[pve-devel] [PATCH V2 frr 04/10] import debianpkg directory as debian
Alexandre Derumier
aderumier at odiso.com
Tue Jul 10 18:01:26 CEST 2018
---
debian/.gitignore | 1 +
debian/Makefile.am | 47 +
debian/README.Debian | 97 ++
debian/README.Maintainer | 22 +
debian/README.deb_build.md | 127 ++
debian/backports/.gitignore | 2 +
debian/backports/README | 28 +
debian/backports/debian8/debian/source/format | 1 +
debian/backports/debian8/exclude | 0
debian/backports/debian8/versionext | 1 +
debian/backports/debian9/debian/source/format | 1 +
debian/backports/debian9/exclude | 0
debian/backports/debian9/versionext | 1 +
debian/backports/rules | 137 ++
debian/backports/ubuntu12.04/debian/control | 56 +
debian/backports/ubuntu12.04/debian/frr.install | 1 +
debian/backports/ubuntu12.04/debian/frr.postinst | 1 +
debian/backports/ubuntu12.04/debian/frr.postrm | 1 +
debian/backports/ubuntu12.04/debian/rules | 173 +++
debian/backports/ubuntu12.04/debian/source/format | 1 +
debian/backports/ubuntu12.04/exclude | 0
debian/backports/ubuntu12.04/versionext | 1 +
debian/backports/ubuntu14.04/debian/control | 56 +
debian/backports/ubuntu14.04/debian/frr.install | 11 +
debian/backports/ubuntu14.04/debian/frr.postinst | 38 +
debian/backports/ubuntu14.04/debian/frr.postrm | 14 +
debian/backports/ubuntu14.04/debian/rules | 207 ++++
debian/backports/ubuntu14.04/debian/source/format | 1 +
debian/backports/ubuntu14.04/exclude | 0
debian/backports/ubuntu14.04/versionext | 1 +
debian/backports/ubuntu16.04/debian/source/format | 1 +
debian/backports/ubuntu16.04/exclude | 0
debian/backports/ubuntu16.04/versionext | 1 +
debian/backports/ubuntu17.10/debian/control | 54 +
debian/backports/ubuntu17.10/debian/source/format | 1 +
debian/backports/ubuntu17.10/exclude | 0
debian/backports/ubuntu17.10/versionext | 1 +
debian/backports/ubuntu18.04/debian/control | 54 +
debian/backports/ubuntu18.04/debian/source/format | 1 +
debian/backports/ubuntu18.04/exclude | 0
debian/backports/ubuntu18.04/versionext | 1 +
debian/changelog.in | 1375 +++++++++++++++++++++
debian/compat | 1 +
debian/control | 54 +
debian/copyright | 29 +
debian/frr-dbg.lintian-overrides | 1 +
debian/frr-doc.docs | 6 +
debian/frr-doc.info | 1 +
debian/frr-doc.install | 1 +
debian/frr-doc.lintian-overrides | 1 +
debian/frr-pythontools.install | 1 +
debian/frr.conf | 2 +
debian/frr.dirs | 8 +
debian/frr.docs | 2 +
debian/frr.install | 12 +
debian/frr.lintian-overrides | 5 +
debian/frr.logrotate | 27 +
debian/frr.manpages | 15 +
debian/frr.pam | 3 +
debian/frr.postinst | 37 +
debian/frr.postrm | 12 +
debian/frr.preinst | 81 ++
debian/frr.prerm | 23 +
debian/rules | 233 ++++
debian/source/format | 1 +
debian/tests/control | 3 +
debian/tests/daemons | 30 +
debian/watchfrr.rc | 4 +
68 files changed, 3109 insertions(+)
create mode 100644 debian/.gitignore
create mode 100644 debian/Makefile.am
create mode 100644 debian/README.Debian
create mode 100644 debian/README.Maintainer
create mode 100644 debian/README.deb_build.md
create mode 100644 debian/backports/.gitignore
create mode 100644 debian/backports/README
create mode 100644 debian/backports/debian8/debian/source/format
create mode 100644 debian/backports/debian8/exclude
create mode 100644 debian/backports/debian8/versionext
create mode 100644 debian/backports/debian9/debian/source/format
create mode 100644 debian/backports/debian9/exclude
create mode 100644 debian/backports/debian9/versionext
create mode 100755 debian/backports/rules
create mode 100644 debian/backports/ubuntu12.04/debian/control
create mode 120000 debian/backports/ubuntu12.04/debian/frr.install
create mode 120000 debian/backports/ubuntu12.04/debian/frr.postinst
create mode 120000 debian/backports/ubuntu12.04/debian/frr.postrm
create mode 100755 debian/backports/ubuntu12.04/debian/rules
create mode 100644 debian/backports/ubuntu12.04/debian/source/format
create mode 100644 debian/backports/ubuntu12.04/exclude
create mode 100644 debian/backports/ubuntu12.04/versionext
create mode 100644 debian/backports/ubuntu14.04/debian/control
create mode 100644 debian/backports/ubuntu14.04/debian/frr.install
create mode 100644 debian/backports/ubuntu14.04/debian/frr.postinst
create mode 100644 debian/backports/ubuntu14.04/debian/frr.postrm
create mode 100755 debian/backports/ubuntu14.04/debian/rules
create mode 100644 debian/backports/ubuntu14.04/debian/source/format
create mode 100644 debian/backports/ubuntu14.04/exclude
create mode 100644 debian/backports/ubuntu14.04/versionext
create mode 100644 debian/backports/ubuntu16.04/debian/source/format
create mode 100644 debian/backports/ubuntu16.04/exclude
create mode 100644 debian/backports/ubuntu16.04/versionext
create mode 100644 debian/backports/ubuntu17.10/debian/control
create mode 100644 debian/backports/ubuntu17.10/debian/source/format
create mode 100644 debian/backports/ubuntu17.10/exclude
create mode 100644 debian/backports/ubuntu17.10/versionext
create mode 100644 debian/backports/ubuntu18.04/debian/control
create mode 100644 debian/backports/ubuntu18.04/debian/source/format
create mode 100644 debian/backports/ubuntu18.04/exclude
create mode 100644 debian/backports/ubuntu18.04/versionext
create mode 100644 debian/changelog.in
create mode 100644 debian/compat
create mode 100644 debian/control
create mode 100644 debian/copyright
create mode 100644 debian/frr-dbg.lintian-overrides
create mode 100644 debian/frr-doc.docs
create mode 100644 debian/frr-doc.info
create mode 100644 debian/frr-doc.install
create mode 100644 debian/frr-doc.lintian-overrides
create mode 100644 debian/frr-pythontools.install
create mode 100644 debian/frr.conf
create mode 100644 debian/frr.dirs
create mode 100644 debian/frr.docs
create mode 100644 debian/frr.install
create mode 100644 debian/frr.lintian-overrides
create mode 100644 debian/frr.logrotate
create mode 100644 debian/frr.manpages
