 2011
+ Christoffer Hansen 2018
+ Christoph Dwertmann 2018
+ Colin Petrie 2016
+ Daniel Kozlowski 2012
+ Daniel Ng 2008
+ Daniel Walton 2015-2018
+ Daniil Baturin 2018
+ Dario Wiesner 2018
+ Dave Olson 2016-2017
+ David BÉRARD 2010
+ David Lamparter 2009-2018
+ David Lebrun 2016
+ David Ward 2009-2012
+ David Young 2007
+ Denil Vira 2015
+ Denis Ovsienko 2007-2012
+ Dinesh Dutt 2012-2013
+ Dinesh G. Dutt 2013-2017
+ Dmitrij Tejblum 2009-2011
+ Dmitry Popov 2011
+ Don Slice 2016-2018
+ Donald Sharp 2015-2018
+ Donatas Abraitis 2018
+ Dongling Duan 2018
+ Donnie Savage 2017
+ Doug VanLeuven 2012
+ Dylan Hall 2011
+ Emanuele Di Pascale 2018
+ Eric Pulvino 2017
+ Everton Marques 2012-2014
+ Evgeny Uskov 2016
+ F. Aragon 2018
+ Fatih USTA 2017
+ Feng Lu 2014-2015
+ Fernando Soto 2015
+ Francesco Dolcini 2009
+ Fredi Raspall 2016-2018
+ Fritz Reichmann 2011
+ G. Paul Ziemba 2016-2018
+ Greg Troxel 2003-2007, 2010-2015
+ Hasso Tepper 2003-2007, 2012-2013
+ Hiroshi Yokoi 2015
+ Hongguang Li 2016
+ Hung-Weic Chiu 2017
+ Igor Ryzhov 2016
+ Ilya Shipitsin 2018
+ Ingo Flaschberger 2011
+ Ivan Moskalyov 2010
+ JR Rivers 2012
+ Jafar Al-Gharaibeh 2009, 2015-2018
+ Jarad Olson 2018
+ Jaroslav Fojtik 2011
+ Jeremy Jackson 2008-2009
+ Jingjing Duan 2008-2009
+ Joachim Nilsson 2012-2013
+ Joakim Tjernlund 2008-2014
+ Job Snijders 2016
+ John Berezovik 2016
+ John Glotzer 2014
+ John Kemp 2011
+ Jon Andersson 2009-2011
+ Jorge Boncompte 2012-2013, 2017
+ Josh Bailey 2011-2012
+ Juergen Kammer 2017
+ Julien Courtat 2016
+ Juliusz Chroboczek 2012
+ Kaloyan Kovachev 2015-2017
+ Ken Williams 2014
+ Khiruthigai Balasubramanian 2016
+ Krisztian Kovacs 2009
+ Kunihiro Ishiguro 2018
+ Leonard Tracy 2012
+ Leonid Rosenboim 2012-2013
+ Liu Xiaofeng 2016
+ Lou Berger 2013, 2016-2018
+ Lu Feng 2014-2015
+ Lucian Cristian 2017
+ Maitane Zotes 2014
+ Manuel Schweizer 2017
+ Marcel Röthke 2017-2018
+ Mark Stapp 2018
+ Martin Buck 2018
+ Martin Winter 2015-2018
+ Martín Beauchamp 2017
+ Mathias Krause 2010
+ Mathieu Goessens 2009
+ Matthew Smith 2017
+ Matthias Ferdinand 2011
+ Matthieu Boutier 2012, 2016-2017
+ Matti-Oskari Leppänen 2013
+ Michael Lambert 2008-2010
+ Michael Rossberg 2015
+ Michael Zingg 2012
+ Michal Sekletar 2014
+ Mike Tancsa 2017
+ Milan Kocian 2013-2014
+ Mitesh Kanjariya 2017-2018
+ Mladen Sablic 2017-2018
+ Morgan Stewart 2015
+ Nathan Van Gheem 2018
+ Nick Hilliard 2009-2012
+ Nico Golde 2010
+ Nicolas Dichtel 2015
+ Nigel Kukard 2017
+ Nolan Leake 2012
+ Oleg A. Arkhangelsky 2011
+ Olivier Cochard-Labbé 2014
+ Olivier Dugeon 2014-2018
+ Ondrej Zajicek 2009
+ Pascal Mathis 2018
+ Paul Jakma 2002-2016
+ Paul P Komkoff Jr 2008
+ Pawel Wieczorkiewicz 2016
+ Peter Pentchev 2011
+ Peter Szilagyi 2011
+ Phil Huang 2017
+ Phil Laverdiere 2012
+ Philippe Guibert 2016-2018
+ Piotr Jurkiewicz 2018
+ Pradosh Mohapatra 2013-2014
+ Quentin Young 2016-2018
+ Radhika Mahankali 2015-2017
+ Rafael Zalamena 2017-2018
+ Rakesh Garimella 2013
+ Raymond P. Burkholder 2017
+ Remi Gacogne 2013
+ Renato Westphal 2012, 2016-2018
+ Robert Bays 2010
+ Roderick Schertler 2011
+ Rodny Molina 2018
+ Roman Hoog Antink 2010-2013
+ Ruben Kerkhof 2018
+ Russ White 2017-2018
+ Ryan Hagelstrom 2017
+ Sam Tannous 2016-2017
+ Sarita Patra 2018
+ Sebastian Lohff 2017
+ Sergey Fionov 2018
+ Sergey Y. Afonin 2011
+ Serj Kalichev 2012
+ Sid Khot 2016
+ Silas McCroskey 2017-2018
+ Stephane Litkowski 2017
+ Stephen Hemminger 2008-2014
+ Stephen Worley 2018
+ Steve Hill 2009
+ Stig Thormodsrud 2008
+ Subbaiah Venkata 2012
+ Svata Dedic 2011
+ Sébastien Luttringer 2014
+ Takashi Sogabe 2009
+ Thijs Kinkhorst 2009
+ Thomas Gelf 2018
+ Thomas Petazzoni 2016
+ Thomas Ries 2011
+ Thorvald Natvig 2017
+ Tigran Martirosyan 2018
+ Timo Teräs 2008-2009, 2013-2017
+ Timothy Redaelli 2017
+ Tom Goff 2009-2011
+ Tom Henderson 2009
+ Tomasz Pala 2009
+ Udaya Shankara KS 2016
+ Ulrich Weber 2011-2013
+ Vasilis Tsiligiannis 2009
+ Vincent Bernat 2012, 2017-2018
+ Vincent Jardin 2003-2007, 2014, 2017-2018
+ Vipin Kumar 2014-2015
+ Vishal Dhingra 2018
+ Vishal Kumar 2012
+ Vitaliy Senchyshyn 2013
+ Vivek Venkatraman 2015-2018
+ Vladimir L Ivanov 2010
+ Vyacheslav Trushkin 2011-2012
+ Vystoropskyi, Sergii 2015
+ Wataru Tanitsu 2010
+ Wenjian Ma 2015
+ Will McLendon 2017
+ YAMAMOTO Shigeru 2011
+ Yasuhiro Ohara 2009
+ Zefan Xu 2018
+ dturlupov 2018
+ heasley 2009-2011
+ jaydom 2017
+ jpmondet 2018
+ kssoman 2018
+ lihongguang 2018
+ lyq140 2018
+ pcarana 2018
+ pogojotz 2017
+ tigranmartirosyan 2017
+ tmartiro 2017
+ vize 2007
+ 高鹏 2012
+License: GPL-2+
+
+Files: lib/strl*.c
+License: LGPL-2.1+
+Copyright: Copyright (C) 2016 Free Software Foundation, Inc.
+
+Files: lib/skiplist.*
+License: BSD-0-clause
+Copyright: Copyright 1990 William Pugh
+
+Files: lib/sha256.*
+License: BSD-2-clause
+Copyright: Copyright 2005,2007,2009 Colin Percival
+
+Files: lib/qobj.h lib/monotime.h lib/memory.* lib/hook.* lib/frratomic.h lib/ferr.* lib/compiler.h lib/module.*
+License: ISC
+Copyright: Copyright (c) 2015-18 David Lamparter, for NetDEF, Inc.
+
+Files: nhrpd/nhrp_protocol.h
+License: MIT
+Copyright: Copyright (c) 2007-2012 Timo Teräs <timo.teras@iki.fi>
+
+Files: babeld/*
+License: MIT
+Copyright:
+ Copyright 2011 by Matthieu Boutier and Juliusz Chroboczek
+ Copyright 2007, 2008 by Grégoire Henry, Julien Cristau and Juliusz Chroboczek
+
+Files: babeld/babel_errors.* babeld/babel_memory.*
+License: GPL-2+
+Copyright: Copyright (C) 2017-2018 Donald Sharp, Cumulus Networks, Inc.
+
+Files: ldpd/*
+License: ISC
+Copyright:
+ Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org>
+ Copyright (c) 2003, 2004 Markus Friedl <markus@openbsd.org>
+ Copyright (c) 2004, 2005, 2008 Esben Norby <norby@openbsd.org>
+ Copyright (c) 2004, 2005, 2012 Claudio Jeker <claudio@openbsd.org>
+ Copyright (c) 2009 Michele Marchetto <michele@openbsd.org>
+ Copyright (c) 2012 Alexander Bluhm <bluhm@openbsd.org>
+ Copyright (c) 2013-2016 Renato Westphal <renato@openbsd.org>
+ Copyright (C) 2016 by Open Source Routing.
+
+Files: ldpd/ldp_debug.* ldpd/ldp_vty* ldpd/ldp_zebra.c
+License: GPL-2+
+Copyright:
+ Copyright (C) 2016 by Open Source Routing.
+
+Files: doc/user/*.rst doc/figures/fig*
+Copyright: Copyright (c) 1996-2018 Kunihiro Ishiguro, et al.
+License: FRR-docs
+ Permission is granted to make and distribute verbatim copies of this
+ manual provided the copyright notice and this permission notice are
+ preserved on all copies.
+ .
+ Permission is granted to copy and distribute modified versions of this
+ manual under the conditions for verbatim copying, provided that the
+ entire resulting derived work is distributed under the terms of a
+ permission notice identical to this one.
+ .
+ Permission is granted to copy and distribute translations of this manual
+ into another language, under the above conditions for modified versions,
+ except that this permission notice may be stated in a translation
+ approved by Kunihiro Ishiguro.
+
+Files: lib/freebsd-queue.h lib/openbsd-queue.h lib/md5.*
+License: BSD-3-clause
+Copyright:
+ Copyright (c) 1991, 1993 The Regents of the University of California.
+ Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
+ Copyright (C) 2004 6WIND <Vincent.Jardin@6WIND.com>
+
+Files: lib/openbsd-tree.*
+License: BSD-2-clause
+Copyright:
+ Copyright 2002 Niels Provos <provos@citi.umich.edu>
+ Copyright (c) 2016 David Gwynne <dlg@openbsd.org>
+
+Files: lib/imsg*
+License: ISC
+Copyright:
+ Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org>
+ Copyright (c) 2006, 2007 Pierre-Yves Ritschard <pyr@openbsd.org>
+ Copyright (c) 2006, 2007, 2008 Reyk Floeter <reyk@openbsd.org>
+
+Files: isisd/dict.*
+Copyright: Copyright (C) 1997 Kaz Kylheku <kaz@ashi.footprints.net>
+License: custom-BSD-like
+ All rights are reserved by the author, with the following exceptions:
+ Permission is granted to freely reproduce and distribute this software,
+ possibly in exchange for a fee, provided that this copyright notice appears
+ intact. Permission is also granted to adapt this software to produce
+ derivative works, as long as the modified versions carry this copyright
+ notice and additional notices stating that the work has been modified.
+ This source code may be translated into executable form and incorporated
+ into proprietary software; there is no requirement for such software to
+ contain a copyright notice related to this source.
+
+Files: qpb/qpb.proto fpm/fpm.proto
+License: ISC
+Copyright: Copyright (C) 2016 Sproute Networks, Inc.
+
+Files: doc/extra/frrlexer.py
+License: ISC
+Copyright: Copyright (c) 2017 Vincent Bernat <bernat@luffy.cx>
+
+Files: tests/helpers/python/frrsix.py
+License: MIT
+Copyright: Copyright (c) 2010-2017 Benjamin Peterson
+
+License: GPL-2+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+ .
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+ .
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
+ .
+ On Debian systems, the full text of the GNU General Public
+ License version 2 can be found in the file
+ `/usr/share/common-licenses/GPL-2'.
+
+License: LGPL-2.1+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+ .
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+ .
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, see
+ <http://www.gnu.org/licenses/>.
+ .
+ On Debian systems, the full text of the GNU Lesser General Public
+ License version 2.1 can be found in the file
+ `/usr/share/common-licenses/LGPL-2.1'.
+
+License: BSD-0-clause
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted.
+ .
+ THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS''
+ AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR
+ CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
+ USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ SUCH DAMAGE.
+
+License: BSD-2-clause
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ .
+ THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ SUCH DAMAGE.
+
+License: BSD-3-clause
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 4. Neither the name of the University nor the names of its contributors
+ may be used to endorse or promote products derived from this software
+ without specific prior written permission.
+ .
+ THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+ ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ SUCH DAMAGE.
+
+License: ISC
+ Permission to use, copy, modify, and distribute this software for any
+ purpose with or without fee is hereby granted, provided that the above
+ copyright notice and this permission notice appear in all copies.
+ .
+ THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+License: MIT
+ Permission is hereby granted, free of charge, to any person obtaining a copy
+ of this software and associated documentation files (the "Software"), to deal
+ in the Software without restriction, including without limitation the rights
+ to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ copies of the Software, and to permit persons to whom the Software is
+ furnished to do so, subject to the following conditions:
+ .
+ The above copyright notice and this permission notice shall be included in
+ all copies or substantial portions of the Software.
+ .
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ THE SOFTWARE.
--- /dev/null
+Document: frr
+Title: FRRouting user manual
+Abstract: General user/operator description for the FRRouting suite of
+ routing protocol daemons.
+Section: Network/Communication
+
+Format: HTML
+Index: /usr/share/doc/frr/html/index.html
+Files: /usr/share/doc/frr/html/*
+
+Format: info
+Index: /usr/share/info/frr.info.gz
+Files:
+ /usr/share/info/frr.info.gz
+ /usr/share/info/fig-normal-processing.png
+ /usr/share/info/fig-rs-processing.png
+ /usr/share/info/fig-vnc-commercial-route-reflector.png
+ /usr/share/info/fig-vnc-frr-route-reflector.png
+ /usr/share/info/fig-vnc-gw.png
+ /usr/share/info/fig-vnc-mesh.png
+ /usr/share/info/fig-vnc-redundant-route-reflectors.png
+ /usr/share/info/fig_topologies_full.png
+ /usr/share/info/fig_topologies_rs.png
--- /dev/null
+doc/user/_build/texinfo/frr.info
--- /dev/null
+# html docs include RST sources
+usr/share/doc/frr/html
+
+# info + images referenced by it
+usr/share/info/
+doc/user/_build/texinfo/*.png usr/share/info
+
+# other
+README.md usr/share/doc/frr
+doc/figures/*.png usr/share/doc/frr
--- /dev/null
+# personal name
+spelling-error-in-copyright Ang And
--- /dev/null
+usr/lib/frr/frr-reload.py
--- /dev/null
+# personal name
+spelling-error-in-copyright Ang And
--- /dev/null
+usr/lib/*/frr/modules/bgpd_rpki.so
--- /dev/null
+# module contains no function calls that can be hardened
+frr-rpki-rtrlib binary: hardening-no-fortify-functions *
+
+# personal name
+spelling-error-in-copyright Ang And
--- /dev/null
+usr/lib/*/frr/libfrrsnmp.*
+usr/lib/*/frr/modules/*_snmp.so
--- /dev/null
+# personal name
+spelling-error-in-copyright Ang And
--- /dev/null
+# Create the /run/frr directory at boot or from systemd-tmpfiles on install
+d /run/frr 0755 frr frr
--- /dev/null
+etc/logrotate.d/
+etc/frr/
+etc/iproute2/rt_protos.d/
+usr/share/doc/frr/
+usr/share/doc/frr/examples/
+usr/share/lintian/overrides/
+var/log/frr/
--- /dev/null
+tools/zebra.el
+debian/README.Debian
--- /dev/null
+etc/
+usr/bin/vtysh
+usr/bin/mtracebis
+usr/lib/*/frr/libfrr.*
+usr/lib/*/frr/libfrrospfapiclient.*
+usr/lib/frr/*.sh
+usr/lib/frr/*d
+usr/lib/frr/watchfrr
+usr/lib/frr/zebra
+usr/lib/*/frr/modules/zebra_irdp.so
+usr/lib/*/frr/modules/zebra_fpm.so
+usr/share/doc/frr/examples
+usr/share/man/
+tools/frr-reload usr/lib/frr/
+debian/frr.conf usr/lib/tmpfiles.d
--- /dev/null
+# we're a bit special since we provide network connectivity by starting up
+# routing protocols.
+frr binary: systemd-service-file-refers-to-unusual-wantedby-target lib/systemd/system/frr.service network-online.target
+
+# function names & co.
+frr binary: spelling-error-in-binary usr/lib/*/frr/libfrr.so.0.0.0 writen written
+frr binary: spelling-error-in-binary usr/lib/*/frr/libfrrospfapiclient.so.0.0.0 writen written
+frr binary: spelling-error-in-binary usr/lib/frr/ospfd writen written
+frr binary: spelling-error-in-binary usr/lib/frr/zebra writen written
+frr binary: spelling-error-in-binary usr/lib/frr/pimd writen written
+frr binary: spelling-error-in-binary usr/lib/frr/pimd iif if
+
+# personal name
+spelling-error-in-copyright Ang And
--- /dev/null
+/var/log/frr/*.log {
+ size 500k
+ sharedscripts
+ missingok
+ compress
+ rotate 14
+ create 640 frr frrvty
+
+ postrotate
+ pid=$(lsof -t -a -c /syslog/ /var/log/frr/* 2>/dev/null)
+ if [ -n "$pid" ]
+ then # using syslog
+ kill -HUP $pid
+ fi
+ # in case using file logging; if switching back and forth
+ # between file and syslog, rsyslogd might still have file
+ # open, as well as the daemons, so always signal the daemons.
+ # It's safe, a NOP if (only) syslog is being used.
+ for i in babeld bgpd eigrpd isisd ldpd nhrpd ospf6d ospfd \
+ pimd ripd ripngd zebra staticd ; do
+ if [ -e /var/run/frr/$i.pid ] ; then
+ pids="$pids $(cat /var/run/frr/$i.pid)"
+ fi
+ done
+ [ -n "$pids" ] && kill -USR1 $pids || true
+ endscript
+}
--- /dev/null
+doc/manpages/_build/man/frr.1
+doc/manpages/_build/man/bgpd.8
+doc/manpages/_build/man/pimd.8
+doc/manpages/_build/man/eigrpd.8
+doc/manpages/_build/man/ldpd.8
+doc/manpages/_build/man/nhrpd.8
+doc/manpages/_build/man/ospf6d.8
+doc/manpages/_build/man/ospfd.8
+doc/manpages/_build/man/ripd.8
+doc/manpages/_build/man/ripngd.8
+doc/manpages/_build/man/vtysh.1
+doc/manpages/_build/man/zebra.8
+doc/manpages/_build/man/isisd.8
+doc/manpages/_build/man/watchfrr.8
+doc/manpages/_build/man/mtracebis.8
--- /dev/null
+# Any user may call vtysh but only those belonging to the group frrvty can
+# actually connect to the socket and use the program.
+auth sufficient pam_permit.so
--- /dev/null
+#!/bin/sh
+set -e
+
+# most of this file makes sense to execute regardless of whether this is any
+# of normal "configure" or error-handling "abort-upgrade", "abort-remove" or
+# "abort-deconfigure"
+
+addgroup --system frrvty
+addgroup --system frr
+adduser \
+ --system \
+ --ingroup frr \
+ --home /nonexistent \
+ --gecos "Frr routing suite" \
+ frr
+usermod -a -G frrvty frr
+
+mkdir -p /var/log/frr
+mkdir -p /etc/frr
+
+
+# only change ownership of files when they were previously owned by root or
+# quagga; this is to ensure we don't trample over some custom user setup.
+#
+# if we are on a freshly installed package (or we added new configfiles),
+# the files should be owned by root by default so we should end up with "frr"
+# owned configfiles.
+
+quaggauid=`id -u quagga 2>/dev/null || echo 0`
+quaggagid=`id -g quagga 2>/dev/null || echo 0`
+
+find \
+ /etc/frr \
+ /var/log/frr \
+ \( -uid 0 -o -uid $quaggauid \) -a \
+ \( -gid 0 -o -gid $quaggauid \) | \
+ while read filename; do
+
+ # don't chown anything that has ACLs (but don't fail if we don't
+ # have getfacl)
+ if { getfacl -c "$filename" 2>/dev/null || true; } \
+ | egrep -q -v '^((user|group|other)::|$)'; then
+ :
+ else
+ chown frr: "$filename"
+ chmod o-rwx "$filename"
+ fi
+done
+
+# fix misconfigured vtysh.conf & frr.conf ownership set up by some inofficial
+# ("pre"-Debian) packages
+find /etc/frr -maxdepth 1 \( -name vtysh.conf -o -name frr.conf \) \
+ -group frrvty -exec chgrp frr {} \;
+
+check_old_config() {
+ oldcfg="$1"
+ [ -r "$oldcfg" ] || return 0
+ [ -s "$oldcfg" ] || return 0
+ grep -v '^[[:blank:]]*\(#\|$\)' "$oldcfg" > /dev/null || return 0
+
+ cat >&2 <<EOF
+Note: deprecated $oldcfg is present. This file is still read by
+the FRR service but its contents should be migrated to /etc/frr/daemons.
+EOF
+}
+
+rmsum() {
+ fname="$1"
+ test -f "$1" || return 0
+ fhash="`sha1sum \"$fname\"`"
+ fhash="${fhash%% *}"
+ if test "$fhash" = "$2"; then
+ rm "$fname"
+ fi
+}
+
+case "$1" in
+configure)
+ check_old_config /etc/frr/daemons.conf
+ check_old_config /etc/default/frr
+ if test -f /etc/frr/.pkg.frr.nointegrated; then
+ # remove integrated config setup
+ # (if checksums match, the files match freshly installed
+ # defaults, but the user has split config in place)
+ rmsum /etc/frr/vtysh.conf 5e7e3a488c51751e1ff98f27c9ad6085e1ad9cbb
+ rmsum /etc/frr/frr.conf dac6f2af4fca9919ba40eb338885a5d1773195c8
+ rm /etc/frr/.pkg.frr.nointegrated
+ fi
+ ;;
+esac
+
+#DEBHELPER#
--- /dev/null
+#!/bin/sh
+set -e
+
+rm -f /etc/frr/.pkg.frr.nointegrated
+
+if [ "$1" = "purge" ]; then
+ rm -rf /run/frr || true
+
+ # "purge" does not remove logfiles. therefore we shouldn't delete
+ # the "frr" user/group since that would leave files with "dangling"
+ # ownership.
+fi
+
+#DEBHELPER#
--- /dev/null
+#!/bin/bash
+set -e
+# bash is required since /etc/frr/daemons.conf used a bash array in some
+# previous versions.
+
+case "$1" in
+install|upgrade)
+ (
+ test -f /etc/frr/daemons && . /etc/frr/daemons
+ test -f /etc/frr/daemons.conf && . /etc/frr/daemons.conf
+ test -f /etc/default/frr && . /etc/default/frr
+
+ if [ "$watchfrr_enable" = no -o \
+ "$watchfrr_enable" = "0" ]; then
+ cat >&2 <<EOF
+ERROR: Pre-existing frr configuration file disables watchfrr.