create mode 100644 debian/frr.pam
create mode 100644 debian/frr.postinst
create mode 100644 debian/frr.postrm
create mode 100644 debian/frr.preinst
create mode 100644 debian/frr.prerm
create mode 100755 debian/rules
create mode 100644 debian/source/format
create mode 100644 debian/tests/control
create mode 100644 debian/tests/daemons
create mode 100644 debian/watchfrr.rc
diff --git a/debian/.gitignore b/debian/.gitignore
new file mode 100644
index 0000000..6d10dce
--- /dev/null
+++ b/debian/.gitignore
@@ -0,0 +1 @@
+changelog
diff --git a/debian/Makefile.am b/debian/Makefile.am
new file mode 100644
index 0000000..e7ae4bb
--- /dev/null
+++ b/debian/Makefile.am
@@ -0,0 +1,47 @@
+
+EXTRA_DIST = README.Debian README.Maintainer \
+ changelog compat control copyright \
+ rules source/format tests/control \
+ tests/daemons watchfrr.rc \
+ backports/README backports/rules \
+ backports/debian8/debian/source/format \
+ backports/debian8/exclude \
+ backports/debian8/versionext \
+ backports/debian9/debian/source/format \
+ backports/debian9/exclude \
+ backports/debian9/versionext \
+ backports/ubuntu12.04/debian/control \
+ backports/ubuntu12.04/debian/frr.install \
+ backports/ubuntu12.04/debian/frr.postinst \
+ backports/ubuntu12.04/debian/frr.postrm \
+ backports/ubuntu12.04/debian/rules \
+ backports/ubuntu12.04/debian/source/format \
+ backports/ubuntu12.04/exclude \
+ backports/ubuntu12.04/versionext \
+ backports/ubuntu14.04/debian/control \
+ backports/ubuntu14.04/debian/frr.install \
+ backports/ubuntu14.04/debian/frr.postinst \
+ backports/ubuntu14.04/debian/frr.postrm \
+ backports/ubuntu14.04/debian/rules \
+ backports/ubuntu14.04/debian/source/format \
+ backports/ubuntu14.04/exclude \
+ backports/ubuntu14.04/versionext \
+ backports/ubuntu16.04/debian/source/format \
+ backports/ubuntu16.04/exclude \
+ backports/ubuntu16.04/versionext \
+ backports/ubuntu17.10/debian/control \
+ backports/ubuntu17.10/debian/source/format \
+ backports/ubuntu17.10/exclude \
+ backports/ubuntu17.10/versionext \
+ backports/ubuntu18.04/debian/control \
+ backports/ubuntu18.04/debian/source/format \
+ backports/ubuntu18.04/exclude \
+ backports/ubuntu18.04/versionext \
+ frr-doc.docs frr-doc.info frr-doc.install \
+ frr-doc.lintian-overrides frr.conf \
+ frr-dbg.lintian-overrides \
+ frr.dirs frr.docs frr.install \
+ frr.lintian-overrides frr.logrotate \
+ frr.manpages frr.pam frr.postinst frr.postrm \
+ frr.preinst frr.prerm \
+ frr-pythontools.install
diff --git a/debian/README.Debian b/debian/README.Debian
new file mode 100644
index 0000000..1b04803
--- /dev/null
+++ b/debian/README.Debian
@@ -0,0 +1,97 @@
+* SAFETY MEASURES:
+==================
+
+Please consider setting this package "on hold" by typing
+ echo "frr hold" | dpkg --set-selections
+and verifying this using
+ dpkg --get-selections | grep 'hold$'
+
+Setting a package "on hold" means that it will not automatically be upgraded.
+Instead apt-get only displays a warning saying that a new version would be
+available forcing you to explicitly type "apt-get install frr" to upgrade it.
+
+
+* What is frr?
+=================
+
+http://www.frrouting.org/
+FRR is a routing software suite, providing implementations of OSPFv2,
+OSPFv3, RIP v1 and v2, RIPng, ISIS, PIM, BGP and LDP for Unix platforms, particularly
+FreeBSD and Linux and also NetBSD, to mention a few. FRR is a fork of Quagga
+which itself is a fork of Zebra.
+Zebra was developed by Kunihiro Ishiguro.
+
+
+* Why has SNMP support been disabled?
+=====================================
+FRR used to link against the NetSNMP libraries to provide SNMP
+support. Those libraries sadly link against the OpenSSL libraries
+to provide crypto support for SNMPv3 among others.
+OpenSSL now is not compatible with the GNU GENERAL PUBLIC LICENSE (GPL)
+licence that FRR is distributed under. For more explanation read:
+ http://www.gnome.org/~markmc/openssl-and-the-gpl.html
+ http://www.gnu.org/licenses/gpl-faq.html#GPLIncompatibleLibs
+Updating the licence to explecitly allow linking against OpenSSL
+would requite the affirmation of all people that ever contributed
+a significant part to Zebra / Quagga or FRR and thus are the collective
+"copyright holder". That's too much work. Using a shrinked down
+version of NetSNMP without OpenSSL or convincing the NetSNMP people
+to change to GnuTLS are maybe good solutions but not reachable
+during the last days before the Sarge release :-(
+
+ *BUT*
+
+It is allowed by the used licence mix that you fetch the sources and
+build FRR yourself with SNMP with
+ <remove the "grep ^smux" block at the end of debian/frr.preinst>
+ # export WANT_SNMP=1
+ # apt-get -b source frr
+Just distributing it in binary form, linked against OpenSSL, is forbidden.
+
+
+* Daemon selection:
+===================
+
+The Debian package uses /etc/frr/daemons to tell the
+initscript which daemons to start. It's in the format
+<daemon>=<yes|no|priority>
+with no spaces (it's simply source-d into the initscript).
+Default is not to start anything, since it can hose your
+system's routing table if not set up properly.
+
+Priorities were suggested by Dancer <dancer at zeor.simegen.com>.
+They're used to start the FRR daemons in more than one step
+(for example start one or two at network initialization and the
+rest later). The number of FRR daemons being small, priorities
+must be between 1 and 9, inclusive (or the initscript has to be
+changed). /etc/init.d/frr then can be started as
+
+/etc/init.d/frr <start|stop|restart|<priority>>
+
+where priority 0 is the same as 'stop', priority 10 or 'start'
+means 'start all'
+
+
+* Error message "privs_init: initial cap_set_proc failed":
+==========================================================
+
+This error message means that "capability support" has to be built
+into the kernel.
+
+
+* Error message "netlink-listen: overrun: No buffer space available":
+=====================================================================
+
+If this message occurs the receive buffer should be increased by adding the
+following to /etc/sysctl.conf and "--nl-bufsize" to /etc/frr/daemons.conf.
+> net.core.rmem_default = 262144
+> net.core.rmem_max = 262144
+See message #4525 from 2005-05-09 in the quagga-users mailing list.
+
+
+* vtysh immediately exists:
+===========================
+
+Check /etc/pam.d/frr, it probably denies access to your user. The passwords
+configured in /etc/frr/frr.conf are only for telnet access.
+
diff --git a/debian/README.Maintainer b/debian/README.Maintainer
new file mode 100644
index 0000000..84b68e1
--- /dev/null
+++ b/debian/README.Maintainer
@@ -0,0 +1,22 @@
+#
+# To check if the patches still apply on new upstream versions:
+#
+for i in debian/patches/*.diff; do echo -e "#\n# $i\n#"; patch --fuzz=3 --dry-run -p1 < $i; done
+
+#
+# Filename transition from zebra to frr
+#
+
+Files that keep their names
+ /usr/bin/vtysh
+
+Files that got an -pj suffix
+ /etc/default/zebra -> /etc/frr/daemons.conf
+ /etc/init.d/zebra -> /etc/init.d/frr
+ /etc/zebra/ -> /etc/frr/
+ /usr/share/doc/zebra/ -> /usr/share/doc/frr/
+ /var/log/zebra/ -> /var/log/frr/
+ /var/run/ -> /var/run/frr/
+
+Files that were moved
+ /usr/sbin/* -> /usr/lib/frr/
diff --git a/debian/README.deb_build.md b/debian/README.deb_build.md
new file mode 100644
index 0000000..c90ca13
--- /dev/null
+++ b/debian/README.deb_build.md
@@ -0,0 +1,127 @@
+Building your own FRRouting Debian Package
+==========================================
+(Tested on Ubuntu 12.04, 14.04, 16.04, 17.10, 18.04, Debian 8 and 9)
+
+**Note:** If you try to build for a different distro, then it will most likely
+fail because of the missing backport. See debianpkg/backports/README about
+adding a new backport.
+
+1. Follow the package installation as outlined in doc/Building_on_XXXX.md
+ (XXXX refers your OS Distribution) to install the required build packages
+
+2. Install the following additional packages:
+
+ on Ubuntu 12.04, 14.04, 16.04, 17.10, Debian 8 and 9:
+
+ apt-get install realpath equivs groff fakeroot debhelper devscripts
+
+ on Ubuntu 18.04: (realpath is now part of preinstalled by coreutils)
+
+ apt-get install equivs groff fakeroot debhelper devscripts
+
+3. Checkout FRR under a **unpriviledged** user account
+
+ git clone https://github.com/frrouting/frr.git frr
+ cd frr
+ # git checkout <branch> - if different branch than master
+
+4. Run Bootstrap and make distribution tar.gz
+
+ ./bootstrap.sh
+ ./configure --with-pkg-extra-version=-MyDebPkgVersion
+ make dist
+
+ Note: configure parameters are not important for the Debian Package
+ building - except the `with-pkg-extra-version` if you want to give the
+ Debian Package a specific name to mark your own unoffical build
+
+5. Edit `debianpkg/rules` and set the configuration as needed
+
+ Look for section `dh_auto_configure` to modify the configure
+ options as needed. Options might be different between main `rules` and
+ `backports/XXXX/debian/rules`. Please adjust as needed on all files
+
+6. Create backports debian sources
+
+ Move the `debianpkg` to `debian` and create the backports
+ (Debian requires to not ship a `debian` directory inside the source
+ directory to avoid build conflicts with the reserved `debian` subdirectory
+ name during the build)
+
+ mv debianpkg debian
+ make -f debian/rules backports
+
+ This will create a `frr_*.orig.tar.gz` with the source (same as dist tar),
+ and multiple `frr_*.debian.tar.xz` and `frr_*.dsc` for the debian package
+ source on each backport supported distribution
+
+7. Create a new directory to build the package and populate with package src
+
+ mkdir frrpkg
+ cd frrpkg
+ tar xf ~/frr/frr_*.orig.tar.gz
+ cd frr*
+ . /etc/os-release
+ tar xf ~/frr/frr_*${ID}${VERSION_ID}*.debian.tar.xz
+
+8. Build Debian Package Dependencies and install them as needed
+
+ sudo mk-build-deps --install debian/control
+
+9. Build Debian Package
+
+ Building with standard options:
+
+ debuild -b -uc -us
+
+ Or change some options:
+ (see `rules` file for available options)
+
+ debuild --set-envvar=WANT_BGP_VNC=1 --set-envvar=WANT_CUMULUS_MODE=1 -b -uc -us
+
+ To build with RPKI, download the librtr packages from
+ https://ci1.netdef.org/browse/RPKI-RTRLIB/latestSuccessful/artifact
+ install librtr-dev on the build server and build the packages as
+ debuild --set-envvar=WANT_RPKI=1 -b -uc -us
+ RPKI packages have an additonal dependency of librtr0 which can be
+ found at the same URL
+
+DONE.
+
+If all works correctly, then you should end up with the Debian packages under
+`frrpkg`. If distributed, please make sure you distribute it together with
+the sources (`frr_*.orig.tar.gz`, `frr_*.debian.tar.xz` and `frr_*.dsc`)
+
+
+Enabling daemons after installation of the package:
+---------------------------------------------------
+
+1. Edit `/etc/frr/daemons` and enable required routing daemons (Zebra is
+probably needed for most deployments, so make sure to enable it.)
+
+2. Check your firewall / IPtables to make sure the routing protocols are
+allowed.
+
+3. Enable FRR at startup
+
+ - On `init.d` based systems (Ubuntu 12.04)
+
+ sudo update-rc.d frr defaults
+
+ - On `systemd` based systems (Debian 8 and later, Ubuntu 14.04 and later)
+
+ sudo systemctl enable frr
+
+4. Start/Restart the daemons (or reboot)
+
+ - On `init.d` based systems (Ubuntu 12.04)
+
+ sudo invoke-rc.d frr start
+
+ - on `systemd` based systems (Debian 8 and later, Ubuntu 14.04 and later)
+
+ sudo systemctl start frr
+
+
+Configuration is stored in `/etc/frr/*.conf` files and daemon selection
+is stored in `/etc/frr/daemons`.
diff --git a/debian/backports/.gitignore b/debian/backports/.gitignore
new file mode 100644
index 0000000..3b20d26
--- /dev/null
+++ b/debian/backports/.gitignore
@@ -0,0 +1,2 @@
+*/*.dirhash
+*/debian/changelog
diff --git a/debian/backports/README b/debian/backports/README
new file mode 100644
index 0000000..efd322e
--- /dev/null
+++ b/debian/backports/README
@@ -0,0 +1,28 @@
+This directory contains the debian directories for backports to other debian
+platforms. These are built via the `3.0 (custom)' source format, which
+allows one to build a source package directly out of tarballs (e.g. an
+orig.tar.gz tarball and a debian.tar.gz file), at which point the format can
+be changed to a real format (e.g. `3.0 (quilt)').