+
+This configuration is deprecated upstream and not supported by the Debian
+FRR package. Refusing to $1 in order to not break running setups.
+Please change your setup to use watchfrr and remove the "watchfrr_enable"
+option from /etc/frr/daemons, /etc/frr/daemons.conf and/or /etc/default/frr.
+EOF
+ exit 1
+ fi
+ )
+ vtysh=''
+ if test -f /etc/frr/vtysh.conf; then
+ if grep -q '^[[:space:]]*service[[:space:]]\+integrated-vtysh-config' /etc/frr/vtysh.conf; then
+ # existing vtysh.conf with integrated statement
+ # - do nothing (=> integrated config)
+ vtysh='i'
+ elif grep -q '^[[:space:]]*no[[:space:]]\+service[[:space:]]\+integrated-vtysh-config' /etc/frr/vtysh.conf; then
+ # explicit non-integrated
+ # => need to fix vtysh.conf & frr.conf in postinst
+ vtysh='ni'
+ if test -f /etc/frr/frr.conf; then
+ cat >&2 <<EOF
+ERROR: Pre-existing /etc/frr/vtysh.conf specifies
+"no service integrated-vtysh-config", but /etc/frr/frr.conf exists. This
+will cause the frr package to malfunction. Please remove /etc/frr/frr.conf
+or remove the "no service integrated-vtysh-config" statement from
+/etc/frr/vtysh.conf.
+EOF
+ exit 1
+ fi
+ else
+ # vtysh.conf exists but has no statement
+ :
+ fi
+ fi
+ if test -f /etc/frr/frr.conf; then
+ # vtysh.conf has no explicit statement but frr.conf exists
+ # => integrated config used
+ vtysh='i'
+ elif test -f /etc/frr/zebra.conf \
+ -o -f /etc/frr/bgpd.conf \
+ -o -f /etc/frr/ospfd.conf \
+ -o -f /etc/frr/ospf6d.conf \
+ -o -f /etc/frr/ripd.conf \
+ -o -f /etc/frr/ripngd.conf \
+ -o -f /etc/frr/isisd.conf \
+ -o -f /etc/frr/pimd.conf \
+ -o -f /etc/frr/ldpd.conf \
+ -o -f /etc/frr/nhrpd.conf \
+ -o -f /etc/frr/eigrpd.conf \
+ -o -f /etc/frr/babeld.conf \
+ -o -f /etc/frr/pbrd.conf \
+ -o -f /etc/frr/bfdd.conf; then
+ # no explicit statement, but some split config file exists
+ # => need to fix vtysh.conf & frr.conf in postinst
+ test -n "$vtysh" || vtysh='ni'
+ else
+ # no config at all - use integrated
+ :
+ fi
+ if test "$vtysh" = "ni"; then
+ touch /etc/frr/.pkg.frr.nointegrated
+ fi
+ ;;
+abort-upgrade)
+ # shouldn't fail an upgrade abort
+ ;;
+esac
+
+#DEBHELPER#
--- /dev/null
+usr/include
+usr/lib/frr/ospfclient
+usr/lib/frr/rfptest
--- /dev/null
+#!/usr/bin/make -f
+
+# standard Debian options & profiles
+
+export DEB_BUILD_MAINT_OPTIONS = hardening=+all
+
+ifneq (,$(filter terse,$(DEB_BUILD_OPTIONS)))
+ MAKE_SILENT="V=0"
+ export DH_VERBOSE=0
+else
+ MAKE_SILENT="V=1"
+ export DH_VERBOSE=1
+ export DH_OPTIONS=-v
+endif
+
+# package-specific build profiles
+
+ifeq ($(filter pkg.frr.nortrlib,$(DEB_BUILD_PROFILES)),)
+ CONF_RPKI=--enable-rpki
+else
+ CONF_RPKI=--disable-rpki
+endif
+
+ifeq ($(filter pkg.frr.nosystemd,$(DEB_BUILD_PROFILES)),)
+ DH_WITH_SYSTEMD=systemd,
+ CONF_SYSTEMD=--enable-systemd=yes
+else
+ DH_WITH_SYSTEMD=
+ CONF_SYSTEMD=--enable-systemd=no
+endif
+
+export PYTHON=python3
+
+%:
+ dh $@ --with=$(DH_WITH_SYSTEMD)autoreconf --parallel
+
+override_dh_auto_configure:
+ $(shell dpkg-buildflags --export=sh); \
+ dh_auto_configure -- \
+ --enable-exampledir=/usr/share/doc/frr/examples/ \
+ --localstatedir=/var/run/frr \
+ --sbindir=/usr/lib/frr \
+ --sysconfdir=/etc/frr \
+ --with-vtysh-pager=/usr/bin/pager \
+ --libdir=/usr/lib/$(DEB_HOST_MULTIARCH)/frr \
+ --with-moduledir=/usr/lib/$(DEB_HOST_MULTIARCH)/frr/modules \
+ LIBTOOLFLAGS="-rpath /usr/lib/$(DEB_HOST_MULTIARCH)/frr" \
+ --disable-dependency-tracking \
+ \
+ $(CONF_SYSTEMD) \
+ $(CONF_RPKI) \
+ --with-libpam \
+ --enable-doc \
+ --enable-doc-html \
+ --enable-snmp \
+ --enable-fpm \
+ --disable-protobuf \
+ --disable-zeromq \
+ --enable-ospfapi \
+ --enable-bgp-vnc \
+ --enable-multipath=256 \
+ \
+ --enable-user=frr \
+ --enable-group=frr \
+ --enable-vty-group=frrvty \
+ --enable-configfile-mask=0640 \
+ --enable-logfile-mask=0640 \
+ # end
+
+override_dh_auto_install:
+ dh_auto_install
+
+ sed -e '1c #!/usr/bin/python3' -i debian/tmp/usr/lib/frr/frr-reload.py
+
+# let dh_systemd_* and dh_installinit do their thing automatically
+ifeq ($(filter pkg.frr.nosystemd,$(DEB_BUILD_PROFILES)),)
+ cp tools/frr.service debian/frr.service
+endif
+ cp tools/frrinit.sh debian/frr.init
+ -rm -f debian/tmp/usr/lib/frr/frr
+
+# install config files
+ mkdir -p debian/tmp/etc
+ cp -r tools/etc/* debian/tmp/etc/
+ -rm debian/tmp/etc/frr/daemons.conf
+
+ sed -e 's#^!log file #!log file /var/log/frr/#' -i debian/tmp/usr/share/doc/frr/examples/*sample*
+
+# drop dev-only files
+ find debian/tmp -name '*.la' -o -name '*.a' -o -name 'lib*.so' | xargs rm -f
+ rm -rf debian/tmp/usr/include
+ -rm debian/tmp/usr/lib/frr/ssd
+
+# use installed js libraries
+ -rm -f debian/tmp/usr/share/doc/frr/html/_static/jquery.js
+ ln -s /usr/share/javascript/jquery/jquery.js debian/tmp/usr/share/doc/frr/html/_static/jquery.js
+ -rm -f debian/tmp/usr/share/doc/frr/html/_static/underscore.js
+ ln -s /usr/share/javascript/underscore/underscore.js debian/tmp/usr/share/doc/frr/html/_static/underscore.js
+
+override_dh_auto_build:
+ dh_auto_build -- $(MAKE_SILENT)
+
+override_dh_installinit:
+ dh_installinit -r
+
+override_dh_installsystemd:
+ dh_installsystemd -r
+
+override_dh_makeshlibs:
+ dh_makeshlibs -n
+
+override_dh_missing:
+ dh_missing --fail-missing
+
+override_dh_auto_clean:
+# we generally do NOT want a full distclean since that wipes both
+# debian/changelog and config.version
+ if test -f Makefile; then make redistclean; fi
+ -rm -f debian/frr.init
+ -rm -f debian/frr.service
--- /dev/null
+# Debian Jessie and Ubuntu 16.04 need dh-systemd
+frr source: ored-build-depends-on-obsolete-package
--- /dev/null
+#!/bin/sh
+set -e
+
+# enable bgpd with SNMP & RPKI modules
+cat >> /etc/frr/daemons <<EOF
+bgpd=yes
+bgpd_options="-A 127.0.0.1 -Msnmp -Mrpki"
+EOF
+
+service frr restart
+
+# check that it actually started
+killall -0 watchfrr
+killall -0 zebra
+killall -0 bgpd
+
+# just for debugging
+vtysh -c 'show modules'
+
+# ... and SNMP & RPKI should be loaded
+vtysh -c 'show modules' | grep -q snmp
+vtysh -c 'show modules' | grep -q rpki
--- /dev/null
+Tests: zebra-lo
+Depends: frr
+Restrictions: needs-root, isolation-container
+
+Tests: bgpd-snmp-rpki
+Depends: frr, frr-snmp, frr-rpki-rtrlib
+Restrictions: needs-root, isolation-container
+
+Tests: py-frr-reload
+Depends: frr, frr-pythontools
+Restrictions: needs-root, isolation-container
--- /dev/null
+#!/bin/sh
+set -e
+
+# should have been started on install, but policy may have inhibited that
+service frr restart
+
+# these should be running by default
+killall -0 watchfrr
+killall -0 zebra
+killall -0 staticd
+
+# configure interactively, save to file
+vtysh -c 'configure terminal' -c 'ip route 198.51.100.0/28 127.0.0.1'
+vtysh -c 'show running-config' | grep -q 'ip route 198.51.100.0/28 127.0.0.1'
+vtysh -c 'write memory'
+
+grep -q 'ip route 198.51.100.0/28 127.0.0.1' /etc/frr/frr.conf
+
+# configure in file, check interactively
+sed -e '/^ip route 198.51.100.0\/28 127.0.0.1/ c ip route 198.51.100.64/28 127.0.0.1' \
+ -i /etc/frr/frr.conf
+
+service frr reload
+
+vtysh -c 'show running-config' | grep -q 'ip route 198.51.100.64/28 127.0.0.1'
+if vtysh -c 'show running-config' | grep -q 'ip route 198.51.100.0/28 127.0.0.1'; then
+ exit 1
+fi
--- /dev/null
+#!/bin/sh
+set -e
+
+# should have been started on install, but policy may have inhibited that
+service frr status >/dev/null || service frr restart
+
+# these should be running by default
+killall -0 watchfrr
+killall -0 zebra
+killall -0 staticd
+
+# check vtysh works at all
+vtysh -c 'show version'
+
+# check zebra is properly talking to the kernel
+vtysh -c 'show interface lo' | grep -q LOOPBACK
--- /dev/null
+version=4
+
+https://github.com/FRRouting/frr/releases/ \
+ download/frr-(?:\d[\d.]*)/frr-(\d[\d.]*)\.tar\.xz debian uupdate
--- /dev/null
+check process watchfrr with pidfile /var/run/frr/watchfrr.pid
+ start program = "/etc/init.d/frr start watchfrr" with timeout 120 seconds
+ stop program = "/etc/init.d/frr stop watchfrr"
+ if 3 restarts within 10 cycles then timeout
+++ /dev/null
-* SAFETY MEASURES:
-==================
-
-Please consider setting this package "on hold" by typing
- echo "frr hold" | dpkg --set-selections
-and verifying this using
- dpkg --get-selections | grep 'hold$'
-
-Setting a package "on hold" means that it will not automatically be upgraded.
-Instead apt-get only displays a warning saying that a new version would be
-available forcing you to explicitly type "apt-get install frr" to upgrade it.
-
-
-* What is frr?
-=================
-
-http://www.frrouting.org/
-FRR is a routing software suite, providing implementations of OSPFv2,
-OSPFv3, RIP v1 and v2, RIPng, ISIS, PIM, BGP and LDP for Unix platforms, particularly
-FreeBSD and Linux and also NetBSD, to mention a few. FRR is a fork of Quagga
-which itself is a fork of Zebra.
-Zebra was developed by Kunihiro Ishiguro.
-
-
-* Why has SNMP support been disabled?
-=====================================
-FRR used to link against the NetSNMP libraries to provide SNMP
-support. Those libraries sadly link against the OpenSSL libraries
-to provide crypto support for SNMPv3 among others.
-OpenSSL now is not compatible with the GNU GENERAL PUBLIC LICENSE (GPL)
-licence that FRR is distributed under. For more explanation read:
- http://www.gnome.org/~markmc/openssl-and-the-gpl.html
- http://www.gnu.org/licenses/gpl-faq.html#GPLIncompatibleLibs
-Updating the licence to explecitly allow linking against OpenSSL
-would requite the affirmation of all people that ever contributed
-a significant part to Zebra / Quagga or FRR and thus are the collective
-"copyright holder". That's too much work. Using a shrinked down
-version of NetSNMP without OpenSSL or convincing the NetSNMP people
-to change to GnuTLS are maybe good solutions but not reachable
-during the last days before the Sarge release :-(
-
- *BUT*
-
-It is allowed by the used licence mix that you fetch the sources and
-build FRR yourself with SNMP with
- <remove the "grep ^smux" block at the end of debian/frr.preinst>
- # export WANT_SNMP=1
- # apt-get -b source frr
-Just distributing it in binary form, linked against OpenSSL, is forbidden.
-
-
-* Daemon selection:
-===================
-
-The Debian package uses /etc/frr/daemons to tell the
-initscript which daemons to start. It's in the format
-<daemon>=<yes|no|priority>
-with no spaces (it's simply source-d into the initscript).
-Default is not to start anything, since it can hose your
-system's routing table if not set up properly.
-
-Priorities were suggested by Dancer <dancer@zeor.simegen.com>.
-They're used to start the FRR daemons in more than one step
-(for example start one or two at network initialization and the
-rest later). The number of FRR daemons being small, priorities
-must be between 1 and 9, inclusive (or the initscript has to be
-changed). /etc/init.d/frr then can be started as
-
-/etc/init.d/frr <start|stop|restart|<priority>>
-
-where priority 0 is the same as 'stop', priority 10 or 'start'
-means 'start all'
-
-
-* Error message "privs_init: initial cap_set_proc failed":
-==========================================================
-
-This error message means that "capability support" has to be built
-into the kernel.
-
-
-* Error message "netlink-listen: overrun: No buffer space available":
-=====================================================================
-
-If this message occurs the receive buffer should be increased by adding the
-following to /etc/sysctl.conf and "--nl-bufsize" to /etc/frr/daemons.
-> net.core.rmem_default = 262144
-> net.core.rmem_max = 262144
-See message #4525 from 2005-05-09 in the quagga-users mailing list.
-
-
-* vtysh immediately exists:
-===========================
-
-Check /etc/pam.d/frr, it probably denies access to your user. The passwords
-configured in /etc/frr/frr.conf are only for telnet access.
-
+++ /dev/null
-#
-# To check if the patches still apply on new upstream versions:
-#
-for i in debian/patches/*.diff; do echo -e "#\n# $i\n#"; patch --fuzz=3 --dry-run -p1 < $i; done
-
-#
-# Filename transition from zebra to frr
-#
-
-Files that keep their names
- /usr/bin/vtysh
-
-Files that got an -pj suffix
- /etc/default/zebra -> /etc/frr/daemons.conf
- /etc/init.d/zebra -> /etc/init.d/frr
- /etc/zebra/ -> /etc/frr/
- /usr/share/doc/zebra/ -> /usr/share/doc/frr/
- /var/log/zebra/ -> /var/log/frr/
- /var/run/ -> /var/run/frr/
-
-Files that were moved
- /usr/sbin/* -> /usr/lib/frr/
+++ /dev/null
-*/*.dirhash
-*/debian/changelog
+++ /dev/null
-This directory contains the debian directories for backports to other debian
-platforms. These are built via the `3.0 (custom)' source format, which
-allows one to build a source package directly out of tarballs (e.g. an
-orig.tar.gz tarball and a debian.tar.gz file), at which point the format can
-be changed to a real format (e.g. `3.0 (quilt)').
-
-Source packages are assembled via targets of the same name as the system to
-which the backport is done (e.g. `precise'), included in debian/rules.
-
-To create a new debian backport:
-
-* Add its name to `KNOWN_BACKPORTS', defined in debian/rules.
-* Create a directory of the same name in debian/backports.
-* Add the files `exclude', `versionext', and `debian/source/format' under
- this directory:
- * `exclude' contains whitespace-separated paths (relative to the root of
- the source dir) that should be excluded from the source package (e.g.
- debian/patches).
- * `versionext' contains the suffix added to the version number for this
- backport's build. Distributions often have guidelines for what this
- should be. If left empty, no new debian/changelog entry is created.
- * `debian/source/format' should contain the source format of the resulting
- source package. As of of the writing of this document the only supported
- format is `3.0 (quilt)'.
-* Add appropriate files under the `debian/' subdirectory. These will be
- included in the source package, overriding any top-level `debian/' files
- with equivalent paths.
-
+++ /dev/null
-3.0 (quilt)
+++ /dev/null
--1~debian8+1
+++ /dev/null
-3.0 (quilt)
+++ /dev/null
--1~debian9+1
+++ /dev/null
-.PHONY: backports $(KNOWN_BACKPORTS)
-
-# error out if these files are missing
-required_files = $(foreach backport,$(KNOWN_BACKPORTS), \
- $(addprefix debian/backports/$(backport)/, \
- debian/source/format \
- versionext \
- exclude))
-$(if $(filter-out $(wildcard $(required_files)),$(required_files)), \
- $(error missing required backports files: \
- $(filter-out $(wildcard $(required_files)),$(required_files)). \
- see debian/backports/README) \
-)
-
-TARBALLDIR ?= $(shell dh_testdir debian/changelog && realpath .)
-
-define backports-targets
-# if this file is empty, no automatic changelog entry is created
-VERSIONEXT_$(1) ?= $(strip \
- $(shell cat $(wildcard debian/backports/$(1)/versionext)))
-DEBIAN_VERSION_$(1) = $(DEBIAN_VERSION)$$(VERSIONEXT_$(1))
-BACKPORTDIR_$(1) = $(realpath debian/backports/$(1))
-
-# as of right now, must be '3.0 (quilt)'
-SOURCEFORMAT_$(1) ?= $(strip \
- $(shell cat debian/backports/$(1)/debian/source/format))
-
-# files checked for the dirhash (see below)
-FINDCMD_$(1) = find -L debian/backports/$(1)/debian \
- -type f \
- ! -path debian/backports/$(1)/debian/changelog
-
-# files *not* pulled from the root debian directory into the backport tarball:
-# debian/changelog (copied and edited for backport version entry)
-# debian/backports itself (relevant contents are copied out separately)
-# anything provided in the current backports debian dir
-# anything specified in the 'exclude' file in the current backports debian dir
-EXCLUDEROOT_$(1) = debian/changelog debian/backports \
- $$(subst debian/backports/$(1)/,,$$(shell $$(FINDCMD_$(1)))) \
- $$(shell cat debian/backports/$(1)/exclude)
-
-EXCLUDEROOT_TAR_$(1) = $$(foreach file,$$(EXCLUDEROOT_$(1)),--exclude $$(file))
-EXCLUDEROOT_FIND_$(1) = $$(foreach file,$$(EXCLUDEROOT_$(1)),-o -path $$(file))
-
-# find command resulting in all files that *will* be pulled into the backport
-# tarball.
-FINDCMDROOT_$(1) = find -L debian/ \
- '(' -false $$(EXCLUDEROOT_FIND_$(1)) ')' -prune -o \
- -type f -a '!' '(' -false $$(EXCLUDEROOT_FIND_$(1)) ')'
-
-# usually using `find' output for dependencies has the downfall of not tracking
-# file removal. Work around that by introducing a dependency on a file whose
-# name contains the hash of `find' output, so that the name will change when a
-# file is deleted.
-DIRHASH_$(1) = \
- $$(shell $$(FINDCMD_$(1)) | sha1sum | sed -r 's/^(......).*/\1/')
-DIRHASHROOT_$(1) = \
- $$(shell $$(FINDCMDROOT_$(1)) | sha1sum | sed -r 's/^(......).*/\1/')
-
-CONTROL_$(1) = $$(strip \
- $$(if $$(wildcard $$(BACKPORTDIR_$(1))/debian/control), \
- $$(BACKPORTDIR_$(1))/debian/control, \
- $(realpath debian/control) \
- ))
-
-# TARGETS:
-
-$(1): $(TARBALLDIR)/$(SRCPKG)_$$(DEBIAN_VERSION_$(1)).dsc ;
-
-# we use 3.0 (custom) to build a source package directly from tarballs,
-# bypassing the usual checks (which wouldn't like our combination-of-
-# directories approach)
-$(TARBALLDIR)/$(SRCPKG)_$$(DEBIAN_VERSION_$(1)).dsc:
- dpkg-source -l$$(BACKPORTDIR_$(1))/debian/changelog \
- -c$$(CONTROL_$(1)) \
- --format='3.0 (custom)' \
- --target-format='$$(SOURCEFORMAT_$(1))' \
- -b . $$^
- mv $(TARBALLDIR)/../$$(notdir $$@) $$@
-
-ifeq ($$(SOURCEFORMAT_$(1)),3.0 (quilt))
-# this target depends on the orig.tar.gz file, for which there is no target in
-# this makefile. It is assumed to either already exist or be built by a target
-# provided elsewhere in debian/rules (e.g. via pristine-tar)
-$$(if $$(findstring $(ORIG_VERSION),$$(DEBIAN_VERSION_$(1))), \
- $$(info downstream version matches upstream version (good)), \
- $$(error quilt format expects downstream version \
- ($$(DEBIAN_VERSION_$(1))) to contain upstream version \
- ($(ORIG_VERSION)). Make a new debian/changelog entry \
- to reflect the new upstream release) \
-)
-
-$(TARBALLDIR)/$(SRCPKG)_$$(DEBIAN_VERSION_$(1)).dsc: \
- $(TARBALLDIR)/$(SRCPKG)_$(ORIG_VERSION).orig.tar.gz \
- $(TARBALLDIR)/$(SRCPKG)_$$(DEBIAN_VERSION_$(1)).debian.tar.xz
-else
-$$(error unsupported source format for $(1) backport: $$(SOURCEFORMAT_$(1)))
-endif #SOURCEFORMAT_$(1)
-
-# for 3.0 (quilt)
-$(TARBALLDIR)/$(SRCPKG)_$$(DEBIAN_VERSION_$(1)).debian.tar.xz: \
- $$(BACKPORTDIR_$(1))/debian/changelog \
- $$(shell $$(FINDCMD_$(1))) \
- $$(BACKPORTDIR_$(1))/$$(DIRHASH_$(1)).backport.dirhash \
- $$(shell $$(FINDCMDROOT_$(1))) \
- $$(BACKPORTDIR_$(1))/$$(DIRHASHROOT_$(1)).root.dirhash \
- $$(BACKPORTDIR_$(1))/exclude
- rm -f $$(subst .tar.xz,.tar,$$@) $$@
- tar -chf $$(subst .tar.xz,.tar,$$@) \
- --exclude-vcs $$(EXCLUDEROOT_TAR_$(1)) debian/
- cd debian/backports/$(1) && tar -uhf $$(subst .tar.xz,.tar,$$@) \
- --exclude-vcs debian/
- xz $$(subst .tar.xz,.tar,$$@)
-
-$$(BACKPORTDIR_$(1))/debian/changelog: \
- debian/changelog \
- debian/backports/$(1)/versionext
- rm -f debian/backports/$(1)/debian/changelog
- cp $$< $$@
- $(if $$(VERSIONEXT_$(1)), \
- dch -c $$@ -v '$$(DEBIAN_VERSION_$(1))' -b \
- 'backport to $(1) systems', \
- )
-
-$$(BACKPORTDIR_$(1))/$$(DIRHASH_$(1)).backport.dirhash:
- rm -f debian/backports/$(1)/*.backport.dirhash
- touch $$@
-
-$$(BACKPORTDIR_$(1))/$$(DIRHASHROOT_$(1)).root.dirhash:
- rm -f debian/backports/$(1)/*.root.dirhash
- touch $$@
-
-endef # backports-targets
-$(foreach backport,$(KNOWN_BACKPORTS),$(eval \
- $(call backports-targets,$(backport))))
-
-backports: $(KNOWN_BACKPORTS)
+++ /dev/null
-Source: frr
-Section: net
-Priority: optional
-Maintainer: Nobody <nobody@frrouting.org>
-Uploaders: Nobody <nobody@frrouting.org>
-XSBC-Original-Maintainer: <maintainers@frrouting.org>
-Build-Depends: debhelper (>= 7.0.50~), libncurses5-dev, libreadline-dev, texlive-latex-base, texlive-generic-recommended, libpam0g-dev | libpam-dev, libcap-dev, texinfo (>= 4.7), imagemagick, ghostscript, groff, autotools-dev, libpcre3-dev, gawk, chrpath, libsnmp-dev, git, dh-autoreconf, libjson-c-dev, libjson-c2, pkg-config, python (>= 2.7), python-ipaddr
-Standards-Version: 3.9.6
-Homepage: http://www.frrouting.org/
-XS-Testsuite: autopkgtest
-
-Package: frr
-Architecture: any
-Depends: ${shlibs:Depends}, logrotate (>= 3.2-11), ${misc:Depends}
-Pre-Depends: adduser
-Conflicts: zebra, zebra-pj, quagga
-Replaces: zebra, zebra-pj
-Suggests: snmpd
-Description: BGP/OSPF/RIP/RIPng/ISIS/PIM/LDP routing daemon forked from Quagga
- FRR is free software which manages TCP/IP based routing protocols.
- It supports BGP4, BGP4+, OSPFv2, OSPFv3, IS-IS, RIPv1, RIPv2, RIPng,
- PIM and LDP as well as the IPv6 versions of these.
- .
- FRR is a fork of Quagga with an open community model. The main git
- lives on https://github.com/frrouting/frr.git
-
-Package: frr-dbg
-Architecture: any
-Depends: ${shlibs:Depends}, ${misc:Depends}, frr (= ${binary:Version})
-Priority: extra
-Section: debug
-Description: BGP/OSPF/RIP/RIPng/ISIS/PIM/LDP routing daemon (debug symbols)
- This package provides debugging symbols for all binary packages built
- from frr source package. It's highly recommended to have this package
- installed before reporting any FRR crashes to either FRR developers or
- Debian package maintainers.
-
-Package: frr-doc
-Section: net
-Architecture: all
-Depends: ${misc:Depends}
-Suggests: frr
-Description: BGP/OSPF/RIP/RIPng/ISIS/PIM/LDP routing daemon (documentation)
- This package includes info files for frr, a free software which manages
- TCP/IP based routing protocols. It supports BGP4, BGP4+, OSPFv2, OSPFv3,
- IS-IS, RIPv1, RIPv2, RIPng, PIM and LDP as well as the IPv6 versions of these.
-
-Package: frr-pythontools
-Section: net
-Architecture: all
-Depends: ${misc:Depends}, frr (= ${binary:Version}), python (>= 2.7), python-ipaddr
-Description: BGP/OSPF/RIP/RIPng/ISIS/PIM/LDP routing daemon (Python Tools)
- This package includes info files for frr, a free software which manages
- TCP/IP based routing protocols. It supports BGP4, BGP4+, OSPFv2, OSPFv3,
- IS-IS, RIPv1, RIPv2, RIPng, PIM and LDP as well as the IPv6 versions of these.
-
+++ /dev/null
-etc/frr/
-usr/bin/vtysh
-usr/bin/mtracebis
-usr/include/frr/
-usr/lib/
-usr/share/doc/frr/
-usr/share/snmp/mibs/
-tools/etc/* etc/
-tools/*.service lib/systemd/system
-debian/frr.conf usr/lib/tmpfiles.d
+++ /dev/null
-#!/usr/bin/make -f
-
-# FRRouting Configuration options
-######################################
-#
-# WANT_xxxx --> Set to 1 for enable, 0 for disable
-# The following are the defaults. They can be overridden by setting a
-# env variable to a different value
-
-WANT_LDP ?= 1
-WANT_PIM ?= 1
-WANT_OSPFAPI ?= 1
-WANT_BGP_VNC ?= 1
-WANT_CUMULUS_MODE ?= 0
-WANT_MULTIPATH ?= 1
-WANT_SNMP ?= 0
-WANT_RPKI ?= 0
-WANT_BFD ?= 1
-
-# NOTES:
-#
-# If you use WANT_RPKI, then there is a new dependency for librtr0 package
-# and a build dependency of the librtr-dev package.
-# While the librtr0 is added to the depenencies automatically, the build
-# dependency can't be changed dynamically and building will fail if the
-# librtr-dev isn't installed during package build
-# Tested versions of both packages can be found at
-# https://ci1.netdef.org/browse/RPKI-RTRLIB/latestSuccessful/artifact
-#
-# If multipath is enabled (WANT_MULTIPATH=1), then set number of multipaths here
-# Please be aware that 0 is NOT disabled, but treated as unlimited
-
-MULTIPATH ?= 256
-
-# Set the following to the value required (or leave alone for the default below)
-# WANT_FRR_USER is used for the username and groupname of the FRR user account
-
-WANT_FRR_USER ?= frr
-WANT_FRR_VTY_GROUP ?= frrvty
-
-# Don't build PDF docs by default
-GENERATE_PDF ?= 0
-
-#
-####################################
-
-export DH_VERBOSE=1
-export DEB_BUILD_MAINT_OPTIONS = hardening=+all
-export DH_OPTIONS=-v
-
-ifeq ($(WANT_SNMP), 1)
- USE_SNMP=--enable-snmp
- $(warning "DEBIAN: SNMP enabled, sorry for your inconvenience")
-else
- USE_SNMP=--disable-snmp
- $(warning "DEBIAN: SNMP disabled, see README.Debian")
-endif
-
-ifeq ($(WANT_LDP), 1)
- USE_LDP=--enable-ldpd
-else
- USE_LDP=--disable-ldpd
-endif
-
-ifeq ($(WANT_PIM), 1)
- USE_PIM=--enable-pimd
-else
- USE_PIM=--disable-pimd
-endif
-
-ifeq ($(WANT_OSPFAPI), 1)
- USE_OSPFAPI=--enable-ospfapi=yes
-else
- USE_OSPFAPI=--enable-ospfapi=no
-endif
-
-ifeq ($(WANT_BGP_VNC), 1)
- USE_BGP_VNC=--enable-bgp-vnc=yes
-else
- USE_BGP_VNC=--enable-bgp-vnc=no
-endif
-
-USE_FRR_USER=--enable-user=$(WANT_FRR_USER)
-USE_FRR_GROUP=--enable-group=$(WANT_FRR_USER)
-USE_FRR_VTY_GROUP=--enable-vty-group=$(WANT_FRR_VTY_GROUP)
-
-ifeq ($(WANT_MULTIPATH), 1)
- USE_MULTIPATH=--enable-multipath=$(MULTIPATH)
-else
- USE_MULTIPATH=--disable-multipath
-endif
-
-ifeq ($(WANT_CUMULUS_MODE), 1)
- USE_CUMULUS=--enable-cumulus=yes
-else
- USE_CUMULUS=--enable-cumulus=no
-endif
-
-ifeq ($(WANT_RPKI), 1)
- USE_RPKI=--enable-rpki
-else
- USE_RPKI=--disable-rpki
-endif
-
-ifeq ($(WANT_BFD), 1)
- USE_BFD=--enable-bfdd
-else
- USE_BFD=--disable-bfdd
-endif
-
-ifneq (,$(filter parallel=%,$(DEB_BUILD_OPTIONS)))
- DEBIAN_JOBS := $(subst parallel=,,$(filter parallel=%,$(DEB_BUILD_OPTIONS)))
-endif
-
-ifdef DEBIAN_JOBS
-MAKEFLAGS += -j$(DEBIAN_JOBS)
-endif
-
-%:
- dh $@ --with=autoreconf --parallel --dbg-package=frr-dbg --list-missing
-
-override_dh_gencontrol:
-ifeq ($(WANT_RPKI), 1)
- dh_gencontrol -- -Vdist:Depends="librtr0 (>= 0.5)"
-else
- dh_gencontrol
-endif
-
-override_dh_auto_configure:
- # Frr needs /proc to check some BSD vs Linux specific stuff.
- # Else it fails with an obscure error message pointing out that
- # IPCTL_FORWARDING is an undefined symbol which is not very helpful.
- @if ! [ -d /proc/1 ]; then \
- echo "./configure needs a mounted /proc"; \
- exit 1; \
- fi
-
- if ! [ -e config.status ]; then \
- dh_auto_configure -- \
- --enable-exampledir=/usr/share/doc/frr/examples/ \
- --localstatedir=/var/run/frr \
- --sbindir=/usr/lib/frr \
- --sysconfdir=/etc/frr \
- $(USE_SNMP) \
- $(USE_OSPFAPI) \
- $(USE_MULTIPATH) \
- $(USE_LDP) \
- --enable-fpm \
- $(USE_FRR_USER) $(USE_FRR_GROUP) \
- $(USE_FRR_VTY_GROUP) \
- --enable-configfile-mask=0640 \
- --enable-logfile-mask=0640 \
- --with-libpam \
- --enable-systemd=no \
- --enable-poll=yes \
- $(USE_CUMULUS) \
- $(USE_PIM) \
- --enable-dependency-tracking \
- $(USE_BGP_VNC) \
- $(USE_RPKI) \
- $(USE_BFD) \
- $(shell dpkg-buildflags --export=configure); \
- fi
-
-override_dh_auto_build:
- #dh_auto_build
- $(MAKE)
-
- # doc/ is a bit crazy
-ifeq ($(GENERATE_PDF), 1)
- dh_auto_build -- -C doc pdf
-endif
- rm -vf doc/_build/texinfo/frr.info
- dh_auto_build -- -C doc info
-
-override_dh_auto_test:
-
-override_dh_auto_install:
- dh_auto_install
-
- cp tools/frrinit.sh debian/frr.init
-
- # installed in frr-pythontools
- rm debian/tmp/usr/lib/frr/frr-reload.py
-
- # cleaning up the info dir
- rm -f debian/tmp/usr/share/info/dir*
-
- # install config files
- mkdir -p debian/tmp/etc/frr/
- perl -pi -e 's#^!log file #!log file /var/log/frr/#' debian/tmp/usr/share/doc/frr/examples/*sample*
-
- # leftover from previously shipping SMUX client OID MIB
- mkdir -p debian/tmp/usr/share/snmp/mibs/
-
- # cleaning .la files
- sed -i "/dependency_libs/ s/'.*'/''/" debian/tmp/usr/lib/*.la
- sed -i "/dependency_libs/ s/'.*'/''/" debian/tmp/usr/lib/frr/modules/*.la
-
-override_dh_systemd_start:
- dh_systemd_start frr.service
-
-override_dh_systemd_enable:
- dh_systemd_enable frr.service
-
+++ /dev/null
-3.0 (quilt)
+++ /dev/null
--1~ubuntu14.04+1
+++ /dev/null
-3.0 (quilt)
+++ /dev/null
--1~ubuntu16.04+1
+++ /dev/null
-Source: frr
-Section: net
-Priority: optional
-Maintainer: Nobody <nobody@frrouting.org>
-Uploaders: Nobody <nobody@frrouting.org>
-XSBC-Original-Maintainer: <maintainers@frrouting.org>
-Build-Depends: debhelper (>= 7.0.50~), libncurses5-dev, libreadline-dev, texlive-latex-base, texlive-generic-recommended, libpam0g-dev | libpam-dev, libcap-dev, texinfo (>= 4.7), imagemagick, ghostscript, groff, autotools-dev, libpcre3-dev, gawk, chrpath, libsnmp-dev, git, dh-autoreconf, libjson-c-dev, libjson-c2 | libjson-c3, dh-systemd, libsystemd-dev, bison, flex, libc-ares-dev, pkg-config, python (>= 2.7), python-ipaddress, libpython-dev
-Standards-Version: 3.9.6
-Homepage: http://www.frrouting.org/
-
-Package: frr
-Architecture: any
-Depends: ${shlibs:Depends}, logrotate (>= 3.2-11), iproute2 | iproute, ${misc:Depends}, libc-ares2
-Pre-Depends: adduser
-Conflicts: zebra, zebra-pj, quagga
-Replaces: zebra, zebra-pj
-Suggests: snmpd
-Description: BGP/OSPF/RIP/RIPng/ISIS/PIM/LDP routing daemon forked from Quagga
- FRR is free software which manages TCP/IP based routing protocols.
- It supports BGP4, BGP4+, OSPFv2, OSPFv3, IS-IS, RIPv1, RIPv2, RIPng,
- PIM and LDP as well as the IPv6 versions of these.
- .
- FRR is a fork of Quagga with an open community model. The main git
- lives on https://github.com/frrouting/frr.git
-
-Package: frr-dbg
-Architecture: any
-Depends: ${shlibs:Depends}, ${misc:Depends}, frr (= ${binary:Version})
-Priority: optional
-Section: debug
-Description: BGP/OSPF/RIP/RIPng/ISIS/PIM/LDP routing daemon (debug symbols)
- This package provides debugging symbols for all binary packages built
- from frr source package. It's highly recommended to have this package
- installed before reporting any FRR crashes to either FRR developers or
- Debian package maintainers.
-
-Package: frr-doc
-Section: net
-Architecture: all
-Depends: ${misc:Depends}
-Suggests: frr
-Description: BGP/OSPF/RIP/RIPng/ISIS/PIM/LDP routing daemon (documentation)
- This package includes info files for frr, a free software which manages
- TCP/IP based routing protocols. It supports BGP4, BGP4+, OSPFv2, OSPFv3,
- IS-IS, RIPv1, RIPv2, RIPng, PIM and LDP as well as the IPv6 versions of these.
-
-Package: frr-pythontools
-Section: net
-Architecture: all
-Depends: ${misc:Depends}, frr (= ${binary:Version}), python (>= 2.7), python-ipaddress
-Description: BGP/OSPF/RIP/RIPng/ISIS/PIM/LDP routing daemon (Python Tools)
- This package includes info files for frr, a free software which manages
- TCP/IP based routing protocols. It supports BGP4, BGP4+, OSPFv2, OSPFv3,
- IS-IS, RIPv1, RIPv2, RIPng, PIM and LDP as well as the IPv6 versions of these.
+++ /dev/null
-3.0 (quilt)
+++ /dev/null
--1~ubuntu17.10+1
+++ /dev/null
-Source: frr
-Section: net
-Priority: optional
-Maintainer: Nobody <nobody@frrouting.org>
-Uploaders: Nobody <nobody@frrouting.org>
-XSBC-Original-Maintainer: <maintainers@frrouting.org>
-Build-Depends: debhelper (>= 7.0.50~), libncurses5-dev, libreadline-dev, texlive-latex-base, texlive-generic-recommended, libpam0g-dev | libpam-dev, libcap-dev, texinfo (>= 4.7), imagemagick, ghostscript, groff, autotools-dev, libpcre3-dev, gawk, chrpath, libsnmp-dev, git, dh-autoreconf, libjson-c-dev, libjson-c2 | libjson-c3, dh-systemd, libsystemd-dev, bison, flex, libc-ares-dev, pkg-config, python (>= 2.7), python-ipaddress, python-sphinx, libpython-dev
-Standards-Version: 3.9.6
-Homepage: http://www.frrouting.org/
-
-Package: frr
-Architecture: any
-Depends: ${shlibs:Depends}, logrotate (>= 3.2-11), iproute2 | iproute, ${misc:Depends}, libc-ares2
-Pre-Depends: adduser
-Conflicts: zebra, zebra-pj, quagga
-Replaces: zebra, zebra-pj
-Suggests: snmpd
-Description: BGP/OSPF/RIP/RIPng/ISIS/PIM/LDP routing daemon forked from Quagga
- FRR is free software which manages TCP/IP based routing protocols.
- It supports BGP4, BGP4+, OSPFv2, OSPFv3, IS-IS, RIPv1, RIPv2, RIPng,
- PIM and LDP as well as the IPv6 versions of these.
- .
- FRR is a fork of Quagga with an open community model. The main git
- lives on https://github.com/frrouting/frr.git
-
-Package: frr-dbg
-Architecture: any
-Depends: ${shlibs:Depends}, ${misc:Depends}, frr (= ${binary:Version})
-Priority: optional
-Section: debug
-Description: BGP/OSPF/RIP/RIPng/ISIS/PIM/LDP routing daemon (debug symbols)
- This package provides debugging symbols for all binary packages built
- from frr source package. It's highly recommended to have this package
- installed before reporting any FRR crashes to either FRR developers or
- Debian package maintainers.
-
-Package: frr-doc
-Section: net
-Architecture: all
-Depends: ${misc:Depends}
-Suggests: frr
-Description: BGP/OSPF/RIP/RIPng/ISIS/PIM/LDP routing daemon (documentation)
- This package includes info files for frr, a free software which manages
- TCP/IP based routing protocols. It supports BGP4, BGP4+, OSPFv2, OSPFv3,
- IS-IS, RIPv1, RIPv2, RIPng, PIM and LDP as well as the IPv6 versions of these.
-
-Package: frr-pythontools
-Section: net
-Architecture: all
-Depends: ${misc:Depends}, frr (= ${binary:Version}), python (>= 2.7), python-ipaddress
-Description: BGP/OSPF/RIP/RIPng/ISIS/PIM/LDP routing daemon (Python Tools)
- This package includes info files for frr, a free software which manages
- TCP/IP based routing protocols. It supports BGP4, BGP4+, OSPFv2, OSPFv3,
- IS-IS, RIPv1, RIPv2, RIPng, PIM and LDP as well as the IPv6 versions of these.
+++ /dev/null
-3.0 (quilt)
+++ /dev/null
--1~ubuntu18.04+1
+++ /dev/null
-frr (@VERSION@) RELEASED; urgency=medium
-
- * Staticd: New daemon responsible for management of static routes
- * ISISd: Implement dst-src routing as per draft-ietf-isis-ipv6-dst-src-routing
- * BFDd: new daemon for BFD (Bidrectional Forwarding Detection). Responsible
- for notifying link changes to make routing protocols converge faster.
- * various bug fixes
-
- -- FRRouting-Dev <dev@lists.frrouting.org> Sun, 7 Oct 2018 08:10:00 -0700
-
-frr (5.0.1-0) RELEASED; urgency=medium
-
- * Support Automake 1.16.1
- * BGPd: Support for flowspec ICMP, DSCP, packet length, fragment and tcp flags
- * BGPd: fix rpki validation for ipv6
- * VRF: Workaround for kernel bug on Linux 4.14 and newer
- * Zebra: Fix interface based routes from zebra not marked up
- * Zebra: Fix large zebra memory usage when redistribute between protocols
- * Zebra: Allow route-maps to match on source instance
- * BGPd: Backport peer-attr overrides, peer-level enforce-first-as and filtered-routes fix
- * BGPd: fix for crash during display of filtered-routes
- * BGPd: Actually display labeled unicast routes received
- * Label Manager: Fix to work correctly behind a label manager proxy
- * Debian Pkg: Fix build dependency for install-info
-
- -- FRRouting-Dev <dev@lists.frrouting.org> Thu, 5 Jul 2018 00:38:00 -0700
-
-frr (5.0-0) RELEASED; urgency=medium
-
- * PIM: Add a Multicast Trace Command draft-ietf-idmr-traceroute-ipm-05
- * IS-IS: Implement Three-Way Handshake as per RFC5303
- * BGPD: Implement VPN-VRF route leaking per RFC4364.
- * BGPD: Implement VRF with NETNS backend
- * BGPD: Flowspec
- * PBRD: Add a new Policy Based Routing Daemon
-
- -- FRRouting-Dev <dev@lists.frrouting.org> Thu, 7 Jun 2018 17:47:00 -0700
-
-frr (4.0-0) RELEASED; urgency=medium
-
- * ISIS-MT - https://tools.ietf.org/html/rfc5120
- * BGP - RPKI (RFC 6810)
- * BGP - v4 labeled unicast as per RFC 3107
- * BGP/Zebra - Type 2 and 3 EVPN with symmetric and asymmetric routing
- * EIGRP - https://tools.ietf.org/html/rfc7868
- * FRR - Tab completion for iface names, prefix-lists, route-maps, BGP peers
- * BABEL - https://tools.ietf.org/html/rfc6126
- * PIM VRF - Added the ability to work with VRF’s to PIM
- * OSPFv2 VRF - Added the ability to work with VRF’s to OSPFv2
- * OSPFv2 Experimental SR - draft-ietf-ospf-segment-routing-extensions-24
- * ZEBRA - Add ability to create a static route that leaks across VRF’s.
-
- -- FRRouting-Dev <dev@lists.frrouting.org> Sun, 11 Mar 2018 17:22:20 -0700
-
-frr (3.0.3-1) RELEASED; urgency=medium
-
- * New Enabled: PIM draft Unnumbered
-
- -- FRRouting-Dev <dev@lists.frrouting.org> Wed, 18 Oct 2017 17:01:42 -0700
-
-frr (3.0-1) RELEASED; urgency=medium
-
- * Added Debian 9 Backport
-
- -- FRRouting-Dev <dev@lists.frrouting.org> Mon, 16 Oct 2017 03:28:00 -0700
-
-frr (3.0-0) RELEASED; urgency=medium
-
- * New Enabled: BGP Shutdown Message
- * New Enabled: BGP Large Community
- * New Enabled: BGP RFC 7432 Partial Support w/ Ethernet VPN
- * New Enabled: BGP EVPN RT-5
- * New Enabled: LDP RFC 5561
- * New Enabled: LDP RFC 5918
- * New Enabled: LDP RFC 5919
- * New Enabled: LDP RFC 6667
- * New Enabled: LDP RFC 7473
- * New Enabled: OSPF RFC 4552
- * New Enabled: ISIS SPF Backoff draft
- * New Enabled: PIM Unnumbered Interfaces
- * New Enabled: PIM RFC 4611
- * New Enabled: PIM Sparse Mode
- * New Enabled: NHRP RFC 2332
- * New Enabled: Label Manager
- * Switched from hardening-wrapper to dpkg-buildflags.
-
- -- FRRouting-Dev <dev@lists.frrouting.org> Fri, 13 Oct 2017 16:17:26 -0700
-
-frr (2.0-0) RELEASED; urgency=medium
-
- * Switchover to FRR
-
- -- FRRouting-Dev <dev@lists.frrouting.org> Mon, 23 Jan 2017 16:30:22 -0400
-
-quagga (0.99.24+cl3u5) RELEASED; urgency=medium
-
- * Closes: CM-12846 - Resolve Memory leaks in 'show ip bgp neighbor json'
- * Closes: CM-5878 - Display all ospf peers with 'show ip ospf neighbor detail all'
- * Closes: CM-5794 - Add support for IPv6 static to null0
- * Closes: CM-13060 - Reduce JSON memory usage.