+
+Source packages are assembled via targets of the same name as the system to
+which the backport is done (e.g. `precise'), included in debian/rules.
+
+To create a new debian backport:
+
+* Add its name to `KNOWN_BACKPORTS', defined in debian/rules.
+* Create a directory of the same name in debian/backports.
+* Add the files `exclude', `versionext', and `debian/source/format' under
+ this directory:
+ * `exclude' contains whitespace-separated paths (relative to the root of
+ the source dir) that should be excluded from the source package (e.g.
+ debian/patches).
+ * `versionext' contains the suffix added to the version number for this
+ backport's build. Distributions often have guidelines for what this
+ should be. If left empty, no new debian/changelog entry is created.
+ * `debian/source/format' should contain the source format of the resulting
+ source package. As of of the writing of this document the only supported
+ format is `3.0 (quilt)'.
+* Add appropriate files under the `debian/' subdirectory. These will be
+ included in the source package, overriding any top-level `debian/' files
+ with equivalent paths.
+
diff --git a/debian/backports/debian8/debian/source/format b/debian/backports/debian8/debian/source/format
new file mode 100644
index 0000000..163aaf8
--- /dev/null
+++ b/debian/backports/debian8/debian/source/format
@@ -0,0 +1 @@
+3.0 (quilt)
diff --git a/debian/backports/debian8/exclude b/debian/backports/debian8/exclude
new file mode 100644
index 0000000..e69de29
diff --git a/debian/backports/debian8/versionext b/debian/backports/debian8/versionext
new file mode 100644
index 0000000..4824521
--- /dev/null
+++ b/debian/backports/debian8/versionext
@@ -0,0 +1 @@
+-1~debian8+1
diff --git a/debian/backports/debian9/debian/source/format b/debian/backports/debian9/debian/source/format
new file mode 100644
index 0000000..163aaf8
--- /dev/null
+++ b/debian/backports/debian9/debian/source/format
@@ -0,0 +1 @@
+3.0 (quilt)
diff --git a/debian/backports/debian9/exclude b/debian/backports/debian9/exclude
new file mode 100644
index 0000000..e69de29
diff --git a/debian/backports/debian9/versionext b/debian/backports/debian9/versionext
new file mode 100644
index 0000000..db85932
--- /dev/null
+++ b/debian/backports/debian9/versionext
@@ -0,0 +1 @@
+-1~debian9+1
diff --git a/debian/backports/rules b/debian/backports/rules
new file mode 100755
index 0000000..d0c6dcc
--- /dev/null
+++ b/debian/backports/rules
@@ -0,0 +1,137 @@
+.PHONY: backports $(KNOWN_BACKPORTS)
+
+# error out if these files are missing
+required_files = $(foreach backport,$(KNOWN_BACKPORTS), \
+ $(addprefix debian/backports/$(backport)/, \
+ debian/source/format \
+ versionext \
+ exclude))
+$(if $(filter-out $(wildcard $(required_files)),$(required_files)), \
+ $(error missing required backports files: \
+ $(filter-out $(wildcard $(required_files)),$(required_files)). \
+ see debian/backports/README) \
+)
+
+TARBALLDIR ?= $(shell dh_testdir debian/changelog && realpath .)
+
+define backports-targets
+# if this file is empty, no automatic changelog entry is created
+VERSIONEXT_$(1) ?= $(strip \
+ $(shell cat $(wildcard debian/backports/$(1)/versionext)))
+DEBIAN_VERSION_$(1) = $(DEBIAN_VERSION)$$(VERSIONEXT_$(1))
+BACKPORTDIR_$(1) = $(realpath debian/backports/$(1))
+
+# as of right now, must be '3.0 (quilt)'
+SOURCEFORMAT_$(1) ?= $(strip \
+ $(shell cat debian/backports/$(1)/debian/source/format))
+
+# files checked for the dirhash (see below)
+FINDCMD_$(1) = find -L debian/backports/$(1)/debian \
+ -type f \
+ ! -path debian/backports/$(1)/debian/changelog
+
+# files *not* pulled from the root debian directory into the backport tarball:
+# debian/changelog (copied and edited for backport version entry)
+# debian/backports itself (relevant contents are copied out separately)
+# anything provided in the current backports debian dir
+# anything specified in the 'exclude' file in the current backports debian dir
+EXCLUDEROOT_$(1) = debian/changelog debian/backports \
+ $$(subst debian/backports/$(1)/,,$$(shell $$(FINDCMD_$(1)))) \
+ $$(shell cat debian/backports/$(1)/exclude)
+
+EXCLUDEROOT_TAR_$(1) = $$(foreach file,$$(EXCLUDEROOT_$(1)),--exclude $$(file))
+EXCLUDEROOT_FIND_$(1) = $$(foreach file,$$(EXCLUDEROOT_$(1)),-o -path $$(file))
+
+# find command resulting in all files that *will* be pulled into the backport
+# tarball.
+FINDCMDROOT_$(1) = find -L debian/ \
+ '(' -false $$(EXCLUDEROOT_FIND_$(1)) ')' -prune -o \
+ -type f -a '!' '(' -false $$(EXCLUDEROOT_FIND_$(1)) ')'
+
+# usually using `find' output for dependencies has the downfall of not tracking
+# file removal. Work around that by introducing a dependency on a file whose
+# name contains the hash of `find' output, so that the name will change when a
+# file is deleted.