- * Closes: CM-10394 - protect 'could not get instance' error messages with debug
- * Closes: CM-11173 - Move netlink error messages undeer a debug
- * Closes: CM-13328 - Fixes route missing in hardware after reboot
-
- -- dev-support <dev-support@cumulusnetworks.com> Fri, 11 Nov 2016 22:13:29 -0400
-
-quagga (0.99.24+cl3u4) RELEASED; urgency=medium
-
- * Closes: CM-12687 - Buffer overflow in zebra RA code
-
- -- dev-support <dev-support@cumulusnetworks.com> Wed, 31 Aug 2016 12:36:10 -0400
-
-quagga (0.99.24+cl3u3) RELEASED; urgency=medium
-
- * New Enabled: Merge up-to 0.99.24 code from upstream
- * New Enabled: Additional CLI simplification
- * New Enabled: Various Bug Fixes
-
- -- dev-support <dev-support@cumulusnetworks.com> Thu, 04 Aug 2016 08:43:36 -0700
-
-quagga (0.99.23.1-1+cl3u2) RELEASED; urgency=medium
-
- * New Enabled: VRF - See Documentation for how to use
- * New Enabled: Improved interface statistics
- * New Enabled: Various vtysh improvements
- * New Enabled: Numerous compile warnings and SA fixes
- * New Enabled: Improved priviledge handlingA
- * New Enabled: Various OSPF CLI fixes
- * New Enabled: Prefix-list Performance Improvements.
- * New Enabled: Allow more than 1k peers in Quagga
- and Performance Improvements
- * New Enabled: Systemd integration
- * New Enabled: Various ISIS fixes
- * New Enabled: BGP MRT improvements
- * New Enabled: Lowered default MRAI timers
- * New Enabled: Lowered default 'timers connect'
- * New Enabled: 'bgp log-neighbor-changes' enabled by default
- * New Enabled: BGP default keepalive to 3s and holdtime to 9s
- * New Enabled: OSPF spf timers are now '0 50 5000' by default
- * New Enabled: BGP hostname is displayed by default
- * New Enabled: BGP 'no-as-set' is the default for
- 'bgp as-path multipath-relax"
- * New Enabled: RA is on by default if using 5549 on an interface
- * New Enabled: peer-group restrictions relaxed, update-groups determine
- outbund policy anyway
- * New Enabled: BGP enabled 'maximum-paths 64' by default
- * New Enabled: OSPF "log-adjacency-changes" on by default
- * New Enabled: Zebra: Add IPv6 protocol filtering support
- * and setting src of IPv6 routes.
- * New Enabled: BGP and OSPF JSON commands added.
- * New Enabled: BGP Enable multiple instances support by default
- * New Enabled: 'banner motd file' command
- * New Enabled: Remove bad default passwords from default conf
- * New Enabled: BGP addpath TX
- * New Enabled: Simplified configuration for BGP Unnumbered
-
- * New Deprecated: Remove unused 'show memory XXX' functionality
- * New Deprecated: Remove babel protocol
-
- * Closes: CM-10435 Addition on hidden command
- "bfd multihop/singlehop" and "ptm-enable" per interface command
- * Closes: CM-9974 Get route counts right for show ip route summary
- * Closes: CM-9786 BGP memory leak in peer hostname
- * Closes: CM-9340 BGP: Ensure correct sequence of processing at exit
- * Closes: CM-9270 ripd: Fix crash when a default route is passed to rip
- * Closes: CM-9255 BGPD crash around bgp_config_write ()
- * Closes: CM-9134 ospf6d: Fix for crash when non area 0 network
- entered first
- * Closes: CM-8934 OSPFv3: Check area before scheduling SPF
- * Closes: CM-8514 zebra: Crash upon disabling a link
- * Closes: CM-8295 BGP crash in group_announce_route_walkcb
- * Closes: CM-8191 BGP: crash in update_subgroup_merge()
- * Closes: CM-8015 lib: Memory reporting fails over 2GB
- * Closes: CM-7926 BGP: crash from not NULLing freed pointers
-
- -- dev-support <dev-support@cumulusnetworks.com> Wed, 04 May 2016 16:22:52 -0700
-
-quagga (0.99.23.1-1) unstable; urgency=medium
-
- * New upstream release
- * Added .png figures for info files to quagga-doc package.
- * Changed dependency from iproute to iproute2 (thanks to Andreas
- Henriksson). Closes: #753736
- * Added texlive-fonts-recommended to build-depends to get ecrm1095 font
- (thanks to Christoph Biedl). Closes: #651545
-
- -- Christian Brunotte <ch@debian.org> Tue, 30 Sep 2014 00:20:12 +0200
-
-quagga (0.99.23-1) unstable; urgency=low
-
- * New upstream release
- * Removed debian/patches/readline-6.3.diff which was already in upstream.
-
- -- Christian Hammers <ch@debian.org> Tue, 08 Jul 2014 09:15:48 +0200
-
-quagga (0.99.22.4-4) unstable; urgency=medium
-
- * Fix build failure with readline-6.3 (thanks to Matthias Klose).
- Closes: #741774
-
- -- Christian Hammers <ch@debian.org> Sun, 23 Mar 2014 15:28:42 +0100
-
-quagga (0.99.22.4-3) unstable; urgency=low
-
- * Added status to init script (thanks to Peter J. Holzer). Closes: #730625
- * Init script now sources /lib/lsb/init-functions.
- * Switched from hardening-wrapper to dpkg-buildflags.
-
- -- Christian Hammers <ch@debian.org> Wed, 01 Jan 2014 19:12:01 +0100
-
-quagga (0.99.22.4-2) unstable; urgency=low
-
- * Fixed typo in package description (thanks to Davide Prina).
- Closes: #625860
- * Added Italian Debconf translation (thanks to Beatrice Torracca)
- Closes: #729798
-
- -- Christian Hammers <ch@debian.org> Tue, 26 Nov 2013 00:47:11 +0100
-
-quagga (0.99.22.4-1) unstable; urgency=high
-
- * SECURITY:
- "ospfd: CVE-2013-2236, stack overrun in apiserver
-
- the OSPF API-server (exporting the LSDB and allowing announcement of
- Opaque-LSAs) writes past the end of fixed on-stack buffers. This leads
- to an exploitable stack overflow.
-
- For this condition to occur, the following two conditions must be true:
- - Quagga is configured with --enable-opaque-lsa
- - ospfd is started with the "-a" command line option
-
- If either of these does not hold, the relevant code is not executed and
- the issue does not get triggered."
- Closes: #726724
-
- * New upstream release
- - ospfd: protect vs. VU#229804 (malformed Router-LSA)
- (Quagga is said to be non-vulnerable but still adds some protection)
-
- -- Christian Hammers <ch@debian.org> Thu, 24 Oct 2013 22:58:37 +0200
-
-quagga (0.99.22.1-2) unstable; urgency=low
-
- * Added autopkgtests (thanks to Yolanda Robla). Closes: #710147
- * Added "status" command to init script (thanks to James Andrewartha).
- Closes: #690013
- * Added "libsnmp-dev" to Build-Deps. There not needed for the official
- builds but for people who compile Quagga themselves to activate the
- SNMP feature (which for licence reasons cannot be done by Debian).
- Thanks to Ben Winslow). Closes: #694852
- * Changed watchquagga_options to an array so that quotes can finally
- be used as expected. Closes: #681088
- * Fixed bug that prevented restarting only the watchquagga daemon
- (thanks to Harald Kappe). Closes: #687124
-
- -- Christian Hammers <ch@debian.org> Sat, 27 Jul 2013 16:06:25 +0200
-
-quagga (0.99.22.1-1) unstable; urgency=low
-
- * New upstream release
- - ospfd restore nexthop IP for p2p interfaces
- - ospfd: fix LSA initialization for build without opaque LSA
- - ripd: correctly redistribute ifindex routes (BZ#664)
- - bgpd: fix lost passwords of grouped neighbors
- * Removed 91_ld_as_needed.diff as it was found in the upstream source.
-
- -- Christian Hammers <ch@debian.org> Mon, 22 Apr 2013 22:21:20 +0200
-
-quagga (0.99.22-1) unstable; urgency=low
-
- * New upstream release.
- - [bgpd] The semantics of default-originate route-map have changed.
- The route-map is now used to advertise the default route conditionally.
- The old behaviour which allowed to set attributes on the originated
- default route is no longer supported.
- - [bgpd] this version of bgpd implements draft-idr-error-handling. This was
- added in 0.99.21 and may not be desirable. If you need a version
- without this behaviour, please use 0.99.20.1. There will be a
- runtime configuration switch for this in future versions.
- - [isisd] is in "beta" state.
- - [ospf6d] is in "alpha/experimental" state
- - More changes are documented in the upstream changelog!
- * debian/watch: Adjusted to new savannah.gnu.org site, thanks to Bart
- Martens.
- * debian/patches/99_CVE-2012-1820_bgp_capability_orf.diff removed as its
- in the changelog.
- * debian/patches/99_distribute_list.diff removed as its in the changelog.
- * debian/patches/10_doc__Makefiles__makeinfo-force.diff removed as it
- was just for Debian woody.
-
- -- Christian Hammers <ch@debian.org> Thu, 14 Feb 2013 00:22:00 +0100
-
-quagga (0.99.21-4) unstable; urgency=medium
-
- * Fixed regression bug that caused OSPF "distribute-list" statements to be
- silently ignored. The patch has already been applied upstream but there
- has been no new Quagga release since then.
- Thanks to Hans van Kranenburg for reporting. Closes: #697240
-
- -- Christian Hammers <ch@debian.org> Sun, 06 Jan 2013 15:50:32 +0100
-
-quagga (0.99.21-3) unstable; urgency=high
-
- * SECURITY:
- CVE-2012-1820 - Quagga contained a bug in BGP OPEN message handling.
- A denial-of-service condition could be caused by an attacker controlling
- one of the pre-configured BGP peers. In most cases this means, that the
- attack must be originated from an adjacent network. Closes: #676510
-
- -- Christian Hammers <ch@debian.org> Fri, 08 Jun 2012 01:15:32 +0200
-
-quagga (0.99.21-2) unstable; urgency=low
-
- * Renamed babeld.8 to quagga-babeld.8 as it conflicted with the
- original mapage of the babeld package which users might want to
- install in parallel as it is slightly more capable. Closes: #671916
-
- -- Christian Hammers <ch@debian.org> Thu, 10 May 2012 07:53:01 +0200
-
-quagga (0.99.21-1) unstable; urgency=low
-
- * New upstream release
- - [bgpd] BGP multipath support has been merged
- - [bgpd] SAFI (Multicast topology) support has been extended to propagate
- the topology to zebra.
- - [bgpd] AS path limit functionality has been removed
- - [babeld] a new routing daemon implementing the BABEL ad-hoc mesh routing
- protocol has been merged.
- - [isisd] a major overhaul has been picked up. Please note that isisd is
- STILL NOT SUITABLE FOR PRODUCTION USE.
- - a lot of bugs have been fixed
- * Added watchquagga daemon.
- * Added DEP-3 conforming patch comments.
-
- -- Christian Hammers <ch@debian.org> Sun, 06 May 2012 15:33:33 +0200
-
-quagga (0.99.20.1-1) unstable; urgency=high
-
- * SECURITY:
- CVE-2012-0249 - Quagga ospfd DoS on malformed LS-Update packet
- CVE-2012-0250 - Quagga ospfd DoS on malformed Network-LSA data
- CVE-2012-0255 - Quagga bgpd DoS on malformed OPEN message
- * New upstream release. Closes: #664033
-
- -- Christian Hammers <ch@debian.org> Fri, 16 Mar 2012 22:14:05 +0100
-
-quagga (0.99.20-4) unstable; urgency=low
-
- * Switch to dpkg-source 3.0 (quilt) format.
- * Switch to changelog-format-1.0.
-
- -- Christian Hammers <ch@debian.org> Sat, 25 Feb 2012 18:52:06 +0100
-
-quagga (0.99.20-3) unstable; urgency=low
-
- * Added --sysconfdir back to the configure options (thanks to Sven-Haegar
- Koch). Closes: #645649
-
- -- Christian Hammers <ch@debian.org> Tue, 18 Oct 2011 00:24:37 +0200
-
-quagga (0.99.20-2) unstable; urgency=low
-
- * Bumped standards version to 0.9.2.
- * Migrated to "dh" build system.
- * Added quagga-dbg package.
-
- -- Christian Hammers <ch@debian.org> Fri, 14 Oct 2011 23:59:26 +0200
-
-quagga (0.99.20-1) unstable; urgency=low
-
- * New upstream release:
- "The primary focus of this release is a fix of SEGV regression in ospfd,
- which was introduced in 0.99.19. It also features a series of minor
- improvements, including better RFC compliance in bgpd, better support
- of FreeBSD and some enhancements to isisd."
- * Fixes off-by-one bug (removed 20_ospf6_area_argv.dpatch). Closes: #519488
-
- -- Christian Hammers <ch@debian.org> Fri, 30 Sep 2011 00:59:24 +0200
-
-quagga (0.99.19-1) unstable; urgency=high
-
- * SECURITY:
- "This release provides security fixes, which address assorted
- vulnerabilities in bgpd, ospfd and ospf6d (CVE-2011-3323,
- CVE-2011-3324, CVE-2011-3325, CVE-2011-3326 and CVE-2011-3327).
- * New upstream release.
- * Removed incorporated debian/patches/92_opaque_lsa_enable.dpatch.
- * Removed incorporated debian/patches/93_opaque_lsa_fix.dpatch.
- * Removed obsolete debian/README.Debian.Woody and README.Debian.MD5.
-
- -- Christian Hammers <ch@debian.org> Tue, 27 Sep 2011 00:16:27 +0200
-
-quagga (0.99.18-1) unstable; urgency=low
-
- * SECURITY:
- "This release fixes 2 denial of services in bgpd, which can be remotely
- triggered by malformed AS-Pathlimit or Extended-Community attributes.
- These issues have been assigned CVE-2010-1674 and CVE-2010-1675.
- Support for AS-Pathlimit has been removed with this release."
- * Added Brazilian Portuguese debconf translation. Closes: #617735
- * Changed section for quagga-doc from "doc" to "net".
- * Added patch to fix FTBFS with latest GCC. Closes: #614459
-
- -- Christian Hammers <ch@debian.org> Tue, 22 Mar 2011 23:13:34 +0100
-
-quagga (0.99.17-4) unstable; urgency=low
-
- * Added comment to init script (thanks to Marc Haber). Closes: #599524
-
- -- Christian Hammers <ch@debian.org> Thu, 13 Jan 2011 23:53:29 +0100
-
-quagga (0.99.17-3) unstable; urgency=low
-
- * Fix FTBFS with ld --as-needed (thanks to Matthias Klose at Ubuntu).
- Closes: #609555
-
- -- Christian Hammers <ch@debian.org> Thu, 13 Jan 2011 23:27:06 +0100
-
-quagga (0.99.17-2) unstable; urgency=low
-
- * Added Danisch Debconf translation (thanks to Joe Dalton). Closes: #596259
-
- -- Christian Hammers <ch@debian.org> Sat, 18 Sep 2010 12:20:07 +0200
-
-quagga (0.99.17-1) unstable; urgency=high
-
- * SECURITY:
- "This release provides two important bugfixes, which address remote crash
- possibility in bgpd discovered by CROSS team.":
- 1. Stack buffer overflow by processing certain Route-Refresh messages
- CVE-2010-2948
- 2. DoS (crash) while processing certain BGP update AS path messages
- CVE-2010-2949
- Closes: #594262
-
- -- Christian Hammers <ch@debian.org> Wed, 25 Aug 2010 00:52:48 +0200
-
-quagga (0.99.16-1) unstable; urgency=low
-
- * New upstream release. Closes: #574527
- * Added chrpath to debian/rules to fix rpath problems that lintian spottet.
-
- -- Christian Hammers <ch@debian.org> Sun, 21 Mar 2010 17:05:40 +0100
-
-quagga (0.99.15-2) unstable; urgency=low
-
- * Applied patch for off-by-one bug in ospf6d that caused a segmentation
- fault when using the "area a.b.c.d filter-list prefix" command (thanks
- to Steinar H. Gunderson). Closes: 519488
-
- -- Christian Hammers <ch@debian.org> Sun, 14 Feb 2010 20:02:03 +0100
-
-quagga (0.99.15-1) unstable; urgency=low
-
- * New upstream release
- "This fixes some annoying little ospfd and ospf6d regressions, which made
- 0.99.14 a bit of a problem release (...) This release still contains a
- regression in the "no ip address ..." command, at least on Linux.
- See bug #486, which contains a workaround patch. This release should be
- considered a 1.0.0 release candidate. Please test this release as widely
- as possible."
- * Fixed wrong port number in zebra.8 (thanks to Thijs Kinkhorst).
- Closes: #517860
- * Added Russian Debconf tanslation (thanks to Yuri Kozlov).
- Closes: #539464
- * Removed so-version in build-dep to libreadline-dev on request of
- Matthias Klose.
- * Added README.source with reference to dpatch as suggested by lintian.
- * Bumped standards versionto 3.8.3.
-
- -- Christian Hammers <ch@debian.org> Sun, 13 Sep 2009 18:12:06 +0200
-
-quagga (0.99.14-1) unstable; urgency=low
-
- * New upstream release
- "This release contains a regression fix for ospf6d, various small fixes
- and some hopefully very significant bgpd stability fixes.
- This release should be considered a 1.0.0 release candidate. Please test
- this release as widely as possible."
- * Fixes bug with premature LSA aging in ospf6d. Closes: #535030
- * Fixes section number in zebra.8 manpage. Closes: #517860
-
- -- Christian Hammers <ch@debian.org> Sat, 25 Jul 2009 00:40:38 +0200
-
-quagga (0.99.13-2) unstable; urgency=low
-
- * Added Japanese Debconf translation (thanks to Hideki Yamane).
- Closes: #510714
- * When checking for obsoleted config options in preinst, print filename
- where it occures (thanks to Michael Bussmann). Closes: #339489
-
- -- Christian Hammers <ch@debian.org> Sun, 19 Jul 2009 17:13:23 +0200
-
-quagga (0.99.13-1) unstable; urgency=low
-
- * New upstream release
- "This release is contains a number of small fixes, for potentially
- irritating issues, as well as small enhancements to vtysh and support
- for linking to PCRE (a much faster regex library)."
- * Added build-dep to gawk as configure required it for memtypes.awk
- * Replaced build-dep to gs-gpl with ghostscript as requested by lintian
- * Minor changes to copyright and control files to make lintian happy.
-
- -- Christian Hammers <ch@debian.org> Wed, 24 Jun 2009 17:53:28 +0200
-
-quagga (0.99.12-1) unstable; urgency=high
-
- * New upstream release
- "This release fixes an urgent bug in bgpd where it could hit an assert
- if it received a long AS_PATH with a 4-byte ASN." Noteworthy bugfixes:
- + [bgpd] Fix bgp ipv4/ipv6 accept handling
- + [bgpd] AS4 bugfix by Chris Caputo
- + [bgpd] Allow accepted peers to progress even if realpeer is in Connect
- + [ospfd] Switch Fletcher checksum back to old ospfd version
-
- -- Christian Hammers <ch@debian.org> Mon, 22 Jun 2009 00:16:33 +0200
-
-quagga (0.99.11-1) unstable; urgency=low
-
- * New upstream release
- "Most regressions in 0.99 over 0.98 are now believed to be fixed. This
- release should be considered a release-candidate for a new stable series."
- + bgpd: Preliminary UI and Linux-IPv4 support for TCP-MD5 merged
- + zebra: ignore dead routes in RIB update
- + [ospfd] Default route needs to be refreshed after neighbour state change
- + [zebra:netlink] Set proto/scope on all route update messages
- * Removed debian/patches/20_*bgp*md5*.dpatch due to upstream support.
-
- -- Christian Hammers <ch@debian.org> Thu, 09 Oct 2008 22:56:38 +0200
-
-quagga (0.99.10-1) unstable; urgency=medium
-
- * New upstream release
- + bgpd: 4-Byte AS Number support
- + Sessions were incorrectly reset if a partial AS-Pathlimit attribute
- was received.
- + Advertisement of Multi-Protocol prefixes (i.e. non-IPv4) had been
- broken in the 0.99.9 release. Closes: #467656
-
- -- Christian Hammers <ch@debian.org> Tue, 08 Jul 2008 23:32:42 +0200
-
-quagga (0.99.9-6) unstable; urgency=low
-
- * Fixed FTBFS by adding a build-dep to libpcre3-dev (thanks to Luk Claes).
- Closes: #469891
-
- -- Christian Hammers <ch@debian.org> Sat, 12 Apr 2008 12:53:51 +0200
-
-quagga (0.99.9-5) unstable; urgency=low
-
- * C.J. Adams-Collier and Paul Jakma suggested to build against libpcre3
- which is supposed to be faster.
-
- -- Christian Hammers <ch@debian.org> Sun, 02 Mar 2008 13:19:42 +0100
-
-quagga (0.99.9-4) unstable; urgency=low
-
- * Added hardening-wrapper to the build-deps (thanks to Moritz Muehlenhoff).
-
- -- Christian Hammers <ch@debian.org> Tue, 29 Jan 2008 22:33:56 +0100
-
-quagga (0.99.9-3) unstable; urgency=low
-
- * Replaced the BGP patch by a new one so that the package builds again
- with kernels above 2.6.21!
- * debian/control:
- + Moved quagga-doc to section doc to make lintian happy.
- * Added Spanish debconf translation (thanks to Carlos Galisteo de Cabo).
- Closes: #428574
- * debian/control: (thanks to Marco Rodrigues)
- + Bump Standards-Version to 3.7.3 (no changes needed).
- + Add Homepage field.
-
- -- Christian Hammers <ch@debian.org> Mon, 28 Jan 2008 22:29:18 +0100
-
-quagga (0.99.9-2.1) unstable; urgency=low
-
- * Non-maintainer upload.
- * debian/rules: fixed bashisms. (Closes: #459122)
-
- -- Miguel Angel Ruiz Manzano <debianized@gmail.com> Tue, 22 Jan 2008 14:37:21 -0300
-
-quagga (0.99.9-2) unstable; urgency=low
-
- * Added CVE id for the security bug to the last changelog entry.
- Closes: 442133
-
- -- Christian Hammers <ch@debian.org> Tue, 25 Sep 2007 22:01:31 +0200
-
-quagga (0.99.9-1) unstable; urgency=high
-
- * SECURITY:
- "This release fixes two potential DoS conditions in bgpd, reported by Mu
- Security, where a bgpd could be crashed if a peer sent a malformed OPEN
- message or a malformed COMMUNITY attribute. Only configured peers can do
- this, hence we consider these issues to be very low impact." CVE-2007-4826
-
- -- Christian Hammers <ch@debian.org> Wed, 12 Sep 2007 21:12:41 +0200
-
-quagga (0.99.8-1) unstable; urgency=low
-
- * New upstream version.
-
- -- Christian Hammers <ch@debian.org> Fri, 17 Aug 2007 00:07:04 +0200
-
-quagga (0.99.7-3) unstable; urgency=medium
-
- * Applied patch for FTBFS with linux-libc-dev (thanks to Andrew J. Schorr
- and Lucas Nussbaum). Closes: #429003
-
- -- Christian Hammers <ch@debian.org> Fri, 22 Jun 2007 21:34:55 +0200
-
-quagga (0.99.7-2) unstable; urgency=low
-
- * Added Florian Weimar as co-maintainer. Closes: 421977
- * Added Dutch debconf translation (thanks to Bart Cornelis).
- Closes: #420932
- * Added Portuguese debconf translation (thanks to Rui Branco).
- Closes: #421185
- * Improved package description (thanks to Reuben Thomas).
- Closes: #418933
- * Added CVE Id to 0.99.6-5 changelog entry.
-
- -- Christian Hammers <ch@debian.org> Wed, 02 May 2007 20:27:12 +0200
-
-quagga (0.99.7-1) unstable; urgency=low
-
- * New upstream release. Closes: #421553
-
- -- Christian Hammers <ch@debian.org> Mon, 30 Apr 2007 14:22:34 +0200
-
-quagga (0.99.6-6) unstable; urgency=medium
-
- * Fixes FTBFS with tetex-live. Closes: #420468
-
- -- Christian Hammers <ch@debian.org> Mon, 23 Apr 2007 21:34:13 +0200
-
-quagga (0.99.6-5) unstable; urgency=high
-
- * SECURITY:
- The bgpd daemon was vulnerable to a Denial-of-Service. Configured peers
- could cause a Quagga bgpd to, typically, assert() and abort. The DoS
- could be triggered by peers by sending an UPDATE message with a crafted,
- malformed Multi-Protocol reachable/unreachable NLRI attribute.
- This is CVE-2007-1995 and Quagga Bug#354. Closes: #418323
-
- -- Christian Hammers <ch@debian.org> Thu, 12 Apr 2007 23:21:58 +0200
-
-quagga (0.99.6-4) unstable; urgency=low
-
- * Improved note in README.Debian for SNMP self-builders (thanks to Matthias
- Wamser). Closes: #414788
-
- -- Christian Hammers <ch@debian.org> Wed, 14 Mar 2007 02:18:57 +0100
-
-quagga (0.99.6-3) unstable; urgency=low
-
- * Updated German Debconf translation (thanks to Matthias Julius).
- Closes: #409327
-
- -- Christian Hammers <ch@debian.org> Sat, 10 Feb 2007 15:06:16 +0100
-
-quagga (0.99.6-2) unstable; urgency=low
-
- * Updated config.guess/config.sub as suggested by lintian.
- * Corrected README.Debian text regarding the WANT_SNMP flag.
-
- -- Christian Hammers <ch@debian.org> Sun, 17 Dec 2006 01:45:37 +0100
-
-quagga (0.99.6-1) unstable; urgency=low
-
- * New upstream release. Closes: #402361
-
- -- Christian Hammers <ch@debian.org> Mon, 11 Dec 2006 00:28:09 +0100
-
-quagga (0.99.5-5) unstable; urgency=high
-
- * Changed Depends on adduser to Pre-Depends to avoid uninstallability
- in certain cases (thanks to Steve Langasek, Lucas Nussbaum).
- Closes: #398562
-
- -- Christian Hammers <ch@debian.org> Wed, 15 Nov 2006 17:46:34 +0100
-
-quagga (0.99.5-4) unstable; urgency=low
-
- * Added default PAM file and some explanations regarding PAM authentication
- of vtysh which could prevent the start at boot-time when used wrong.
- Now PAM permits anybody to access the vtysh tool (a malicious user could
- build his own vtysh without PAM anyway) and the access is controled by
- the read/write permissions of the vtysh socket which are only granted to
- users belonging to the quaggavty group (thanks to Wakko Warner).
- Closes: #389496
- * Added "case" to prerm script so that the Debconf question is not called a
- second time in e.g. "new-prerm abort-upgrade" after being NACKed in the
- old-prerm.
-
- -- Christian Hammers <ch@debian.org> Fri, 3 Nov 2006 01:22:15 +0100
-
-quagga (0.99.5-3) unstable; urgency=medium
-
- * Backport CVS fix for an OSPF DD Exchange regression (thanks to Matt
- Brown). Closes: #391040
-
- -- Christian Hammers <ch@debian.org> Wed, 25 Oct 2006 19:47:11 +0200
-
-quagga (0.99.5-2) unstable; urgency=medium
-
- * Added LSB info section to initscript.
- * Removed unnecessary depends to libncurses5 to make checklib happy.
- The one to libcap should remain though as it is just temporarily
- unused.
-
- -- Christian Hammers <ch@debian.org> Thu, 21 Sep 2006 00:04:07 +0200
-
-quagga (0.99.5-1) unstable; urgency=low
-
- * New upstream release. Closes: #38704
- * Upstream fixes ospfd documentary inconsistency. Closes: #347897
- * Changed debconf question in prerm to "high" (thanks to Rafal Pietrak).
-
- -- Christian Hammers <ch@debian.org> Mon, 11 Sep 2006 23:43:42 +0200
-
-quagga (0.99.4-4) unstable; urgency=low
-
- * Recreate /var/run if not present because /var is e.g. on a tmpfs
- filesystem (thanks to Martin Pitt). Closes: #376142
- * Removed nonexistant option from ospfd.8 manpage (thanks to
- David Medberry). Closes: 378274
-
- -- Christian Hammers <ch@debian.org> Sat, 15 Jul 2006 20:22:12 +0200
-
-quagga (0.99.4-3) unstable; urgency=low
-
- * Removed invalid semicolon from rules file (thanks to Philippe Gramoulle).
-
- -- Christian Hammers <ch@debian.org> Tue, 27 Jun 2006 23:36:07 +0200
-
-quagga (0.99.4-2) unstable; urgency=high
-
- * Set urgency to high as 0.99.4-1 fixes a security problem!
- * Fixed building of the info file.
-
- -- Christian Hammers <ch@debian.org> Sun, 14 May 2006 23:04:28 +0200
-
-quagga (0.99.4-1) unstable; urgency=low
-
- * New upstream release to fix a security problem in the telnet interface
- of the BGP daemon which could be used for DoS attacks (CVE-2006-2276).
- Closes: 366980
-
- -- Christian Hammers <ch@debian.org> Sat, 13 May 2006 19:54:40 +0200
-
-quagga (0.99.3-3) unstable; urgency=low
-
- * Added CVE numbers for the security patch in 0.99.3-2.
-
- -- Christian Hammers <ch@debian.org> Sat, 6 May 2006 17:14:22 +0200
-
-quagga (0.99.3-2) unstable; urgency=high
-
- * SECURITY:
- Added security bugfix patch from upstream BTS for security problem
- that could lead to injected routes when using RIPv1.
- CVE-2006-2223 - missing configuration to disable RIPv1 or require
- plaintext or MD5 authentication
- CVE-2006-2224 - lack of enforcement of RIPv2 authentication requirements
- Closes: #365940
- * First amd64 upload.
-
- -- Christian Hammers <ch@debian.org> Thu, 4 May 2006 00:22:09 +0200
-
-quagga (0.99.3-1) unstable; urgency=low
-
- * New upstream release
-
- -- Christian Hammers <ch@debian.org> Wed, 25 Jan 2006 13:37:27 +0100
-
-quagga (0.99.2-1) unstable; urgency=low
-
- * New upstream release
- Closes: #330248, #175553
-
- -- Christian Hammers <ch@debian.org> Wed, 16 Nov 2005 00:25:52 +0100
-
-quagga (0.99.1-7) unstable; urgency=low
-
- * Changed debian/rules check for mounted /proc directory to check
- for /proc/1 as not all systems (e.g. 2.6 arm kernels) have
- /proc/kcore which is a optional feature only (thanks to Lennert
- Buytenhek). Closes: #335695
- * Added Swedish Debconf translation (thanks to Daniel Nylander).
- Closes: #331367
-
- -- Christian Hammers <ch@debian.org> Thu, 27 Oct 2005 20:53:19 +0200
-
-quagga (0.99.1-6) unstable; urgency=low
-
- * Fixed debconf dependency as requested by Joey Hess.
-
- -- Christian Hammers <ch@debian.org> Mon, 26 Sep 2005 20:47:35 +0200
-
-quagga (0.99.1-5) unstable; urgency=low
-
- * Rebuild with libreadline5-dev as build-dep as requested by
- Matthias Klose. Closes: #326306
- * Made initscript more fault tolerant against missing lines in
- /etc/quagga/daemons (thanks to Ralf Hildebrandt). Closes: #323774
- * Added dependency to adduser.
-
- -- Christian Hammers <ch@debian.org> Tue, 13 Sep 2005 21:42:17 +0200
-
-quagga (0.99.1-4) unstable; urgency=low
-
- * Added French Debconf translation (thanks to Mohammed Adnene Trojette).
- Closes: #319324
- * Added Czech Debconf translation (thanks to Miroslav Kure).
- Closes: #318127
-
- -- Christian Hammers <ch@debian.org> Sun, 31 Jul 2005 04:19:41 +0200
-
-quagga (0.99.1-3) unstable; urgency=low
-
- * A Debconf question now asks the admin before upgrading if the daemon
- should really be stopped as this could lead to the loss of network
- connectivity or BGP flaps (thanks to Michael Horn and Achilleas Kotsis).
- Also added a hint about setting Quagga "on hold" to README.Debian.
- Closes: #315467
- * Added patch to build on Linux/ARM.
-
- -- Christian Hammers <ch@debian.org> Sun, 10 Jul 2005 22:19:38 +0200
-
-quagga (0.99.1-2) unstable; urgency=low
-
- * Fixed SNMP enabled command in debian/rules (thanks to Christoph Kluenter).
- Closes: #306840
-
- -- Christian Hammers <ch@debian.org> Sat, 4 Jun 2005 14:04:01 +0200
-
-quagga (0.99.1-1) unstable; urgency=low
-
- * New upstream version. Among others:
- - BGP graceful restart and "match ip route-source" added
- - support for interface renaming
- - improved threading for better responsivness under load
- * Switched to dpatch to make diffs cleaner.
- * Made autoreconf unnecessary.
- * Replaced quagga.dvi and quagga.ps by quagga.pdf in quagga-doc.
- (the PostScript would have needed Makefile corrections and PDF
- is more preferable anyway)
- * Added isisd to the list of daemons in /etc/init.d/quagga (thanks
- to Ernesto Elbe).
- * Added hint for "netlink-listen: overrun" messages (thanks to
- Hasso Tepper).
- * Added preinst check that bails out if old smux options are in use
- as Quagga would not start up else anyway (thanks to Bjorn Mork).
- Closes: #308320
-
- -- Christian Hammers <ch@debian.org> Fri, 13 May 2005 01:18:24 +0200
-
-quagga (0.98.3-7) unstable; urgency=high
-
- * Removed SNMP support as linking against NetSNMP introduced a dependency
- to OpenSSL which is not compatible to the GPL which governs this
- application (thanks to Faidon Liambotis). See README.Debian for more
- information. Closes: #306840
- * Changed listening address of ospf6d and ripngd from 127.0.0.1 to "::1".
- * Added build-dep to groff to let drafz-zebra-00.txt build correctly.
-
- -- Christian Hammers <ch@debian.org> Wed, 4 May 2005 20:08:14 +0200
-
-quagga (0.98.3-6) testing-proposed-updates; urgency=high
-
- * Removed "Recommends kernel-image-2.4" as aptitude then
- installes a kernel-image for an arbitrary architecture as long
- as it fullfill that recommendation which can obviously fatal
- at the next reboot :) Also it is a violation of the policy
- which mandates a reference to real packages (thanks to Holger Levsen).
- Closes: #307281
-
- -- Christian Hammers <ch@debian.org> Tue, 3 May 2005 22:53:39 +0200
-
-quagga (0.98.3-5) unstable; urgency=high
-
- * The patch which tried to remove the OpenSSL dependency, which is
- not only unneccessary but also a violation of the licence and thus RC,
- stopped working a while ago, since autoreconf is no longer run before
- building the binaries. So now ./configure is patched directly (thanks
- to Faidon Liambotis for reporting). Closes: #306840
- * Raised Debhelper compatibility level from 3 to 4. Nothing changed.
- * Added build-dep to texinfo (>= 4.7) to ease work for www.backports.org.
-
- -- Christian Hammers <ch@debian.org> Fri, 29 Apr 2005 02:31:03 +0200
-
-quagga (0.98.3-4) unstable; urgency=low
-
- * Removed Debconf upgrade note as it was considered a Debconf abuse
- and apart from that so obvious that it was not even worth to be
- put into NEWS.Debian (thanks to Steve Langasek). Closes: #306384
-
- -- Christian Hammers <ch@debian.org> Wed, 27 Apr 2005 00:10:24 +0200
-
-quagga (0.98.3-3) unstable; urgency=medium
-
- * Adding the debconf module due to a lintian suggestion is a very
- bad idea if no db_stop is called as the script hangs then (thanks
- to Tore Anderson for reporting). Closes: #306324
-
- -- Christian Hammers <ch@debian.org> Mon, 25 Apr 2005 21:55:58 +0200
-
-quagga (0.98.3-2) unstable; urgency=low
-
- * Added debconf confmodule to postinst as lintian suggested.
-
- -- Christian Hammers <ch@debian.org> Sun, 24 Apr 2005 13:16:00 +0200
-
-quagga (0.98.3-1) unstable; urgency=low
-
- * New upstream release.
- Mmost notably fixes last regression in bgpd (reannounce of prefixes
- with changed attributes works again), race condition in netlink
- handling while using IPv6, MTU changes handling in ospfd and several
- crashes in ospfd, bgpd and ospf6d.
-
- -- Christian Hammers <ch@debian.org> Mon, 4 Apr 2005 12:51:24 +0200
-
-quagga (0.98.2-2) unstable; urgency=low
-
- * Added patch to let Quagga compile with gcc-4.0 (thanks to
- Andreas Jochens). Closes: #300949
-
- -- Christian Hammers <ch@debian.org> Fri, 25 Mar 2005 19:33:30 +0100
-
-quagga (0.98.2-1) unstable; urgency=medium
-
- * Quoting the upstream announcement:
- The 0.98.1 release unfortunately was a brown paper bag release with
- respect to ospfd. [...] 0.98.2 has been released, with one crucial change
- to fix the unfortunate mistake in 0.98.1, which caused problems if
- ospfd became DR.
- * Note: the upstream tarball had a strange problem, apparently redhat.spec
- was twice in it? At least debuild gave a strange error message so I
- unpacked it by hand. No changes were made to the .orig.tar.gz!
-
- -- Christian Hammers <ch@debian.org> Fri, 4 Feb 2005 01:31:36 +0100
-
-quagga (0.98.1-1) unstable; urgency=medium
-
- * New upstream version
- "fixing a fatal OSPF + MD5 auth regression, and a non-fatal high-load
- regression in bgpd which were present in the 0.98.0 release."
- * Upstream version fixes bug in ospfd that could lead to crash when OSPF
- packages had a MTU > 1500. Closes: #290566
- * Added notice regarding capability kernel support to README.Debian
- (thanks to Florian Weimer). Closes: #291509
- * Changed permission setting in postinst script (thanks to Bastian Blank).
- Closes: #292690
-
- -- Christian Hammers <ch@debian.org> Tue, 1 Feb 2005 02:01:27 +0100
-
-quagga (0.98.0-3) unstable; urgency=low
-
- * Fixed problem in init script. Closes: #290317
- * Removed obsolete "smux peer enable" patch.
-
- -- Christian Hammers <ch@debian.org> Fri, 14 Jan 2005 17:37:27 +0100
-
-quagga (0.98.0-2) unstable; urgency=low
-
- * Updated broken TCP MD5 patch for BGP (thanks to John P. Looney
- for telling me).
-
- -- Christian Hammers <ch@debian.org> Thu, 13 Jan 2005 02:03:54 +0100
-
-quagga (0.98.0-1) unstable; urgency=low
-
- * New upstream release
- * Added kernel-image-2.6 as alternative to 2.4 to the recommends
- (thanks to Faidon Liambotis). Closes: #289530
-
- -- Christian Hammers <ch@debian.org> Mon, 10 Jan 2005 19:36:17 +0100
-
-quagga (0.97.5-1) unstable; urgency=low
-
- * New upstream version.
- * Added Czech debconf translation (thanks to Miroslav Kure).
- Closes: #287293
- * Added Brazilian debconf translation (thanks to Andre Luis Lopes).
- Closes: #279352
-
- -- Christian Hammers <ch@debian.org> Wed, 5 Jan 2005 23:49:57 +0100
-
-quagga (0.97.4-2) unstable; urgency=low
-
- * Fixed quagga.info build problem.
-
- -- Christian Hammers <ch@debian.org> Wed, 5 Jan 2005 22:38:01 +0100
-
-quagga (0.97.4-1) unstable; urgency=low
-
- * New upstream release.
-
- -- Christian Hammers <ch@debian.org> Tue, 4 Jan 2005 01:45:22 +0100
-
-quagga (0.97.3-2) unstable; urgency=low
-
- * Included isisd in the daemon list.
- * Wrote an isisd manpage.
- * It is now ensured that zebra is always the last daemon to be stopped.
- * (Thanks to Hasso Tepper for mailing me a long list of suggestions
- which lead to this release)
-
- -- Christian Hammers <ch@debian.org> Sat, 18 Dec 2004 13:14:55 +0100
-
-quagga (0.97.3-1) unstable; urgency=medium
-
- * New upstream version.
- - Fixes important OSPF bug.
- * Added ht-20040911-smux.patch regarding Quagga bug #112.
- * Updated ht-20041109-0.97.3-bgp-md5.patch for BGP with TCP MD5
- (thanks to Matthias Wamser).
-
- -- Christian Hammers <ch@debian.org> Tue, 9 Nov 2004 17:45:26 +0100
-
-quagga (0.97.2-4) unstable; urgency=low
-
- * Added Portuguese debconf translation (thanks to Andre Luis Lopes).
- Closes: #279352
- * Disabled ospfapi server by default on recommendation of Paul Jakma.
-
- -- Christian Hammers <ch@debian.org> Sun, 7 Nov 2004 15:07:05 +0100
-
-quagga (0.97.2-3) unstable; urgency=low
-
- * Added Andrew Schorrs VTY Buffer patch from the [quagga-dev 1729].
-
- -- Christian Hammers <ch@debian.org> Tue, 2 Nov 2004 00:46:56 +0100
-
-quagga (0.97.2-2) unstable; urgency=low
-
- * Changed file and directory permissions and ownerships according to a
- suggestion from Paul Jakma. Still not perfect though.
- * Fixed upstream vtysh.conf.sample file.
- * "ip ospf network broadcast" is now saved correctly. Closes: #244116
- * Daemon options are now in /etc/quagga/debian.conf to be user
- configurable (thanks to Simon Raven and Hasso Tepper). Closes: #266715
-
- -- Christian Hammers <ch@debian.org> Tue, 26 Oct 2004 23:35:45 +0200
-
-quagga (0.97.2-1) unstable; urgency=low
-
- * New upstream version.
- Closes: #254541
- * Fixed warning on unmodular kernels (thanks to Christoph Biedl).
- Closes: #277973
-
- -- Christian Hammers <ch@debian.org> Mon, 25 Oct 2004 00:47:04 +0200
-
-quagga (0.97.1-2) unstable; urgency=low
-
- * Version 0.97 introduced shared libraries. They are now included.
- (thanks to Raf D'Halleweyn). Closes: #277446
-
- -- Christian Hammers <ch@debian.org> Wed, 20 Oct 2004 15:32:06 +0200
-
-quagga (0.97.1-1) unstable; urgency=low
-
- * New upstream version.
- * Removed some obsolete files from debian/patches.
- * Added patch from upstream bug 113. Closes: #254541
- * Added patch from upstream that fixes a compilation problem in the
- ospfclient code (thanks to Hasso Tepper).
- * Updated German debconf translation (thanks to Jens Nachtigall)
- Closes: #277059
-
- -- Christian Hammers <ch@debian.org> Mon, 18 Oct 2004 01:16:35 +0200
-
-quagga (0.96.5-11) unstable; urgency=low
-
- * Fixed /tmp/buildd/* paths in binaries.
- For some unknown reason the upstream Makefile modified a .h file at
- the end of the "debian/rules build" target. During the following
- "make install" one library got thus be re*compiled* - with /tmp/buildd
- paths as sysconfdir (thanks to Peder Chr. Norgaard). Closes: #274050
-
- -- Christian Hammers <ch@debian.org> Fri, 1 Oct 2004 01:21:02 +0200
-
-quagga (0.96.5-10) unstable; urgency=medium
-
- * The BGP routing daemon might freeze on network disturbances when
- their peer is also a Quagga/Zebra router.
- Applied patch from http://bugzilla.quagga.net/show_bug.cgi?id=102
- which has been confirmed by the upstream author.
- (thanks to Gunther Stammwitz)
- * Changed --enable-pam to --with-libpam (thanks to Hasso Tepper).
- Closes: #264562
- * Added patch for vtysh (thanks to Hasso Tepper). Closes: #215919
-
- -- Christian Hammers <ch@debian.org> Mon, 9 Aug 2004 15:33:02 +0200
-
-quagga (0.96.5-9) unstable; urgency=low
-
- * Rewrote the documentation chapter about SNMP support. Closes: #195653
- * Added MPLS docs.
-
- -- Christian Hammers <ch@debian.org> Thu, 29 Jul 2004 21:01:52 +0200
-
-quagga (0.96.5-8) unstable; urgency=low
-
- * Adjusted a grep in the initscript to also match a modprobe message
- from older modutils packages (thanks to Faidon Paravoid).
-
- -- Christian Hammers <ch@debian.org> Wed, 28 Jul 2004 21:19:02 +0200
-
-quagga (0.96.5-7) unstable; urgency=low
-
- * Added a "cd /etc/quagga/" to the init script as quagga tries to load
- the config file first from the current working dir and then from the
- config dir which could lead to confusion (thanks to Marco d'Itri).
- Closes: #255078
- * Removed warning regarding problems with the Debian kernels from
- README.Debian as they are no longer valid (thanks to Raphael Hertzog).
- Closes: #257580
- * Added patch from Hasso Tepper that makes "terminal length 0" work
- in vtysh (thanks to Matthias Wamser). Closes: #252579
-
- -- Christian Hammers <ch@debian.org> Thu, 8 Jul 2004 21:53:21 +0200
-
-quagga (0.96.5-6) unstable; urgency=low
-
- * Try to load the capability module as it is needed now.
-
- -- Christian Hammers <ch@debian.org> Tue, 8 Jun 2004 23:25:29 +0200
-
-quagga (0.96.5-5) unstable; urgency=low
-
- * Changed the homedir of the quagga user to /etc/quagga/ to allow
- admins to put ~/.ssh/authorized_keys there (thanks to Matthias Wamser).
- Closes: #252577
-
- -- Christian Hammers <ch@debian.org> Sat, 5 Jun 2004 14:47:31 +0200
-
-quagga (0.96.5-4) unstable; urgency=medium
-
- * Fixed rules file to use the renamed ./configure option --enable-tcp-md5
- (thanks to Matthias Wamser). Closes: #252141
-
- -- Christian Hammers <ch@debian.org> Tue, 1 Jun 2004 22:58:32 +0200
-
-quagga (0.96.5-3) unstable; urgency=low
-
- * Provided default binary package name to all build depends that were
- virtual packages (thanks to Goswin von Brederlow). Closes: #251625
-
- -- Christian Hammers <ch@debian.org> Sat, 29 May 2004 22:48:53 +0200
-
-quagga (0.96.5-2) unstable; urgency=low
-
- * New upstream version.
- * New md5 patch version (thanks to Niklas Jakobsson and Hasso Tepper).
- Closes: #250985
- * Fixes info file generation (thanks to Peder Chr. Norgaard).
- Closes: #250992
- * Added catalan debconf translation (thanks to Aleix Badia i Bosch).
- Closes: #250118
- * PATCHES:
- This release contains BGP4 MD5 support which requires a kernel patch
- to work. See /usr/share/doc/quagga/README.Debian.MD5.
- (The patch is ht-20040525-0.96.5-bgp-md5.patch from Hasso Tepper)
-
- -- Christian Hammers <ch@debian.org> Thu, 27 May 2004 20:09:37 +0200
-
-quagga (0.96.5-1) unstable; urgency=low
-
- * New upstream version.
- * PATCHES:
- This release contains BGP4 MD5 support which also requires a kernel patch.
- See /usr/share/doc/quagga/README.Debian.MD5 and search for CAN-2004-0230.