+DIRHASH_$(1) = \
+ $$(shell $$(FINDCMD_$(1)) | sha1sum | sed -r 's/^(......).*/\1/')
+DIRHASHROOT_$(1) = \
+ $$(shell $$(FINDCMDROOT_$(1)) | sha1sum | sed -r 's/^(......).*/\1/')
+
+CONTROL_$(1) = $$(strip \
+ $$(if $$(wildcard $$(BACKPORTDIR_$(1))/debian/control), \
+ $$(BACKPORTDIR_$(1))/debian/control, \
+ $(realpath debian/control) \
+ ))
+
+# TARGETS:
+
+$(1): $(TARBALLDIR)/$(SRCPKG)_$$(DEBIAN_VERSION_$(1)).dsc ;
+
+# we use 3.0 (custom) to build a source package directly from tarballs,
+# bypassing the usual checks (which wouldn't like our combination-of-
+# directories approach)
+$(TARBALLDIR)/$(SRCPKG)_$$(DEBIAN_VERSION_$(1)).dsc:
+ dpkg-source -l$$(BACKPORTDIR_$(1))/debian/changelog \
+ -c$$(CONTROL_$(1)) \
+ --format='3.0 (custom)' \
+ --target-format='$$(SOURCEFORMAT_$(1))' \
+ -b . $$^
+ mv $(TARBALLDIR)/../$$(notdir $$@) $$@
+
+ifeq ($$(SOURCEFORMAT_$(1)),3.0 (quilt))
+# this target depends on the orig.tar.gz file, for which there is no target in
+# this makefile. It is assumed to either already exist or be built by a target
+# provided elsewhere in debian/rules (e.g. via pristine-tar)
+$$(if $$(findstring $(ORIG_VERSION),$$(DEBIAN_VERSION_$(1))), \
+ $$(info downstream version matches upstream version (good)), \
+ $$(error quilt format expects downstream version \
+ ($$(DEBIAN_VERSION_$(1))) to contain upstream version \
+ ($(ORIG_VERSION)). Make a new debian/changelog entry \
+ to reflect the new upstream release) \
+)
+
+$(TARBALLDIR)/$(SRCPKG)_$$(DEBIAN_VERSION_$(1)).dsc: \
+ $(TARBALLDIR)/$(SRCPKG)_$(ORIG_VERSION).orig.tar.gz \
+ $(TARBALLDIR)/$(SRCPKG)_$$(DEBIAN_VERSION_$(1)).debian.tar.xz
+else
+$$(error unsupported source format for $(1) backport: $$(SOURCEFORMAT_$(1)))
+endif #SOURCEFORMAT_$(1)
+
+# for 3.0 (quilt)
+$(TARBALLDIR)/$(SRCPKG)_$$(DEBIAN_VERSION_$(1)).debian.tar.xz: \
+ $$(BACKPORTDIR_$(1))/debian/changelog \
+ $$(shell $$(FINDCMD_$(1))) \
+ $$(BACKPORTDIR_$(1))/$$(DIRHASH_$(1)).backport.dirhash \
+ $$(shell $$(FINDCMDROOT_$(1))) \
+ $$(BACKPORTDIR_$(1))/$$(DIRHASHROOT_$(1)).root.dirhash \
+ $$(BACKPORTDIR_$(1))/exclude
+ rm -f $$(subst .tar.xz,.tar,$$@) $$@
+ tar -chf $$(subst .tar.xz,.tar,$$@) \
+ --exclude-vcs $$(EXCLUDEROOT_TAR_$(1)) debian/
+ cd debian/backports/$(1) && tar -uhf $$(subst .tar.xz,.tar,$$@) \
+ --exclude-vcs debian/
+ xz $$(subst .tar.xz,.tar,$$@)
+
+$$(BACKPORTDIR_$(1))/debian/changelog: \
+ debian/changelog \
+ debian/backports/$(1)/versionext
+ rm -f debian/backports/$(1)/debian/changelog
+ cp $$< $$@
+ $(if $$(VERSIONEXT_$(1)), \
+ dch -c $$@ -v '$$(DEBIAN_VERSION_$(1))' -b \
+ 'backport to $(1) systems', \
+ )
+
+$$(BACKPORTDIR_$(1))/$$(DIRHASH_$(1)).backport.dirhash:
+ rm -f debian/backports/$(1)/*.backport.dirhash
+ touch $$@
+
+$$(BACKPORTDIR_$(1))/$$(DIRHASHROOT_$(1)).root.dirhash:
+ rm -f debian/backports/$(1)/*.root.dirhash
+ touch $$@
+
+endef # backports-targets
+$(foreach backport,$(KNOWN_BACKPORTS),$(eval \
+ $(call backports-targets,$(backport))))
+
+backports: $(KNOWN_BACKPORTS)
diff --git a/debian/backports/ubuntu12.04/debian/control b/debian/backports/ubuntu12.04/debian/control
new file mode 100644
index 0000000..169e2e8
--- /dev/null
+++ b/debian/backports/ubuntu12.04/debian/control
@@ -0,0 +1,56 @@
+Source: frr
+Section: net
+Priority: optional
+Maintainer: Nobody <nobody at frrouting.org>
+Uploaders: Nobody <nobody at frrouting.org>
+XSBC-Original-Maintainer: <maintainers at frrouting.org>
+Build-Depends: debhelper (>= 7.0.50~), libncurses5-dev, libreadline-dev, texlive-latex-base, texlive-generic-recommended, libpam0g-dev | libpam-dev, libcap-dev, texinfo (>= 4.7), imagemagick, ghostscript, groff, autotools-dev, libpcre3-dev, gawk, chrpath, libsnmp-dev, git, dh-autoreconf, libjson0, libjson0-dev, pkg-config, python (>= 2.7), python-ipaddr, install-info
+Standards-Version: 3.9.6
+Homepage: http://www.frrouting.org/
+XS-Testsuite: autopkgtest
+
+Package: frr
+Architecture: any
+Depends: ${shlibs:Depends}, logrotate (>= 3.2-11), ${misc:Depends}
+Pre-Depends: adduser
+Conflicts: zebra, zebra-pj, quagga
+Replaces: zebra, zebra-pj
+Suggests: snmpd
+Description: BGP/OSPF/RIP/RIPng/ISIS/PIM/LDP routing daemon forked from Quagga
+ FRR is free software which manages TCP/IP based routing protocols.
+ It supports BGP4, BGP4+, OSPFv2, OSPFv3, IS-IS, RIPv1, RIPv2, RIPng,
+ PIM and LDP as well as the IPv6 versions of these.
+ .
+ FRR is a fork of Quagga with an open community model. The main git
+ lives on https://github.com/frrouting/frr.git
+
+Package: frr-dbg
+Architecture: any
+Depends: ${shlibs:Depends}, ${misc:Depends}, frr (= ${binary:Version})
+Priority: extra
+Section: debug
+Description: BGP/OSPF/RIP/RIPng/ISIS/PIM/LDP routing daemon (debug symbols)
+ This package provides debugging symbols for all binary packages built
+ from frr source package. It's highly recommended to have this package
+ installed before reporting any FRR crashes to either FRR developers or
+ Debian package maintainers.
+
+Package: frr-doc
+Section: net
+Architecture: all
+Depends: ${misc:Depends}
+Suggests: frr
+Description: documentation files for FRR
+ This package includes info files for frr, a free software which manages
+ TCP/IP based routing protocols. It supports BGP4, BGP4+, OSPFv2, OSPFv3,
+ IS-IS, RIPv1, RIPv2, RIPng, PIM and LDP as well as the IPv6 versions of these.
+
+Package: frr-pythontools
+Section: net
+Architecture: all
+Depends: ${misc:Depends}, frr (= ${binary:Version}), python (>= 2.7), python-ipaddr
+Description: BGP/OSPF/RIP/RIPng/ISIS/PIM/LDP routing daemon (Python Tools)
+ This package includes info files for frr, a free software which manages
+ TCP/IP based routing protocols. It supports BGP4, BGP4+, OSPFv2, OSPFv3,
+ IS-IS, RIPv1, RIPv2, RIPng, PIM and LDP as well as the IPv6 versions of these.
+
diff --git a/debian/backports/ubuntu12.04/debian/frr.install b/debian/backports/ubuntu12.04/debian/frr.install
new file mode 120000
index 0000000..83ecca5
--- /dev/null
+++ b/debian/backports/ubuntu12.04/debian/frr.install
@@ -0,0 +1 @@
+../../ubuntu14.04/debian/frr.install
\ No newline at end of file
diff --git a/debian/backports/ubuntu12.04/debian/frr.postinst b/debian/backports/ubuntu12.04/debian/frr.postinst
new file mode 120000
index 0000000..eb98053
--- /dev/null
+++ b/debian/backports/ubuntu12.04/debian/frr.postinst
@@ -0,0 +1 @@
+../../ubuntu14.04/debian/frr.postinst
\ No newline at end of file
diff --git a/debian/backports/ubuntu12.04/debian/frr.postrm b/debian/backports/ubuntu12.04/debian/frr.postrm
new file mode 120000
index 0000000..4f43808
--- /dev/null
+++ b/debian/backports/ubuntu12.04/debian/frr.postrm
@@ -0,0 +1 @@
+../../ubuntu14.04/debian/frr.postrm
\ No newline at end of file
diff --git a/debian/backports/ubuntu12.04/debian/rules b/debian/backports/ubuntu12.04/debian/rules
new file mode 100755
index 0000000..01ad81d
--- /dev/null
+++ b/debian/backports/ubuntu12.04/debian/rules
@@ -0,0 +1,173 @@
+#!/usr/bin/make -f
+
+# FRRouting Configuration options
+######################################
+#
+# WANT_xxxx --> Set to 1 for enable, 0 for disable
+# The following are the defaults. They can be overridden by setting a
+# env variable to a different value
+
+WANT_LDP ?= 1
+WANT_PIM ?= 1
+WANT_OSPFAPI ?= 1
+WANT_TCP_ZEBRA ?= 0
+WANT_BGP_VNC ?= 1
+WANT_CUMULUS_MODE ?= 0
+WANT_MULTIPATH ?= 1
+WANT_SNMP ?= 0
+
+# NOTES:
+#
+# If multipath is enabled (WANT_MULTIPATH=1), then set number of multipaths here
+# Please be aware that 0 is NOT disabled, but treated as unlimited
+
+MULTIPATH ?= 256
+
+# Set the following to the value required (or leave alone for the default below)
+# WANT_FRR_USER is used for the username and groupname of the FRR user account
+
+WANT_FRR_USER ?= frr
+WANT_FRR_VTY_GROUP ?= frrvty
+
+# Don't build PDF docs by default
+GENERATE_PDF ?= 0
+
+#
+####################################
+
+export DH_VERBOSE=1
+export DEB_BUILD_MAINT_OPTIONS = hardening=+all
+export DH_OPTIONS=-v
+
+ifeq ($(WANT_SNMP), 1)
+ USE_SNMP=--enable-snmp
+ $(warning "DEBIAN: SNMP enabled, sorry for your inconvenience")
+else
+ USE_SNMP=--disable-snmp
+ $(warning "DEBIAN: SNMP disabled, see README.Debian")
+endif
+
+ifeq ($(WANT_LDP), 1)
+ USE_LDP=--enable-ldpd
+else
+ USE_LDP=--disable-ldpd
+endif
+
+ifeq ($(WANT_PIM), 1)
+ USE_PIM=--enable-pimd
+else
+ USE_PIM=--disable-pimd
+endif
+
+ifeq ($(WANT_OSPFAPI), 1)
+ USE_OSPFAPI=--enable-ospfapi=yes
+else
+ USE_OSPFAPI=--enable-ospfapi=no
+endif
+
+ifeq ($(WANT_TCP_ZEBRA),1)
+ USE_TCP_ZEBRA=--enable-tcp-zebra
+else
+ USE_TCP_ZEBRA=--disable-tcp-zebra
+endif
+
+ifeq ($(WANT_BGP_VNC), 1)
+ USE_BGP_VNC=--enable-bgp-vnc=yes
+else
+ USE_BGP_VNC=--enable-bgp-vnc=no
+endif
+
+USE_FRR_USER=--enable-user=$(WANT_FRR_USER)
+USE_FRR_GROUP=--enable-group=$(WANT_FRR_USER)
+USE_FRR_VTY_GROUP=--enable-vty-group=$(WANT_FRR_VTY_GROUP)
+
+ifeq ($(WANT_MULTIPATH), 1)
+ USE_MULTIPATH=--enable-multipath=$(MULTIPATH)
+else
+ USE_MULTIPATH=--disable-multipath
+endif
+
+ifeq ($(WANT_CUMULUS_MODE), 1)
+ USE_CUMULUS=--enable-cumulus=yes
+else
+ USE_CUMULUS=--enable-cumulus=no
+endif
+
+ifneq (,$(filter parallel=%,$(DEB_BUILD_OPTIONS)))
+ DEBIAN_JOBS := $(subst parallel=,,$(filter parallel=%,$(DEB_BUILD_OPTIONS)))
+endif
+
+ifdef DEBIAN_JOBS
+MAKEFLAGS += -j$(DEBIAN_JOBS)
+endif
+
+%:
+ dh $@ --with=autoreconf --parallel --dbg-package=frr-dbg --list-missing
+
+override_dh_auto_configure:
+ # Frr needs /proc to check some BSD vs Linux specific stuff.
+ # Else it fails with an obscure error message pointing out that
+ # IPCTL_FORWARDING is an undefined symbol which is not very helpful.