-
- -- Christian Hammers <ch@debian.org> Sun, 16 May 2004 17:40:40 +0200
-
-quagga (0.96.4x-10) unstable; urgency=low
-
- * SECURITY:
- This release contains support for MD5 for BGP which is one suggested
- prevention of the actually long known TCP SYN/RST attacks which got
- much news in the last days as ideas were revealed that made them much
- easier probable agains especially the BGP sessions than commonly known.
- There are a lot of arguments agains the MD5 approach but some ISPs
- started to require it.
- See: CAN-2004-0230, http://www.us-cert.gov/cas/techalerts/TA04-111A.html
- * PATCHES:
- This release contains the MD5 patch from Hasso Tepper. It also seems to
- required a kernel patch. See /usr/share/doc/quagga/README.Debian.MD5.
-
- -- Christian Hammers <ch@debian.org> Thu, 29 Apr 2004 01:01:38 +0200
-
-quagga (0.96.4x-9) unstable; urgency=low
-
- * Fixed daemon loading order (thanks to Matt Kemner).
- * Fixed typo in init script (thanks to Charlie Brett). Closes: #238582
-
- -- Christian Hammers <ch@debian.org> Sun, 4 Apr 2004 15:32:18 +0200
-
-quagga (0.96.4x-8) unstable; urgency=low
-
- * Patched upstream source so that quagga header files end up in
- /usr/include/quagga/. Closes: #233792
-
- -- Christian Hammers <ch@debian.org> Mon, 23 Feb 2004 01:42:53 +0100
-
-quagga (0.96.4x-7) unstable; urgency=low
-
- * Fixed info file installation (thanks to Holger Dietze). Closes: #227579
- * Added Japanese translation (thanks to Hideki Yamane). Closes: #227812
-
- -- Christian Hammers <ch@debian.org> Sun, 18 Jan 2004 17:28:29 +0100
-
-quagga (0.96.4x-6) unstable; urgency=low
-
- * Added dependency to iproute.
- * Initscript now checks not only for the pid file but also for the
- daemons presence (thanks to Phil Gregory). Closes: #224389
- * Added my patch to configure file permissions.
-
- -- Christian Hammers <ch@debian.org> Mon, 15 Dec 2003 22:34:29 +0100
-
-quagga (0.96.4x-5) unstable; urgency=low
-
- * Added patch which gives bgpd the CAP_NET_RAW capability to allow it
- to bind to special IPv6 link-local interfaces (Thanks to Bastian Blank).
- Closes: #222930
- * Made woody backport easier by applying Colin Watsons po-debconf hack.
- Thanks to Marc Haber for suggesting it. Closes: #223527
- * Made woody backport easier by applying a patch that removes some
- obscure whitespaces inside an C macro. (Thanks to Marc Haber).
- Closes: #223529
- * Now uses /usr/bin/pager. Closes: #204070
- * Added note about the "official woody backports" on my homepage.
-
- -- Christian Hammers <ch@debian.org> Mon, 15 Dec 2003 20:39:06 +0100
-
-quagga (0.96.4x-4) unstable; urgency=high
-
- * SECURITY:
- Fixes another bug that was originally reported against Zebra.
- .
- http://rhn.redhat.com/errata/RHSA-2003-307.html
- Herbert Xu reported that Zebra can accept spoofed messages sent on the
- kernel netlink interface by other users on the local machine. This could
- lead to a local denial of service attack. The Common Vulnerabilities and
- Exposures project (cve.mitre.org) has assigned the name CAN-2003-0858 to
- this issue.
-
- * Minor improvements to init script (thanks to Iustin Pop).
- Closes: #220938
-
- -- Christian Hammers <ch@debian.org> Sat, 22 Nov 2003 13:27:57 +0100
-
-quagga (0.96.4x-3) unstable; urgency=low
-
- * Changed "more" to "/usr/bin/pager" as default pager if $PAGER or
- $VTYSH_PAGER is not set (thanks to Bastian Blank). Closes: #204070
- * Made the directory (but not the config/log files!) world accessible
- again on user request (thanks to Anand Kumria)). Closes: #213129
- * No longer providing sample configuration in /etc/quagga/. They are
- now only available in /usr/share/doc/quagga/ to avoid accidently
- using them without changing the adresses (thanks to Marc Haber).
- Closes: #215918
-
- -- Christian Hammers <ch@debian.org> Sun, 16 Nov 2003 16:59:30 +0100
-
-quagga (0.96.4x-2) unstable; urgency=low
-
- * Fixed permission problem with pidfile (thanks to Kir Kostuchenko).
- Closes: #220938
-
- -- Christian Hammers <ch@debian.org> Sun, 16 Nov 2003 14:24:08 +0100
-
-quagga (0.96.4x-1) unstable; urgency=low
-
- * Reupload of 0.96.4. Last upload-in-a-hurry produced a totally
- crappy .tar.gz file. Closes: #220621
-
- -- Christian Hammers <ch@debian.org> Fri, 14 Nov 2003 19:45:57 +0100
-
-quagga (0.96.4-1) unstable; urgency=high
-
- * SECURITY: Remote DoS of protocol daemons.
- Fix for a remote triggerable crash in vty layer. The management
- ports ("telnet myrouter ospfd") should not be open to the internet!
-
- * New upstream version.
- - OSPF bugfixes.
- - Some improvements for bgp and rip.
-
- -- Christian Hammers <ch@debian.org> Thu, 13 Nov 2003 11:52:27 +0100
-
-quagga (0.96.3-3) unstable; urgency=low
-
- * Fixed pid file generation by substituting the daemons "-d" by the
- start-stop-daemon option "--background" (thanks to Micha Gaisser).
- Closes: #218103
-
- -- Christian Hammers <ch@debian.org> Wed, 29 Oct 2003 05:17:49 +0100
-
-quagga (0.96.3-2) unstable; urgency=low
-
- * Readded GNOME-PRODUCT-ZEBRA-MIB.
-
- -- Christian Hammers <ch@debian.org> Thu, 23 Oct 2003 06:17:03 +0200
-
-quagga (0.96.3-1) unstable; urgency=medium
-
- * New upstream version.
- * Removed -u and -e in postrm due to problems with debhelper and userdel
- (thanks to Adam Majer and Jaakko Niemi). Closes: #216770
- * Removed SNMP MIBs as they are now included in libsnmp-base (thanks to
- David Engel and Peter Gervai). Closes: #216138, #216086
- * Fixed seq command in init script (thanks to Marc Haber). Closes: #215915
- * Improved /proc check (thanks to Marc Haber). Closes: #212331
-
- -- Christian Hammers <ch@debian.org> Thu, 23 Oct 2003 03:42:02 +0200
-
-quagga (0.96.2-9) unstable; urgency=medium
-
- * Removed /usr/share/info/dir.* which were accidently there and prevented
- the installation by dpkg (thanks to Simon Raven). Closes: #212614
- * Reworded package description (thanks to Anand Kumria). Closes: #213125
- * Added french debconf translation (thanks to Christian Perrier).
- Closes: #212803
-
- -- Christian Hammers <ch@debian.org> Tue, 7 Oct 2003 13:26:58 +0200
-
-quagga (0.96.2-8) unstable; urgency=low
-
- * debian/rules now checks if /proc is mounted as ./configure needs
- it but just fails with an obscure error message if it is absent.
- (Thanks to Norbert Tretkowski). Closes: #212331
-
- -- Christian Hammers <ch@debian.org> Tue, 23 Sep 2003 12:57:38 +0200
-
-quagga (0.96.2-7) unstable; urgency=low
-
- * Last build was rejected due to a buggy dpkg-dev version. Rebuild.
-
- -- Christian Hammers <ch@debian.org> Mon, 22 Sep 2003 20:34:12 +0200
-
-quagga (0.96.2-6) unstable; urgency=low
-
- * Fixed init script so that is is now possible to just start
- the bgpd but not the zebra daemon. Also daemons are now actually
- started in the order defined their priority. (Thanks to Thomas Kaehn
- and Jochen Friedrich) Closes: #210924
-
- -- Christian Hammers <ch@debian.org> Fri, 19 Sep 2003 21:17:02 +0200
-
-quagga (0.96.2-5) unstable; urgency=low
-
- * For using quagga as BGP route server or similar, it is not
- wanted to have the zebra daemon running too. For this reason
- it can now be disabled in /etc/quagga/daemons, too.
- (Thanks to Jochen Friedrich). Closes: #210924
- * Attached *unapplied* patch for the ISIS protocol. I did not dare
- to apply it as long as upstream does not do it but this way give
- users the possibilities to use it if they like to.
- (Thanks to Remco van Mook)
-
- -- Christian Hammers <ch@debian.org> Wed, 17 Sep 2003 19:57:31 +0200
-
-quagga (0.96.2-4) unstable; urgency=low
-
- * Enabled IPV6 router advertisement feature by default on user request
- (thanks to Jochen Friedrich and Hasso Tepper). Closes: #210732
- * Updated GNU autoconf to let it build on hppa/parisc64 (thanks to
- lamont). Closes: #210492
-
- -- Christian Hammers <ch@debian.org> Sat, 13 Sep 2003 14:11:13 +0200
-
-quagga (0.96.2-3) unstable; urgency=medium
-
- * Removed unnecessary "-lcrypto" to avoid dependency against OpenSSL
- which would require further copyright addtions.
-
- -- Christian Hammers <ch@debian.org> Wed, 10 Sep 2003 01:37:28 +0200
-
-quagga (0.96.2-2) unstable; urgency=low
-
- * Added note that config files of quagga are in /etc/quagga and
- not /etc/zebra for the zebra users that migrate to quagga.
- (Thanks to Roberto Suarez Soto for the idea)
- * Fixed setgid rights in /etc/quagga.
-
- -- Christian Hammers <ch@debian.org> Wed, 27 Aug 2003 14:05:39 +0200
-
-quagga (0.96.2-1) unstable; urgency=low
-
- * This package has formally been known as "zebra-pj"!
- * New upstream release.
- Fixes "anoying OSPF problem".
- * Modified group ownerships so that vtysh can now be used by normal
- uses if they are in the quaggavty group.
-
- -- Christian Hammers <ch@debian.org> Mon, 25 Aug 2003 23:40:14 +0200
-
-quagga (0.96.1-1) unstable; urgency=low
-
- * Zebra-pj, the fork of zebra has been renamed to quagga as the original
- upstream author asked the new project membed not to use "zebra" in the
- name. zebra-pj is obsolete.
-
- -- Christian Hammers <ch@debian.org> Mon, 18 Aug 2003 23:37:20 +0200
-
-zebra-pj (0.94+cvs20030721-1) unstable; urgency=low
-
- * New CVS build.
- - OSPF changes (integration of the OSPF API?)
- - code cleanups (for ipv6?)
- * Tightened Build-Deps to gcc-2.95 as 3.x does not compile a stable ospfd.
- This is a known problem and has been discussed on the mailing list.
- No other solutions so far.
-
- -- Christian Hammers <ch@debian.org> Mon, 21 Jul 2003 23:52:00 +0200
-
-zebra-pj (0.94+cvs20030701-1) unstable; urgency=low
-
- * Initial Release.
-
- -- Christian Hammers <ch@debian.org> Tue, 1 Jul 2003 01:58:06 +0200
+++ /dev/null
-Source: frr
-Section: net
-Priority: optional
-Maintainer: Nobody <nobody@frrouting.org>
-Uploaders: Nobody <nobody@frrouting.org>
-XSBC-Original-Maintainer: <maintainers@frrouting.org>
-Build-Depends: debhelper (>= 7.0.50~), libreadline-dev, libpam0g-dev | libpam-dev, libcap-dev, texinfo (>= 4.7), autotools-dev, libpcre3-dev, gawk, chrpath, libsnmp-dev, git, dh-autoreconf, libjson-c-dev, libjson-c2 | libjson-c3, dh-systemd, libsystemd-dev, bison, flex, libc-ares-dev, pkg-config, python (>= 2.7) | python3, python-sphinx | python3-sphinx, libpython-dev | libpython3-dev, install-info
-Standards-Version: 3.9.6
-Homepage: http://www.frrouting.org/
-
-Package: frr
-Architecture: any
-Depends: ${shlibs:Depends}, logrotate (>= 3.2-11), iproute2 | iproute, ${misc:Depends}, libc-ares2
-Pre-Depends: adduser
-Conflicts: zebra, zebra-pj, quagga
-Replaces: zebra, zebra-pj
-Suggests: snmpd
-Description: BGP/OSPF/RIP/RIPng/ISIS/PIM/LDP routing daemon forked from Quagga
- FRR is free software which manages TCP/IP based routing protocols.
- It supports BGP4, BGP4+, OSPFv2, OSPFv3, IS-IS, RIPv1, RIPv2, RIPng,
- PIM and LDP as well as the IPv6 versions of these.
- .
- FRR is a fork of Quagga with an open community model. The main git
- lives on https://github.com/frrouting/frr.git
-
-Package: frr-dbg
-Architecture: any
-Depends: ${shlibs:Depends}, ${misc:Depends}, frr (= ${binary:Version})
-Priority: extra
-Section: debug
-Description: BGP/OSPF/RIP/RIPng/ISIS/PIM/LDP routing daemon (debug symbols)
- This package provides debugging symbols for all binary packages built
- from frr source package. It's highly recommended to have this package
- installed before reporting any FRR crashes to either FRR developers or
- Debian package maintainers.
-
-Package: frr-doc
-Section: net
-Architecture: all
-Depends: ${misc:Depends}
-Suggests: frr
-Description: BGP/OSPF/RIP/RIPng/ISIS/PIM/LDP routing daemon (documentation)
- This package includes info files for frr, a free software which manages
- TCP/IP based routing protocols. It supports BGP4, BGP4+, OSPFv2, OSPFv3,
- IS-IS, RIPv1, RIPv2, RIPng, PIM and LDP as well as the IPv6 versions of these.
-
-Package: frr-pythontools
-Section: net
-Architecture: all
-Depends: ${misc:Depends}, frr (= ${binary:Version}), python (>= 2.7), python-ipaddr
-Description: BGP/OSPF/RIP/RIPng/ISIS/PIM/LDP routing daemon (Python Tools)
- This package includes info files for frr, a free software which manages
- TCP/IP based routing protocols. It supports BGP4, BGP4+, OSPFv2, OSPFv3,
- IS-IS, RIPv1, RIPv2, RIPng, PIM and LDP as well as the IPv6 versions of these.
+++ /dev/null
-Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
-Upstream-Name: Frr
-Upstream-Contact: maintainers@frrouting.org, security@frrouting.org
-Source: http://www.frrouting.org/
-
-Files: *
-Copyright: 1996-2003 by the original Zebra authors:
- Kunihiro Ishiguro <kunihiro@zebra.org>
- Toshiaki Takada <takada@zebra.org>
- Yasuhiro Ohara <yasu@sfc.wide.ad.jp>
- 2003-2012 by the Quagga Project, mostly Paul Jakma <paul@jakma.org>
-License: GPL-2+
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
- (at your option) any later version.
- .
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
- .
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
- .
- On Debian systems, the full text of the GNU General Public
- License version 2 can be found in the file
- `/usr/share/common-licenses/GPL-2'.
+++ /dev/null
-frr-dbg: debug-file-with-no-debug-symbols usr/lib/debug/usr/lib/libfrrfpm_pb.so.0.0.0
+++ /dev/null
-README.md
-doc/user/*.rst
-doc/figures/*.png
+++ /dev/null
-doc/user/_build/texinfo/frr.info
+++ /dev/null
-doc/user/_build/texinfo/*.png usr/share/info
+++ /dev/null
-frr-doc: wrong-section-according-to-package-name frr-doc => doc
+++ /dev/null
-tools/frr-reload.py usr/lib/frr/
+++ /dev/null
-# Create the /run/frr directory at boot or from systemd-tmpfiles on install
-d /run/frr 0755 frr frr
+++ /dev/null
-etc/logrotate.d/
-etc/frr/
-etc/iproute2/rt_protos.d/
-usr/share/doc/frr/
-usr/share/doc/frr/examples/
-usr/share/lintian/overrides/
-var/log/frr/
+++ /dev/null
-tools
-debian/README.Debian
+++ /dev/null
-etc/frr/
-usr/bin/vtysh
-usr/bin/mtracebis
-usr/include/frr/
-usr/lib/
-tools/frr usr/lib/frr
-usr/share/doc/frr/
-tools/etc/* etc/
-tools/*.service lib/systemd/system
-tools/frr-reload usr/lib/frr/
-debian/frr.conf usr/lib/tmpfiles.d
+++ /dev/null
-frr: non-dev-pkg-with-shlib-symlink usr/lib/libfrrospfapiclient.so.0.0.0 usr/lib/libfrrospfapiclient.so
-frr: non-dev-pkg-with-shlib-symlink usr/lib/libfrr.so.0.0.0 usr/lib/libfrr.so
-frr: non-dev-pkg-with-shlib-symlink usr/lib/libfrrfpm_pb.so.0.0.0 usr/lib/libfrrfpm_pb.so
-frr: package-name-doesnt-match-sonames libfrr0 libfrrfpm-pb0 libfrrospfapiclient0
-frr: systemd-service-file-refers-to-unusual-wantedby-target lib/systemd/system/frr.service network-online.target
-frr: shared-lib-without-dependency-information usr/lib/libfrrfpm_pb.so.0.0.0
+++ /dev/null
-/var/log/frr/*.log {
- size 500k
- sharedscripts
- missingok
- compress
- rotate 14
- create 640 frr frrvty
-
- postrotate
- pid=$(lsof -t -a -c /syslog/ /var/log/frr/* 2>/dev/null)
- if [ -n "$pid" ]
- then # using syslog
- kill -HUP $pid
- fi
- # in case using file logging; if switching back and forth
- # between file and syslog, rsyslogd might still have file
- # open, as well as the daemons, so always signal the daemons.
- # It's safe, a NOP if (only) syslog is being used.
- for i in babeld bgpd eigrpd isisd ldpd nhrpd ospf6d ospfd \
- pimd ripd ripngd zebra staticd ; do
- if [ -e /var/run/frr/$i.pid ] ; then
- pids="$pids $(cat /var/run/frr/$i.pid)"
- fi
- done
- [ -n "$pids" ] && kill -USR1 $pids || true
- endscript
-}
+++ /dev/null
-doc/manpages/_build/man/frr.1
-doc/manpages/_build/man/bgpd.8
-doc/manpages/_build/man/pimd.8
-doc/manpages/_build/man/eigrpd.8
-doc/manpages/_build/man/ldpd.8
-doc/manpages/_build/man/nhrpd.8
-doc/manpages/_build/man/ospf6d.8
-doc/manpages/_build/man/ospfd.8
-doc/manpages/_build/man/ripd.8
-doc/manpages/_build/man/ripngd.8
-doc/manpages/_build/man/vtysh.1
-doc/manpages/_build/man/zebra.8
-doc/manpages/_build/man/isisd.8
-doc/manpages/_build/man/watchfrr.8
-doc/manpages/_build/man/mtracebis.8
+++ /dev/null
-# Any user may call vtysh but only those belonging to the group frrvty can
-# actually connect to the socket and use the program.
-auth sufficient pam_permit.so
+++ /dev/null
-#!/bin/bash -e
-
-######################
-PASSWDFILE=/etc/passwd
-GROUPFILE=/etc/group
-
-frruid=`egrep "^frr:" $PASSWDFILE | awk -F ":" '{ print $3 }'`
-frrgid=`egrep "^frr:" $GROUPFILE | awk -F ":" '{ print $3 }'`
-frrvtygid=`egrep "^frrvty:" $GROUPFILE | awk -F ":" '{ print $3 }'`
-
-[ -n ${frruid} ] || (echo "No uid for frr in ${PASSWDFILE}" && /bin/false)
-[ -n ${frrgid} ] || (echo "No gid for frr in ${GROUPFILE}" && /bin/false)
-[ -n ${frrVTYgid} ] || (echo "No gid for frrvty in ${GROUPFILE}" && /bin/false)
-
-chown ${frruid}:${frrgid} /etc/frr
-chown ${frruid}:${frrgid} /etc/frr/*
-touch /etc/frr/vtysh.conf
-chgrp ${frrvtygid} /etc/frr/vtysh*
-chmod 644 /etc/frr/*
-
-ENVIRONMENTFILE=/etc/environment
-if ! egrep --quiet '^VTYSH_PAGER=' ${ENVIRONMENTFILE}; then
- echo "VTYSH_PAGER=/bin/cat" >> ${ENVIRONMENTFILE}
-fi
-##################################################
-
-if [ -n "$DEBIAN_SCRIPT_DEBUG" ]; then set -v -x; DEBIAN_SCRIPT_TRACE=1; fi
-${DEBIAN_SCRIPT_TRACE:+ echo "#42#DEBUG# RUNNING $0 $*"}
-
-# This is most likely due to the answer "no" to the "really stop the server"
-# question in the prerm script.
-if [ "$1" = "abort-upgrade" ]; then
- exit 0
-fi
-
-#DEBHELPER#
-
+++ /dev/null
-#!/bin/bash -e
-
-if [ -n "$DEBIAN_SCRIPT_DEBUG" ]; then set -v -x; DEBIAN_SCRIPT_TRACE=1; fi
-${DEBIAN_SCRIPT_TRACE:+ echo "#42#DEBUG# RUNNING $0 $*"}
-# set -u not because of debhelper
-
-if [ "$1" = "purge" ]; then
- rm -rf /etc/frr /var/run/frr /var/log/frr
- userdel frr >/dev/null 2>&1 || true
-fi
-
-#DEBHELPER#
+++ /dev/null
-#!/bin/bash
-
-if [ -n "$DEBIAN_SCRIPT_DEBUG" ]; then set -v -x; DEBIAN_SCRIPT_TRACE=1; fi
-${DEBIAN_SCRIPT_TRACE:+ echo "#42#DEBUG# RUNNING $0 $*"}
-set -e
-set -u
-
-# creating frrvty group if it isn't already there
-if ! getent group frrvty >/dev/null; then
- addgroup --system frrvty >/dev/null
-fi
-
-# creating frr group if it isn't already there
-if ! getent group frr >/dev/null; then
- addgroup --system frr >/dev/null
-fi
-
-# creating frr user if he isn't already there
-if ! getent passwd frr >/dev/null; then
- adduser \
- --system \
- --ingroup frr \
- --home /var/run/frr/ \
- --gecos "Frr routing suite" \
- --shell /bin/false \
- frr >/dev/null
-fi
-
-# We may be installing over an older version of
-# frr and as such we need to intelligently
-# check to see if the frr user is in the frrvty
-# group.
-if ! id frr | grep &>/dev/null 'frrvty'; then
- usermod -a -G frrvty frr >/dev/null
-fi
-
-# Do not change permissions when upgrading as it would violate policy.
-if [ "$1" = "install" ]; then
- # Logfiles are group readable in case users were put into the frr group.
- d=/var/log/frr/
- mkdir -p $d
- chown frr:frr $d
- chown --quiet frr:frr $d/* | true
- chmod u=rwx,go=rx $d
- find $d -type f -print0 | xargs -0 --no-run-if-empty chmod u=rw,g=r,o=
-
- # Strict permissions for the sockets.
- d=/var/run/frr/
- mkdir -p $d
- chown frr:frr $d
- chown --quiet frr:frr $d/* | true
- chmod u=rwx,go=rx $d
- find $d -type f -print0 | xargs -0 --no-run-if-empty chmod u=rw,go=
-
- # Config files. Vtysh does not have access to the individual daemons config file
- d=/etc/frr/
- mkdir -p $d
- chown frr:frrvty $d
- chmod ug=rwx,o=rx $d
- find $d -type f -print0 | xargs -0 --no-run-if-empty chown frr:frr
- find $d -type f -print0 | xargs -0 --no-run-if-empty chmod u=rw,g=r,o=
-
- # Exceptions for vtysh.