+ @if ! [ -d /proc/1 ]; then \
+ echo "./configure needs a mounted /proc"; \
+ exit 1; \
+ fi
+
+ if ! [ -e config.status ]; then \
+ dh_auto_configure -- \
+ --enable-exampledir=/usr/share/doc/frr/examples/ \
+ --localstatedir=/var/run/frr \
+ --sbindir=/usr/lib/frr \
+ --sysconfdir=/etc/frr \
+ $(USE_SNMP) \
+ $(USE_OSPFAPI) \
+ $(USE_MULTIPATH) \
+ $(USE_LDP) \
+ $(USE_TCP_ZEBRA) \
+ --enable-fpm \
+ $(USE_FRR_USER) $(USE_FRR_GROUP) \
+ $(USE_FRR_VTY_GROUP) \
+ --enable-configfile-mask=0640 \
+ --enable-logfile-mask=0640 \
+ --with-libpam \
+ --enable-systemd=no \
+ --enable-poll=yes \
+ $(USE_CUMULUS) \
+ $(USE_PIM) \
+ --enable-dependency-tracking \
+ $(USE_BGP_VNC) \
+ $(shell dpkg-buildflags --export=configure); \
+ fi
+
+override_dh_auto_build:
+ifeq ($(GENERATE_PDF), 1)
+ dh_auto_build -- -C doc pdf
+endif
+ rm -vf doc/user/_build/texinfo/frr.info
+ dh_auto_build -- -C doc info
+
+override_dh_auto_test:
+
+override_dh_auto_install:
+ dh_auto_install
+
+ # installed in frr-pythontools
+ rm debian/tmp/usr/lib/frr/frr-reload.py
+
+ # cleaning up the info dir
+ rm -f debian/tmp/usr/share/info/dir*
+
+ # install config files
+ mkdir -p debian/tmp/etc/frr/
+ perl -pi -e 's#^!log file #!log file /var/log/frr/#' debian/tmp/usr/share/doc/frr/examples/*sample*
+
+ # installing the Frr specific SNMP MIB
+ifeq ($(WANT_SNMP), 1)
+ install -D -m 644 ./zebra/GNOME-PRODUCT-ZEBRA-MIB debian/tmp/usr/share/snmp/mibs/GNOME-PRODUCT-ZEBRA-MIB
+else
+ mkdir -p debian/tmp/usr/share/snmp/mibs
+endif
+
+ # cleaning .la files
+ sed -i "/dependency_libs/ s/'.*'/''/" debian/tmp/usr/lib/*.la
+ sed -i "/dependency_libs/ s/'.*'/''/" debian/tmp/usr/lib/frr/modules/*.la
diff --git a/debian/backports/ubuntu12.04/debian/source/format b/debian/backports/ubuntu12.04/debian/source/format
new file mode 100644
index 0000000..163aaf8
--- /dev/null
+++ b/debian/backports/ubuntu12.04/debian/source/format
@@ -0,0 +1 @@
+3.0 (quilt)
diff --git a/debian/backports/ubuntu12.04/exclude b/debian/backports/ubuntu12.04/exclude
new file mode 100644
index 0000000..e69de29
diff --git a/debian/backports/ubuntu12.04/versionext b/debian/backports/ubuntu12.04/versionext
new file mode 100644
index 0000000..159e2e4
--- /dev/null
+++ b/debian/backports/ubuntu12.04/versionext
@@ -0,0 +1 @@
+-1~ubuntu12.04+1
diff --git a/debian/backports/ubuntu14.04/debian/control b/debian/backports/ubuntu14.04/debian/control
new file mode 100644
index 0000000..00a1388
--- /dev/null
+++ b/debian/backports/ubuntu14.04/debian/control
@@ -0,0 +1,56 @@
+Source: frr
+Section: net
+Priority: optional
+Maintainer: Nobody <nobody at frrouting.org>
+Uploaders: Nobody <nobody at frrouting.org>
+XSBC-Original-Maintainer: <maintainers at frrouting.org>
+Build-Depends: debhelper (>= 7.0.50~), libncurses5-dev, libreadline-dev, texlive-latex-base, texlive-generic-recommended, libpam0g-dev | libpam-dev, libcap-dev, texinfo (>= 4.7), imagemagick, ghostscript, groff, autotools-dev, libpcre3-dev, gawk, chrpath, libsnmp-dev, git, dh-autoreconf, libjson-c-dev, libjson-c2, pkg-config, python (>= 2.7), python-ipaddr, install-info
+Standards-Version: 3.9.6
+Homepage: http://www.frrouting.org/
+XS-Testsuite: autopkgtest
+
+Package: frr
+Architecture: any
+Depends: ${shlibs:Depends}, logrotate (>= 3.2-11), ${misc:Depends}
+Pre-Depends: adduser
+Conflicts: zebra, zebra-pj, quagga
+Replaces: zebra, zebra-pj
+Suggests: snmpd
+Description: BGP/OSPF/RIP/RIPng/ISIS/PIM/LDP routing daemon forked from Quagga
+ FRR is free software which manages TCP/IP based routing protocols.
+ It supports BGP4, BGP4+, OSPFv2, OSPFv3, IS-IS, RIPv1, RIPv2, RIPng,
+ PIM and LDP as well as the IPv6 versions of these.
+ .
+ FRR is a fork of Quagga with an open community model. The main git
+ lives on https://github.com/frrouting/frr.git
+
+Package: frr-dbg
+Architecture: any
+Depends: ${shlibs:Depends}, ${misc:Depends}, frr (= ${binary:Version})
+Priority: extra
+Section: debug
+Description: BGP/OSPF/RIP/RIPng/ISIS/PIM/LDP routing daemon (debug symbols)
+ This package provides debugging symbols for all binary packages built
+ from frr source package. It's highly recommended to have this package
+ installed before reporting any FRR crashes to either FRR developers or
+ Debian package maintainers.
+
+Package: frr-doc
+Section: net
+Architecture: all
+Depends: ${misc:Depends}
+Suggests: frr
+Description: BGP/OSPF/RIP/RIPng/ISIS/PIM/LDP routing daemon (documentation)
+ This package includes info files for frr, a free software which manages
+ TCP/IP based routing protocols. It supports BGP4, BGP4+, OSPFv2, OSPFv3,
+ IS-IS, RIPv1, RIPv2, RIPng, PIM and LDP as well as the IPv6 versions of these.
+
+Package: frr-pythontools
+Section: net
+Architecture: all
+Depends: ${misc:Depends}, frr (= ${binary:Version}), python (>= 2.7), python-ipaddr
+Description: BGP/OSPF/RIP/RIPng/ISIS/PIM/LDP routing daemon (Python Tools)
+ This package includes info files for frr, a free software which manages
+ TCP/IP based routing protocols. It supports BGP4, BGP4+, OSPFv2, OSPFv3,
+ IS-IS, RIPv1, RIPv2, RIPng, PIM and LDP as well as the IPv6 versions of these.