- f=$d/vtysh.conf
- if [ -f $f ]; then
- chown frr:frrvty $f
- chmod u=rw,g=r,o= $f
- fi
-
- # Exceptions for vtysh.
- f=$d/frr.conf
- if [ -f $d/Zebra.conf ]; then
- mv $d/Zebra.conf $f
- fi
- if [ -f $f ]; then
- chown frr:frrvty $f
- chmod u=rw,g=r,o= $f
- fi
-fi
-
-#DEBHELPER#
+++ /dev/null
-#!/bin/bash -e
-
-if [ -n "$DEBIAN_SCRIPT_DEBUG" ]; then set -v -x; DEBIAN_SCRIPT_TRACE=1; fi
-${DEBIAN_SCRIPT_TRACE:+ echo "#42#DEBUG# RUNNING $0 $*"}
-
-# prerm remove
-# old-prerm upgrade new-version
-# new-prerm failed-upgrade old-version
-# conflictor's-prerm remove in-favour package new-version
-# deconfigured's-prerm deconfigure in-favour package-being-installed version removing conflicting-package
-case $1 in
- remove|upgrade)
- ;;
-
- failed-upgrade)
- # If frr/really_stop was negated then this script exits with return
- # code 1 and is called again with "failed-upgrade". Well, exit again.
- exit 1
- ;;
-
-esac
-
-#DEBHELPER#
+++ /dev/null
-#!/usr/bin/make -f
-
-# FRRouting Configuration options
-######################################
-#
-# WANT_xxxx --> Set to 1 for enable, 0 for disable
-# The following are the defaults. They can be overridden by setting a
-# env variable to a different value
-
-# -Werror - don't enable this unless you're doing a dev package build
-WANT_WERROR ?= 0
-
-WANT_OSPFAPI ?= 1
-WANT_BGP_VNC ?= 1
-WANT_CUMULUS_MODE ?= 0
-WANT_MULTIPATH ?= 1
-WANT_SNMP ?= 0
-WANT_RPKI ?= 0
-
-# NOTES:
-#
-# If you use WANT_RPKI, then there is a new dependency for librtr0 package
-# and a build dependency of the librtr-dev package.
-# While the librtr0 is added to the depenencies automatically, the build
-# dependency can't be changed dynamically and building will fail if the
-# librtr-dev isn't installed during package build
-# Tested versions of both packages can be found at
-# https://ci1.netdef.org/browse/RPKI-RTRLIB/latestSuccessful/artifact
-#
-# If multipath is enabled (WANT_MULTIPATH=1), then set number of multipaths here
-# Please be aware that 0 is NOT disabled, but treated as unlimited
-
-MULTIPATH ?= 256
-
-# Set the following to the value required (or leave alone for the default below)
-# WANT_FRR_USER is used for the username and groupname of the FRR user account
-
-WANT_FRR_USER ?= frr
-WANT_FRR_VTY_GROUP ?= frrvty
-
-# Don't build PDF docs by default
-# add build deps: texlive-latex-base, texlive-generic-recommended
-GENERATE_PDF ?= 0
-
-#
-####################################
-
-export DH_VERBOSE=1
-export DEB_BUILD_MAINT_OPTIONS = hardening=+all
-export DH_OPTIONS=-v
-
-ifeq ($(WANT_SNMP), 1)
- USE_SNMP=--enable-snmp
- $(warning "DEBIAN: SNMP enabled, sorry for your inconvenience")
-else
- USE_SNMP=--disable-snmp
- $(warning "DEBIAN: SNMP disabled, see README.Debian")
-endif
-
-ifeq ($(WANT_OSPFAPI), 1)
- USE_OSPFAPI=--enable-ospfapi=yes
-else
- USE_OSPFAPI=--enable-ospfapi=no
-endif
-
-ifeq ($(WANT_BGP_VNC), 1)
- USE_BGP_VNC=--enable-bgp-vnc=yes
-else
- USE_BGP_VNC=--enable-bgp-vnc=no
-endif
-
-USE_FRR_USER=--enable-user=$(WANT_FRR_USER)
-USE_FRR_GROUP=--enable-group=$(WANT_FRR_USER)
-USE_FRR_VTY_GROUP=--enable-vty-group=$(WANT_FRR_VTY_GROUP)
-
-ifeq ($(WANT_MULTIPATH), 1)
- USE_MULTIPATH=--enable-multipath=$(MULTIPATH)
-else
- USE_MULTIPATH=--disable-multipath
-endif
-
-ifeq ($(WANT_CUMULUS_MODE), 1)
- USE_CUMULUS=--enable-cumulus=yes
-else
- USE_CUMULUS=--enable-cumulus=no
-endif
-
-ifeq ($(WANT_RPKI), 1)
- USE_RPKI=--enable-rpki
-else
- USE_RPKI=--disable-rpki
-endif
-
-ifeq ($(WANT_WERROR), 1)
- USE_WERROR=--enable-werror
-else
- USE_WERROR=--disable-werror
-endif
-
-ifneq (,$(filter parallel=%,$(DEB_BUILD_OPTIONS)))
- DEBIAN_JOBS := $(subst parallel=,,$(filter parallel=%,$(DEB_BUILD_OPTIONS)))
-endif
-
-ifdef DEBIAN_JOBS
-MAKEFLAGS += -j$(DEBIAN_JOBS)
-endif
-
-%:
- dh $@ --with=systemd,autoreconf --parallel --dbg-package=frr-dbg --list-missing
-
-override_dh_gencontrol:
-ifeq ($(WANT_RPKI), 1)
- dh_gencontrol -- -Vdist:Depends="librtr0 (>= 0.5)"
-else
- dh_gencontrol
-endif
-
-override_dh_auto_configure:
- if ! [ -e config.status ]; then \
- dh_auto_configure -- \
- --enable-exampledir=/usr/share/doc/frr/examples/ \
- --localstatedir=/var/run/frr \
- --sbindir=/usr/lib/frr \
- --sysconfdir=/etc/frr \
- $(USE_SNMP) \
- $(USE_OSPFAPI) \
- $(USE_MULTIPATH) \
- --enable-fpm \
- $(USE_FRR_USER) $(USE_FRR_GROUP) \
- $(USE_FRR_VTY_GROUP) \
- --enable-configfile-mask=0640 \
- --enable-logfile-mask=0640 \
- $(USE_WERROR) \
- --with-libpam \
- --enable-systemd=yes \
- $(USE_CUMULUS) \
- --disable-dependency-tracking \
- $(USE_BGP_VNC) \
- $(USE_RPKI) \
- $(shell dpkg-buildflags --export=configure); \
- fi
-
-override_dh_auto_build:
- dh_auto_build
-
-override_dh_auto_test:
-
-override_dh_auto_install:
- dh_auto_install
-
- # installed in frr-pythontools
- rm debian/tmp/usr/lib/frr/frr-reload.py
-
- # cleaning up the info dir
- rm -f debian/tmp/usr/share/info/dir*
-
- # install config files
- mkdir -p debian/tmp/etc/frr/
- perl -pi -e 's#^!log file #!log file /var/log/frr/#' debian/tmp/usr/share/doc/frr/examples/*sample*
-
- # we don't need .la files
- rm debian/tmp/usr/lib/*.la
- rm debian/tmp/usr/lib/frr/modules/*.la
-
-override_dh_systemd_start:
- dh_systemd_start frr.service
-
-override_dh_systemd_enable:
- dh_systemd_enable frr.service
-
-# backports
-SRCPKG = frr
-KNOWN_BACKPORTS = debian8 debian9 ubuntu14.04 ubuntu16.04 ubuntu17.10 ubuntu18.04
-DEBIAN_VERSION := $(shell dh_testdir && \
- dpkg-parsechangelog -c1 < debian/changelog | \
- sed -rn 's/^Version: ?//p')
-ORIG_VERSION := $(DEBIAN_VERSION)
--include debian/backports/rules
-
-ifneq ($(TARBALLDIR),)
-ifeq ($(wildcard frr-$(ORIG_VERSION).tar.gz),frr-$(ORIG_VERSION).tar.gz)
-
-$(TARBALLDIR)/$(SRCPKG)_$(ORIG_VERSION).orig.tar.gz: \
- frr-$(ORIG_VERSION).tar.gz
- cp $< $@
-
-else # wildcard frr-$(ORIG_VERSION).tar.gz
-
-# better error message on missing .orig.tar.gz
-$(TARBALLDIR)/$(SRCPKG)_$(ORIG_VERSION).orig.tar.gz:
- @ echo "\`$(TARBALLDIR)/$(SRCPKG)-$(ORIG_VERSION).tar.gz'" not \
- found and not generated by debian/rules. Provided you have the \
- necessary packages installed, you can generate it yourself via \
- "\"./bootstrap.sh && ./configure && make dist\"".
- exit 1
-
-endif # wildcard frr-$(ORIG_VERSION).tar.gz
-endif # TARBALLDIR nonempty
+++ /dev/null
-#
-# debianpkg
-#
-
-EXTRA_DIST += \
- debianpkg/README.Debian \
- debianpkg/README.Maintainer \
- debianpkg/changelog \
- debianpkg/compat \
- debianpkg/control \
- debianpkg/copyright \
- debianpkg/rules \
- debianpkg/source/format \
- debianpkg/tests/control \
- debianpkg/tests/daemons \
- debianpkg/watchfrr.rc \
- \
- debianpkg/backports/README \
- debianpkg/backports/rules \
- debianpkg/backports/debian8/debian/source/format \
- debianpkg/backports/debian8/exclude \
- debianpkg/backports/debian8/versionext \
- debianpkg/backports/debian9/debian/source/format \
- debianpkg/backports/debian9/exclude \
- debianpkg/backports/debian9/versionext \
- debianpkg/backports/ubuntu14.04/debian/control \
- debianpkg/backports/ubuntu14.04/debian/frr.install \
- debianpkg/backports/ubuntu14.04/debian/rules \
- debianpkg/backports/ubuntu14.04/debian/source/format \
- debianpkg/backports/ubuntu14.04/exclude \
- debianpkg/backports/ubuntu14.04/versionext \
- debianpkg/backports/ubuntu16.04/debian/source/format \
- debianpkg/backports/ubuntu16.04/exclude \
- debianpkg/backports/ubuntu16.04/versionext \
- debianpkg/backports/ubuntu17.10/debian/control \
- debianpkg/backports/ubuntu17.10/debian/source/format \
- debianpkg/backports/ubuntu17.10/exclude \
- debianpkg/backports/ubuntu17.10/versionext \
- debianpkg/backports/ubuntu18.04/debian/control \
- debianpkg/backports/ubuntu18.04/debian/source/format \
- debianpkg/backports/ubuntu18.04/exclude \
- debianpkg/backports/ubuntu18.04/versionext \
- \
- debianpkg/frr-dbg.lintian-overrides \
- debianpkg/frr-doc.docs \
- debianpkg/frr-doc.info \
- debianpkg/frr-doc.install \
- debianpkg/frr-doc.lintian-overrides \
- debianpkg/frr-pythontools.install \
- debianpkg/frr.conf \
- debianpkg/frr.dirs \
- debianpkg/frr.docs \
- debianpkg/frr.install \
- debianpkg/frr.lintian-overrides \
- debianpkg/frr.logrotate \
- debianpkg/frr.manpages \
- debianpkg/frr.pam \
- debianpkg/frr.postinst \
- debianpkg/frr.postrm \
- debianpkg/frr.preinst \
- debianpkg/frr.prerm \
- # end
+++ /dev/null
-Tests: daemons
-Depends: frr
-Restrictions: needs-root
+++ /dev/null
-#!/bin/bash
-#---------------
-# Testing frr
-#---------------
-set -e
-
-# modify config file to enable all daemons and copy config files
-CONFIG_FILE=/etc/frr/daemons
-DAEMONS=("zebra" "bgpd" "ospfd" "ospf6d" "ripd" "ripngd" "isisd" "pimd")
-
-for daemon in "${DAEMONS[@]}"
-do
- sed -i -e "s/${daemon}=no/${daemon}=yes/g" $CONFIG_FILE
- cp /usr/share/doc/frr/examples/${daemon}.conf.sample /etc/frr/${daemon}.conf
-done
-
-# reload frr
-/etc/init.d/frr restart > /dev/null 2>&1
-
-# check daemons
-for daemon in "${DAEMONS[@]}"
-do
- echo -n "check $daemon - "
- if pidof -x $daemon > /dev/null; then
- echo "${daemon} OK"
- else
- echo "ERROR: ${daemon} IS NOT RUNNING"
- exit 1
- fi
-done
+++ /dev/null
-check process watchfrr with pidfile /var/run/frr/watchfrr.pid
- start program = "/etc/init.d/frr start watchfrr" with timeout 120 seconds
- stop program = "/etc/init.d/frr stop watchfrr"
- if 3 restarts within 10 cycles then timeout
for
-Ubuntu 12.04LTS:
-
-::
-
- sudo apt-get install build-essential subversion git-core \
- libncurses5-dev zlib1g-dev gawk flex quilt libssl-dev xsltproc \
- libxml-parser-perl mercurial bzr ecj cvs unzip python3-sphinx
-
-Ubuntu 64bit:
+Ubuntu:
::
+++ /dev/null
-Ubuntu 12.04LTS
-===============================================
-
-- MPLS is not supported on ``Ubuntu 12.04`` with default kernel. MPLS
- requires Linux Kernel 4.5 or higher (LDP can be built, but may have
- limited use without MPLS) For an updated Ubuntu Kernel, see
- http://kernel.ubuntu.com/~kernel-ppa/mainline/
-
-Install required packages
--------------------------
-
-Add packages:
-
-::
-
- apt-get install \
- git autoconf automake libtool make gawk libreadline-dev texinfo \
- dejagnu pkg-config libpam0g-dev libjson0-dev flex python-pip \
- libc-ares-dev python3-dev python3-sphinx install-info
-
-Install newer bison from 14.04 package source (Ubuntu 12.04 package
-source is too old)
-
-::
-
- mkdir builddir
- cd builddir
- wget http://archive.ubuntu.com/ubuntu/pool/main/b/bison/bison_3.0.2.dfsg-2.dsc
- wget http://archive.ubuntu.com/ubuntu/pool/main/b/bison/bison_3.0.2.dfsg.orig.tar.bz2
- wget http://archive.ubuntu.com/ubuntu/pool/main/b/bison/bison_3.0.2.dfsg-2.debian.tar.gz
- tar -jxvf bison_3.0.2.dfsg.orig.tar.bz2
- cd bison-3.0.2.dfsg/
- tar xzf ../bison_3.0.2.dfsg-2.debian.tar.gz
- sudo apt-get build-dep bison
- debuild -b -uc -us
- cd ..
- sudo dpkg -i ./libbison-dev_3.0.2.dfsg-2_amd64.deb ./bison_3.0.2.dfsg-2_amd64.deb
- cd ..
- rm -rf builddir
-
-Install newer version of autoconf and automake:
-
-::
-
- wget http://ftp.gnu.org/gnu/autoconf/autoconf-2.69.tar.gz
- tar xvf autoconf-2.69.tar.gz
- cd autoconf-2.69
- ./configure --prefix=/usr
- make
- sudo make install
- cd ..
-
- wget http://ftp.gnu.org/gnu/automake/automake-1.15.tar.gz
- tar xvf automake-1.15.tar.gz
- cd automake-1.15
- ./configure --prefix=/usr
- make
- sudo make install
- cd ..
-
-Install pytest:
-
-::
-
- pip install pytest
-
-Get FRR, compile it and install it (from Git)
----------------------------------------------
-
-**This assumes you want to build and install FRR from source and not
-using any packages**
-
-Add frr groups and user
-^^^^^^^^^^^^^^^^^^^^^^^
-
-::
-
- sudo groupadd -r -g 92 frr
- sudo groupadd -r -g 85 frrvty
- sudo adduser --system --ingroup frr --home /var/run/frr/ \
- --gecos "FRR suite" --shell /sbin/nologin frr
- sudo usermod -a -G frrvty frr
-
-Download Source, configure and compile it
-^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
-
-(You may prefer different options on configure statement. These are just
-an example.)
-
-::
-
- git clone https://github.com/frrouting/frr.git frr
- cd frr
- ./bootstrap.sh
- ./configure \
- --prefix=/usr \
- --enable-exampledir=/usr/share/doc/frr/examples/ \
- --localstatedir=/var/run/frr \
- --sbindir=/usr/lib/frr \
- --sysconfdir=/etc/frr \
- --enable-pimd \
- --enable-watchfrr \
- --enable-ospfclient=yes \
- --enable-ospfapi=yes \
- --enable-multipath=64 \
- --enable-user=frr \
- --enable-group=frr \
- --enable-vty-group=frrvty \
- --enable-configfile-mask=0640 \
- --enable-logfile-mask=0640 \
- --enable-rtadv \
- --enable-fpm \
- --with-pkg-git-version \
- --with-pkg-extra-version=-MyOwnFRRVersion
- make
- make check
- sudo make install
-
-Create empty FRR configuration files
-^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
-
-::
-
- sudo install -m 755 -o frr -g frr -d /var/log/frr
- sudo install -m 775 -o frr -g frrvty -d /etc/frr
- sudo install -m 640 -o frr -g frr /dev/null /etc/frr/zebra.conf
- sudo install -m 640 -o frr -g frr /dev/null /etc/frr/bgpd.conf
- sudo install -m 640 -o frr -g frr /dev/null /etc/frr/ospfd.conf
- sudo install -m 640 -o frr -g frr /dev/null /etc/frr/ospf6d.conf
- sudo install -m 640 -o frr -g frr /dev/null /etc/frr/isisd.conf
- sudo install -m 640 -o frr -g frr /dev/null /etc/frr/ripd.conf
- sudo install -m 640 -o frr -g frr /dev/null /etc/frr/ripngd.conf
- sudo install -m 640 -o frr -g frr /dev/null /etc/frr/pimd.conf
- sudo install -m 640 -o frr -g frr /dev/null /etc/frr/ldpd.conf
- sudo install -m 640 -o frr -g frr /dev/null /etc/frr/nhrpd.conf
- sudo install -m 640 -o frr -g frrvty /dev/null /etc/frr/vtysh.conf
-
-Enable IP & IPv6 forwarding
-^^^^^^^^^^^^^^^^^^^^^^^^^^^
-
-Edit ``/etc/sysctl.conf`` and uncomment the following values (ignore the
-other settings)
-
-::
-
- # Uncomment the next line to enable packet forwarding for IPv4
- net.ipv4.ip_forward=1
-
- # Uncomment the next line to enable packet forwarding for IPv6
- # Enabling this option disables Stateless Address Autoconfiguration
- # based on Router Advertisements for this host
- net.ipv6.conf.all.forwarding=1
-
-**Reboot** or use ``sysctl -p`` to apply the same config to the running
-system
-
-Install the init.d service
-^^^^^^^^^^^^^^^^^^^^^^^^^^
-
-::
-
- sudo install -m 755 tools/frr /etc/init.d/frr
- sudo install -m 644 tools/etc/frr/daemons /etc/frr/daemons
- sudo install -m 644 -o frr -g frr tools/etc/frr/vtysh.conf /etc/frr/vtysh.conf
-
-Enable daemons
-^^^^^^^^^^^^^^
-
-| Edit ``/etc/frr/daemons`` and change the value from "no" to "yes" for
- those daemons you want to start by systemd.
-| For example.
-
-::
-
- zebra=yes
- bgpd=yes
- ospfd=yes
- ospf6d=yes
- ripd=yes
- ripngd=yes
- isisd=yes
-
-Start the init.d service
-^^^^^^^^^^^^^^^^^^^^^^^^
-
-- /etc/init.d/frr start
-- use ``/etc/init.d/frr status`` to check its status.
building-frr-on-netbsd7
building-frr-on-omnios
building-frr-on-openbsd6
- building-frr-on-ubuntu1204
building-frr-on-ubuntu1404
building-frr-on-ubuntu1604
building-frr-on-ubuntu1804
4. Update Changelog for Debian Packages:
- Edit :file:`debianpkg/changelog.in`:
+ Edit :file:`debian/changelog-auto.in`:
- Change last (top of list) entry from ``@VERSION@`` to previous fixed
version number, i.e.::
Debian
======
-(Tested on Ubuntu 12.04, 14.04, 16.04, 17.10, 18.04, Debian 8 and 9)
+(Tested on Ubuntu 14.04, 16.04, 17.10, 18.04, Debian jessie, stretch and
+buster.)
-.. note::
-
- If you try to build for a different distro, then it will most likely fail
- because of the missing backport. See :ref:`deb-backports` about adding a new
- backport.
-
-1. Install build dependencies for your platform as outlined in :ref:`building`.
-
-2. Install the following additional packages:
-
- - on Ubuntu 12.04, 14.04, 16.04, 17.10, Debian 8 and 9:
+1. Install the Debian packaging tools:
.. code-block:: shell
- apt-get install realpath equivs groff fakeroot debhelper devscripts
+ sudo apt install fakeroot debhelper devscripts
- - on Ubuntu 18.04: (realpath is now part of preinstalled by coreutils)
+2. Install build dependencies using the `mk-build-deps` tool from the
+ `devscripts` package:
.. code-block:: shell
- apt-get install equivs groff fakeroot debhelper devscripts
+ sudo mk-build-deps --install debianpkg/control
+
+ Alternatively, you can manually install build dependencies for your
+ platform as outlined in :ref:`building`.
-3. Checkout FRR under a **unprivileged** user account:
+3. Checkout FRR under an **unprivileged** user account:
.. code-block:: shell
git checkout <branch>
-4. Run ``bootstrap.sh`` and make a dist tarball:
+4. Run ``tools/tarsource.sh -V``:
.. code-block:: shell
- ./bootstrap.sh
- ./configure --with-pkg-extra-version=-MyDebPkgVersion
- make dist
-
- .. note::
-
- Configure parameters are not important for the Debian Package building -
- except the `with-pkg-extra-version` if you want to give the Debian
- package a specific name to mark your own unoffical build.
+ ./tools/tarsource.sh -V
-5. Edit :file:`debianpkg/rules` and set the configuration as needed.
+ This script sets up the ``debian/changelog-auto`` file with proper version
+ information.
- Look for section ``dh_auto_configure`` to modify the configure options as
- needed. Options might be different between the top-level ``rules``` and
- :file:`backports/XXXX/debian/rules`. Please adjust as needed on all files.
+5. (optional) Append a distribution identifier if needed (see below under
+ :ref:`multi-dist`.)
-6. Create backports debian sources
-
- Rename the :file:`debianpkg` directory to :file:`debian` and create the
- backports (Debian requires to not ship a :file:`debian` directory inside the
- source directory to avoid build conflicts with the reserved ``debian``
- subdirectory name during the build):
+6. Build Debian Package:
.. code-block:: shell
- mv debianpkg debian
- make -f debian/rules backports
-
- This will create a :file:`frr_*.orig.tar.gz` with the source (same as the
- dist tarball), as well as multiple :file:`frr_*.debian.tar.xz` and
- :file:`frr_*.dsc` corresponding to each distribution for which a backport is
- available.
-
-7. Create a new directory to build the package and populate with package
- source.
-
- .. code-block:: shell
+ dpkg-buildpackage $options
- mkdir frrpkg
- cd frrpkg
- tar xf ~/frr/frr_*.orig.tar.gz
- cd frr*
- . /etc/os-release
- tar xf ~/frr/frr_*${ID}${VERSION_ID}*.debian.tar.xz
+ Where `$options` may contain any or all of the following items:
-8. Build Debian package dependencies and install them as needed.
+ * build profiles specified with ``-P``, e.g.
+ ``-Ppkg.frr.nortrlib,pkg.frr.nosystemd``.
+ Multiple values are separated by commas and there must not be a space
+ after the ``-P``.
- .. code-block:: shell
+ The following build profiles are currently available:
- sudo mk-build-deps --install debian/control
+ +----------------+-------------------+-----------------------------------------+
+ | Profile | Negation | Effect |
+ +================+===================+=========================================+
+ | pkg.frr.rtrlib | pkg.frr.nortrlib | builds frr-rpki-rtrlib package (or not) |
+ +----------------+-------------------+-----------------------------------------+
+ | n/a | pkg.frr.nosystemd | removes libsystemd dependency and |
+ | | | disables unit file installation |
+ +----------------+-------------------+-----------------------------------------+
-9. Build Debian Package
+ .. note::
- Building with standard options:
+ The ``pkg.frr.nosystemd`` option is only intended to support Ubuntu
+ 14.04 (and should be enabled when building for that.)
- .. code-block:: shell
+ * the ``-uc -us`` options to disable signing the packages with your GPG key
- debuild -b -uc -us
+ (git builds of the `master` or `stable/X.X` branches won't be signed by
+ default since their target release is set to ``UNRELEASED``.)
- Or change some options (see `rules` file for available options):
+7. Done!
- .. code-block:: shell
+ If all worked correctly, then you should end up with the Debian packages in
+ the parent directory of where `debuild` ran. If distributed, please make sure
+ you distribute it together with the sources (``frr_*.orig.tar.xz``,
+ ``frr_*.debian.tar.xz`` and ``frr_*.dsc``)
- debuild --set-envvar=WANT_BGP_VNC=1 --set-envvar=WANT_CUMULUS_MODE=1 -b -uc -us
-
- To build with RPKI:
-
- - Download the librtr packages from
- https://ci1.netdef.org/browse/RPKI-RTRLIB/latestSuccessful/artifact
-
- - install librtr-dev on the build server
-
- Then build with:
+.. note::
- .. code-block:: shell
+ A package created from `master` or `stable/X.X` is slightly different from
+ a package created from the `debian` branch. The changelog for the former
+ is autogenerated and sets the Debian revision to ``-0``, which causes an
+ intentional lintian warning. The `debian` branch on the other hand has
+ a manually maintained changelog that contains proper Debian release
+ versioning.
- debuild --set-envvar=WANT_RPKI=1 -b -uc -us
+ Furthermore, official Debian packages are built in ``3.0 (quilt)`` format
+ with an "orig" tarball and a "debian" tarball. These tarballs are created
+ by the ``tarsource.sh`` tool on any branch. The git repository however
+ contains a ``3.0 (git)`` source format specifier to easily allow direct
+ git builds.
- RPKI packages have an additonal dependency of ``librtr0`` which can be found
- at the same URL.
-10. Done!
+.. _multi-dist:
-If all worked correctly, then you should end up with the Debian packages under
-:file:`frrpkg`. If distributed, please make sure you distribute it together
-with the sources (``frr_*.orig.tar.gz``, ``frr_*.debian.tar.xz`` and
-``frr_*.dsc``)
+Multi-Distribution builds
+=========================
-The build procedure can also be executed automatically using the ``tools/build-debian-package.sh``
-script. For example:
+You can optionally append a distribution identifier in case you want to
+make multiple versions of the package available in the same repository.
+Do the following after creating the changelog with `tarsource.sh`:
.. code-block:: shell
- EXTRA_VERSION="-myversion" WANT_SNMP=1 WANT_CUMULUS_MODE=1 tools/build-debian-package.sh
-
-.. _deb-backports:
-
-Debian Backports
-----------------
+ dch -l '~deb8u' 'build for Debian 8 (jessie)'
+ dch -l '~deb9u' 'build for Debian 9 (stretch)'
+ dch -l '~ubuntu14.04.' 'build for Ubuntu 14.04 (trusty)'
+ dch -l '~ubuntu16.04.' 'build for Ubuntu 16.04 (xenial)'
+ dch -l '~ubuntu18.04.' 'build for Ubuntu 18.04 (bionic)'
+
+Between building packages for specific distributions, the only difference
+in the package itself lies in the automatically generated shared library
+dependencies, e.g. libjson-c2 or libjson-c3. This means that the
+architecture independent packages should **not** have a suffix appended.
+Also, the current Debian testing/unstable releases should not have any suffix
+appended.
+
+For example, at the end of 2018 (i.e. ``buster``/Debian 10 is the current
+"testing" release), the following is a complete list of `.deb` files for
+Debian 8, 9 and 10 packages for FRR 6.0.1-1 with RPKI support::
+
+ frr_6.0.1-1_amd64.deb
+ frr_6.0.1-1~deb8u1_amd64.deb
+ frr_6.0.1-1~deb9u1_amd64.deb
+ frr-dbg_6.0.1-1_amd64.deb
+ frr-dbg_6.0.1-1~deb8u1_amd64.deb
+ frr-dbg_6.0.1-1~deb9u1_amd64.deb
+ frr-rpki-rtrlib_6.0.1-1_amd64.deb
+ frr-rpki-rtrlib_6.0.1-1~deb8u1_amd64.deb
+ frr-rpki-rtrlib_6.0.1-1~deb9u1_amd64.deb
+ frr-doc_6.0.1-1_all.deb
+ frr-pythontools_6.0.1-1_all.deb
+
+Note that there are no extra versions of the `frr-doc` and `frr-pythontools`
+packages (because they are for architecture ``all``, not ``amd64``), and the
+version for Debian 10 does **not** have a ``~deb10u1`` suffix.
+
+.. warning::
+
+ Do not use the ``-`` character in the version suffix. The last ``-`` in
+ the version number is the separator between upstream version and Debian
+ version. ``6.0.1-1~foobar-2`` means upstream version ``6.0.1-1~foobar``,
+ Debian version ``2``. This is not what you want.
+
+ The only allowed characters in the Debian version are ``0-9 A-Z a-z + . ~``
-The :file:`debianpkg/backports` directory contains the Debian directories for
-backports to other Debian platforms. These are built via the ``3.0 (custom)``
-source format, which allows one to build a source package directly out of
-tarballs (e.g. an orig.tar.gz tarball and a debian.tar.gz file), at which point
-the format can be changed to a real format (e.g. ``3.0 (quilt)``).
-
-Source packages are assembled via targets of the same name as the system to
-which the backport is done (e.g. ``precise``), included in :file:`debian/rules`.
-
-To create a new Debian backport:
-
-- Add its name to ``KNOWN_BACKPORTS``, defined in :file:`debian/rules`.
-- Create a directory of the same name in :file:`debian/backports`.
-- Add the files ``exclude``, ``versionext``, and ``debian/source/format`` under
- this directory.
-
-For the last point, these files should contain the following:
-
-``exclude``
- Contains whitespace-separated paths (relative to the root of the source dir)
- that should be excluded from the source package (e.g.
- :file:`debian/patches`).
-
-``versionext``
- Contains the suffix added to the version number for this backport's build.
- Distributions often have guidelines for what this should be. If left empty,
- no new :file:`debian/changelog` entry is created.
+.. note::
-``debian/source/format``
- Contains the source format of the resulting source package. As of of the
- writing of this document the only supported format is ``3.0 (quilt)``.
+ The separating character for the suffix **must** be the tilde (``~``)
+ because the tilde is ordered in version-comparison before the empty
+ string. That means the order of the above packages is the following:
-- Add appropriate files under the :file:`debian/` subdirectory. These will be
- included in the source package, overriding any top-level :file:`debian/`
- files with equivalent paths.
+ ``6.0.1-1`` newer than ``6.0.1-1~deb9u1`` newer than ``6.0.1-1~deb8u1``
+ If you use another character (e.g. ``+``), the untagged version will be
+ regarded as the "oldest"!
doc/developer/building-frr-on-netbsd7.rst \
doc/developer/building-frr-on-omnios.rst \
doc/developer/building-frr-on-openbsd6.rst \
- doc/developer/building-frr-on-ubuntu1204.rst \
doc/developer/building-frr-on-ubuntu1404.rst \
doc/developer/building-frr-on-ubuntu1604.rst \
doc/developer/building-frr-on-ubuntu1804.rst \
doc/developer/ospf-api.rst \
doc/developer/ospf-sr.rst \
doc/developer/ospf.rst \
+ doc/developer/packaging.rst \
+ doc/developer/packaging-debian.rst \
doc/developer/workflow.rst \
doc/developer/zebra.rst \
# end
#
# Written by Daniil Baturin, 2018
# This file is public domain
+set -e
-git diff-index --quiet HEAD || echo "Warning: git working directory is not clean!"
-
-# Set the defaults
-if [ "$EXTRA_VERSION" = "" ]; then
- EXTRA_VERSION="-MyDebPkgVersion"
-fi
+cd "`dirname $0`"
+cd ..
-if [ "$WANT_SNMP" = "" ]; then
- WANT_SNMP=0
+if [ "`id -u`" = 0 ]; then
+ echo "Running as root - installing dependencies"
+ apt-get install fakeroot debhelper devscripts
+ mk-build-deps --install debian/control
+ exit 0
fi
-if [ "$WANT_CUMULUS_MODE" = "" ]; then
- WANT_CUMULUS_MODE=0
-fi
+git diff-index --quiet HEAD || echo "Warning: git working directory is not clean!"
echo "Preparing the build"
-./bootstrap.sh
-./configure --with-pkg-extra-version=$EXTRA_VERSION
-make dist
-
-echo "Preparing Debian source package"
-mv debianpkg debian
-make -f debian/rules backports
-
-echo "Unpacking the source to frrpkg/"
-mkdir frrpkg
-cd frrpkg
-tar xf ../frr_*.orig.tar.gz
-cd frr*
-. /etc/os-release
-tar xf ../../frr_*${ID}${VERSION_ID}*.debian.tar.xz
+tools/tarsource.sh -V
echo "Building the Debian package"
-debuild --no-lintian --set-envvar=WANT_SNMP=$WANT_SNMP --set-envvar=WANT_CUMULUS_MODE=$WANT_CUMULUS_MODE -b -uc -us
-
+if test $# -eq 0; then
+ dpkg-buildpackage -b -uc -us
+else
+ dpkg-buildpackage "$@"
+fi
--- /dev/null
+#!/bin/bash
+# 2018 by David Lamparter, placed in the Public Domain
+
+help() {
+ cat <<EOF
+FRR tarball/dsc helper, intended to run from a git checkout
+
+Usage:
+ ./tarsource.sh [-dDn] [-i GITPATH] [-o OUTDIR] [-S KEYID]
+ [-C COMMIT] [-e EXTRAVERSION] [-z gz|xz]
+
+options:
+ -i GITPATH path to git working tree or bare repository.
+ - default: parent directory containing this script
+ -o OUTDIR path to place the generated output files in.
+ - default: current directory
+ -C COMMIT build tarball for specified git commit
+ - default: current HEAD
+ -e EXTRAVERSION override automatic package extraversion
+ - default "-YYYYMMDD-NN-gGGGGGGGGGGGG", but the script
+ autodetects if a release tag is checked out
+ -z gz|xz compression format to use
+ - default: xz
+ -S KEYID sign the output with gpg key
+ -d use dirty git tree with local changes
+ -D generate Debian .dsc and .debian.tar.xz too
+ (note: output files are moved to parent directory)
+ -l remove Debian auto-build changelog entry
+ (always done for releases)
+ -V write version information to config.version and exit
+ -n allow executing from non-git source (NOT RECOMMENDED)
+ -h show this help text
+
+Note(1) that this script tries very hard to generate a deterministic,
+reproducible tarball by eliminating timestamps and similar things. However,
+since the tarball includes autoconf/automake files, the versions of these
+tools need to be _exactly_ identical to get the same tarball.
+
+Note(2) the debian ".orig" tarball is always identical to the "plain" tarball
+generated without the -D option.
+
+Note(3) if you want the tool to identify github PRs, you need to edit your
+.git/config to fetch PRs from github like this:
+
+ [remote "origin"]
+ url = git@github.com:frrouting/frr.git
+ fetch = +refs/heads/*:refs/remotes/origin/*
+ADD: fetch = +refs/pull/*/head:refs/remotes/origin/pull/*
+EOF
+}
+
+set -e
+
+options=`getopt -o 'hi:o:C:S:e:z:DdnlV' -l help -- "$@"`
+debian=false
+dirty=false
+nongit=false
+zip=xz
+adjchangelog=false
+writeversion=false
+extraset=false
+set - $options
+while test $# -gt 0; do
+ arg="$1"; shift; optarg=$1
+ case "$arg" in
+ -h|--help) help; exit 0;;
+ -d) dirty=true;;
+ -D) debian=true;;
+ -n) nongit=true;;
+ -i) eval src=$optarg; shift;;
+ -C) eval commit=$optarg; shift;;
+ -o) eval outdir=$optarg; shift;;
+ -e) eval extraver=$optarg; extraset=true; shift;;
+ -z) eval zip=$optarg; shift;;
+ -S) eval keyid=$optarg; shift;;
+ -l) adjchangelog=true;;
+ -V) writeversion=true;;
+ --) break;;
+ *) echo something went wrong with getopt >&2
+ exit 1
+ ;;
+ esac
+done
+
+cwd="`pwd`"
+outdir="${outdir:-$cwd}"
+
+if test -e "$outdir" -a \! -d "$outdir"; then
+ echo "output $outdir must be a directory" >&2
+ exit 1
+elif test \! -d "$outdir"; then
+ mkdir -p "$outdir"
+fi
+
+cd "$outdir"
+outdir="`pwd`"
+cd "$cwd"
+cd "`dirname $0`/.."
+selfdir="`pwd`"
+src="${src:-$selfdir}"
+
+if $writeversion; then
+ if $nongit; then
+ echo "The -V option cannot be used without a git tree" >&2
+ exit 1
+ fi
+ dirty=true
+fi
+
+case "$zip" in
+gz) ziptarget=dist-gzip; ziptool="gzip -n -9"; unzip="gzip -k -c";;
+xz) ziptarget=dist-xz; ziptool="xz -z -e"; unzip="xz -d -k -c";;
+*) echo "unknown compression format $zip" >&2
+ exit 1
+esac
+
+# always overwrite file ownership in tars
+taropt="--owner=root --group=root"
+
+onexit() {
+ rv="$?"
+ set +e
+ test -n "$tmpdir" -a -d "$tmpdir" && rm -rf "$tmpdir"
+
+ if test "$rv" -ne 0; then
+ echo -e "\n\033[31;1mfailed\n" >&2
+ if test "$dirty" = true; then
+ echo please try running the script without the -d option.>&2
+ fi
+ fi
+ exit $rv
+}
+trap onexit EXIT
+tmpdir="`mktemp -d -t frrtar.XXXXXX`"
+
+if test -d "$src/.git"; then
+ commit="`git -C \"$src\" rev-parse \"${commit:-HEAD}\"`"
+
+ if $dirty; then
+ cd "$src"
+ echo -e "\033[31;1mgit: using dirty worktree in $src\033[m" >&2
+ else
+ echo -e "\033[33;1mgit: preparing a clean clone of $src\033[m"
+ branch="${tmpdir##*/}"
+ cd "$tmpdir"
+
+ git -C "$src" branch "$branch" "$commit"
+ git clone --single-branch -s -b "$branch" "$src" source
+ git -C "$src" branch -D "$branch"
+ cd source
+ fi
+
+ # if we're creating a tarball from git, force the timestamps inside
+ # the tar to match the commit date - this makes the tarball itself
+ # reproducible
+ gitts="`TZ=UTC git show -s --format=%cd --date=local $commit`"
+ gitts="`TZ=UTC date -d "$gitts" '+%Y-%m-%dT%H:%M:%SZ'`"
+ taropt="--mtime=$gitts $taropt"
+
+ # check if we're on a release tag
+ gittag="`git -C \"$src\" describe --tags --match 'frr-*' --first-parent --long $commit`"
+ gittag="${gittag%-g*}"
+ gittag="${gittag%-*}"
+
+ # if there have been changes to packaging or tests, it's still the
+ # same release
+ changes="`git diff --name-only "$gittag" $commit | \
+ egrep -v '\.git|^m4/|^config|^README|^alpine/|^debian/|^pkgsrc/|^ports/|^redhat/|^snapcraft/|^solaris/|^tests/|^tools/|^gdb/|^docker/|^\.' | \
+ wc -l`"
+ if test "$changes" -eq 0; then
+ adjchangelog=true
+ echo "detected release build for tag $gittag" >&2
+ $extraset || extraver=""
+ elif ! $adjchangelog; then
+ gitdate="`TZ=UTC date -d "$gitts" '+%Y%m%d'`"
+ gitrev="`git rev-parse --short $commit`"
+ dayseq="`git rev-list --since \"${gitts%T*} 00:00:00 +0000\" $commit | wc -l`"
+ dayseq="`printf '%02d' $(( $dayseq - 1 ))`"
+
+ $extraset || extraver="-$gitdate-$dayseq-g$gitrev"
+
+ git -C "$src" remote -v | grep fetch | sed -e 's% (fetch)$%%' \
+ | egrep -i '\b(git@github\.com:frrouting/frr\.git|https://github\.com/FRRouting/frr\.git)$' \
+ | while read remote; do
+ remote="${remote%% *}"
+
+ git -C "$src" var -l | egrep "^remote.$remote.fetch=" \
+ | while read fetch; do
+ fetch="${fetch#*=}"
+ from="${fetch%:*}"
+ to="${fetch#*:}"
+ if test "$from" = "+refs/pull/*/head"; then
+ name="`git -C \"$src\" name-rev --name-only --refs \"$to\" $commit`"
+ test "$name" = "undefined" && continue
+ realname="${name%~*}"
+ realname="${realname%%^*}"
+ realname="${realname%%@*}"
+ if test "$realname" = "$name"; then
+ echo "${name##*/}" > "$tmpdir/.gitpr"
+ break
+ fi
+ fi
+ done || true
+ test -n "$gitpr" && break
+ done || true
+ test $extraset = false -a -f "$tmpdir/.gitpr" && extraver="-PR`cat \"$tmpdir/.gitpr\"`$extraver"
+ fi
+
+ debsrc="git ls-files debian/"
+else
+ if $nongit; then
+ echo -e "\033[31;1mWARNING: this script should be executed from a git tree\033[m" >&2
+ else
+ echo -e "\033[31;1mERROR: this script should be executed from a git tree\033[m" >&2
+ exit 1
+ fi
+ debsrc="echo debian"
+fi
+
+if $writeversion; then
+ pkgver="`egrep ^AC_INIT configure.ac`"
+ pkgver="${pkgver#*,}"
+ pkgver="${pkgver%,*}"
+ pkgver="`echo $pkgver`" # strip whitespace
+
+ echo -e "\033[32;1mwriting version ID \033[36;1mfrr-$pkgver$extraver\033[m"
+
+ cat > config.version <<EOF
+# config.version override by tarsource.sh
+EXTRAVERSION="$extraver"
+DIST_PACKAGE_VERSION="$pkgver$extraver"
+gitts="$gitts"
+taropt="$taropt"
+EOF
+ sed -e "s%@VERSION@%$pkgver$extraver%" \
+ < changelog-auto.in \
+ > changelog-auto
+ exit 0
+fi
+
+echo -e "\033[33;1mpreparing source tree\033[m"
+
+# config.version will also overwrite gitts and taropt when tarsource.sh
+# was used to write the config.version file before - but configure will
+# overwrite config.version down below!
+if test -f config.version; then
+ # never executed for clean git build
+ . ./config.version
+ if $nongit; then
+ $extraset || extraver="$EXTRAVERSION"
+ fi
+fi
+if test \! -f configure; then
+ # always executed for clean git build
+ ./bootstrap.sh
+fi
+if test "$EXTRAVERSION" != "$extraver" -o \! -f config.status; then
+ # always executed for clean git build
+ # options don't matter really - we just want to make a dist tarball
+ ./configure --with-pkg-extra-version=$extraver
+fi
+
+. ./config.version
+PACKAGE_VERSION="$DIST_PACKAGE_VERSION"
+
+echo -e "\033[33;1mpacking up \033[36;1mfrr-$PACKAGE_VERSION\033[m"
+
+make GZIP_ENV="-n9" am__tar="tar -chof - $taropt \"\$\$tardir\"" $ziptarget
+mv frr-${PACKAGE_VERSION}.tar.$zip "$outdir" || true
+lsfiles="frr-${PACKAGE_VERSION}.tar.$zip"
+
+if $debian; then
+ mkdir -p "$tmpdir/debian/source"
+ cat debian/changelog > "$tmpdir/debian/changelog"
+ if $adjchangelog; then
+ if grep -q 'autoconf changelog entry' debian/changelog; then
+ tail -n +9 debian/changelog > "$tmpdir/debian/changelog"
+ fi
+ fi
+ echo '3.0 (quilt)' > "$tmpdir/debian/source/format"
+ DEBVER="`dpkg-parsechangelog -l\"$tmpdir/debian/changelog\" -SVersion`"
+
+ eval $debsrc | tar -cho $taropt \
+ --exclude-vcs --exclude debian/source/format \
+ --exclude debian/changelog \
+ --exclude debian/changelog-auto \
+ --exclude debian/changelog-auto.in \
+ --exclude debian/subdir.am \
+ -T - -f ../frr_${DEBVER}.debian.tar
+ # add specially prepared files from above
+ tar -uf ../frr_${DEBVER}.debian.tar $taropt -C "$tmpdir" debian/source/format debian/changelog
+
+ test -f ../frr_${DEBVER}.debian.tar.$zip && rm -f ../frr_${DEBVER}.debian.tar.$zip
+ $ziptool ../frr_${DEBVER}.debian.tar
+
+ # pack up debian files proper
+ ln -s "$outdir/frr-${PACKAGE_VERSION}.tar.$zip" ../frr_${PACKAGE_VERSION}.orig.tar.$zip
+ dpkg-source -l"$tmpdir/debian/changelog" \
+ --format='3.0 (custom)' --target-format='3.0 (quilt)' \
+ -b . frr_${PACKAGE_VERSION}.orig.tar.$zip frr_${DEBVER}.debian.tar.$zip
+
+ mv ../frr_${DEBVER}.dsc "$outdir" || true
+ mv ../frr_${DEBVER}.debian.tar.$zip "$outdir" || true
+ if test -h ../frr_${PACKAGE_VERSION}.orig.tar.$zip; then
+ rm ../frr_${PACKAGE_VERSION}.orig.tar.$zip || true
+ fi
+ ln -s frr-${PACKAGE_VERSION}.tar.$zip "$outdir/frr_${PACKAGE_VERSION}.orig.tar.$zip" || true
+
+ cd "$outdir"
+ test -n "$keyid" && debsign -k "$keyid" "frr_${DEBVER}.dsc"
+
+ lsfiles="$lsfiles \
+ frr_${DEBVER}.dsc \
+ frr_${DEBVER}.debian.tar.$zip \
+ frr_${PACKAGE_VERSION}.orig.tar.$zip"
+fi
+
+cd "$outdir"
+if test -n "$keyid"; then
+ $unzip frr-${PACKAGE_VERSION}.tar.$zip > frr-${PACKAGE_VERSION}.tar
+ test -f frr-${PACKAGE_VERSION}.tar.asc && rm frr-${PACKAGE_VERSION}.tar.asc
+ if gpg -a --detach-sign -u "$keyid" frr-${PACKAGE_VERSION}.tar; then
+ lsfiles="$lsfiles frr-${PACKAGE_VERSION}.tar.asc"
+ fi
+ rm frr-${PACKAGE_VERSION}.tar
+fi
+
+echo -e "\n\033[32;1mdone: \033[36;1mfrr-$PACKAGE_VERSION\033[m\n"
+ls -l $lsfiles