+
diff --git a/debian/backports/ubuntu14.04/debian/frr.install b/debian/backports/ubuntu14.04/debian/frr.install
new file mode 100644
index 0000000..0b0d953
--- /dev/null
+++ b/debian/backports/ubuntu14.04/debian/frr.install
@@ -0,0 +1,11 @@
+etc/frr/
+usr/bin/vtysh
+usr/bin/mtracebis
+usr/include/frr/
+usr/lib/
+tools/frr etc/init.d/
+usr/share/doc/frr/
+usr/share/snmp/mibs/
+tools/etc/* etc/
+tools/*.service lib/systemd/system
+debian/frr.conf usr/lib/tmpfiles.d
diff --git a/debian/backports/ubuntu14.04/debian/frr.postinst b/debian/backports/ubuntu14.04/debian/frr.postinst
new file mode 100644
index 0000000..5a14e51
--- /dev/null
+++ b/debian/backports/ubuntu14.04/debian/frr.postinst
@@ -0,0 +1,38 @@
+#!/bin/bash -e
+
+######################
+PASSWDFILE=/etc/passwd
+GROUPFILE=/etc/group
+
+frruid=`egrep "^frr:" $PASSWDFILE | awk -F ":" '{ print $3 }'`
+frrgid=`egrep "^frr:" $GROUPFILE | awk -F ":" '{ print $3 }'`
+frrvtygid=`egrep "^frrvty:" $GROUPFILE | awk -F ":" '{ print $3 }'`
+
+[ -n ${frruid} ] || (echo "No uid for frr in ${PASSWDFILE}" && /bin/false)
+[ -n ${frrgid} ] || (echo "No gid for frr in ${GROUPFILE}" && /bin/false)
+[ -n ${frrVTYgid} ] || (echo "No gid for frrvty in ${GROUPFILE}" && /bin/false)
+
+chown -R ${frruid}:${frrgid} /etc/frr
+touch /etc/frr/vtysh.conf
+chgrp ${frrvtygid} /etc/frr/vtysh*
+chmod 644 /etc/frr/*
+
+ENVIRONMENTFILE=/etc/environment
+if ! egrep --quiet '^VTYSH_PAGER=' ${ENVIRONMENTFILE}; then
+ echo "VTYSH_PAGER=/bin/cat" >> ${ENVIRONMENTFILE}
+fi
+##################################################
+
+if [ -n "$DEBIAN_SCRIPT_DEBUG" ]; then set -v -x; DEBIAN_SCRIPT_TRACE=1; fi
+${DEBIAN_SCRIPT_TRACE:+ echo "#42#DEBUG# RUNNING $0 $*"}
+
+# This is most likely due to the answer "no" to the "really stop the server"
+# question in the prerm script.
+if [ "$1" = "abort-upgrade" ]; then
+ exit 0
+fi
+
+update-rc.d frr defaults > /dev/null
+
+#DEBHELPER#
+
diff --git a/debian/backports/ubuntu14.04/debian/frr.postrm b/debian/backports/ubuntu14.04/debian/frr.postrm
new file mode 100644
index 0000000..48c2332
--- /dev/null
+++ b/debian/backports/ubuntu14.04/debian/frr.postrm
@@ -0,0 +1,14 @@
+#!/bin/bash -e
+
+if [ -n "$DEBIAN_SCRIPT_DEBUG" ]; then set -v -x; DEBIAN_SCRIPT_TRACE=1; fi
+${DEBIAN_SCRIPT_TRACE:+ echo "#42#DEBUG# RUNNING $0 $*"}
+# set -u not because of debhelper
+
+update-rc.d -f frr remove >> /dev/null
+
+if [ "$1" = "purge" ]; then
+ rm -rf /etc/frr /var/run/frr /var/log/frr
+ userdel frr >/dev/null 2>&1 || true
+fi
+
+#DEBHELPER#
diff --git a/debian/backports/ubuntu14.04/debian/rules b/debian/backports/ubuntu14.04/debian/rules
new file mode 100755
index 0000000..f7b9428
--- /dev/null
+++ b/debian/backports/ubuntu14.04/debian/rules
@@ -0,0 +1,207 @@
+#!/usr/bin/make -f
+
+# FRRouting Configuration options
+######################################
+#
+# WANT_xxxx --> Set to 1 for enable, 0 for disable
+# The following are the defaults. They can be overridden by setting a
+# env variable to a different value
+
+WANT_LDP ?= 1
+WANT_PIM ?= 1
+WANT_OSPFAPI ?= 1
+WANT_TCP_ZEBRA ?= 0
+WANT_BGP_VNC ?= 1
+WANT_CUMULUS_MODE ?= 0
+WANT_MULTIPATH ?= 1
+WANT_SNMP ?= 0
+WANT_RPKI ?= 0
+
+# NOTES:
+#
+# If you use WANT_RPKI, then there is a new dependency for librtr0 package
+# and a build dependency of the librtr-dev package.
+# While the librtr0 is added to the depenencies automatically, the build
+# dependency can't be changed dynamically and building will fail if the
+# librtr-dev isn't installed during package build
+# Tested versions of both packages can be found at
+# https://ci1.netdef.org/browse/RPKI-RTRLIB/latestSuccessful/artifact
+#
+# If multipath is enabled (WANT_MULTIPATH=1), then set number of multipaths here
+# Please be aware that 0 is NOT disabled, but treated as unlimited
+
+MULTIPATH ?= 256
+
+# Set the following to the value required (or leave alone for the default below)
+# WANT_FRR_USER is used for the username and groupname of the FRR user account
+
+WANT_FRR_USER ?= frr
+WANT_FRR_VTY_GROUP ?= frrvty
+
+# Don't build PDF docs by default
+GENERATE_PDF ?= 0
+
+#
+####################################
+
+export DH_VERBOSE=1
+export DEB_BUILD_MAINT_OPTIONS = hardening=+all
+export DH_OPTIONS=-v
+
+ifeq ($(WANT_SNMP), 1)
+ USE_SNMP=--enable-snmp
+ $(warning "DEBIAN: SNMP enabled, sorry for your inconvenience")
+else
+ USE_SNMP=--disable-snmp
+ $(warning "DEBIAN: SNMP disabled, see README.Debian")
+endif
+
+ifeq ($(WANT_LDP), 1)
+ USE_LDP=--enable-ldpd
+else
+ USE_LDP=--disable-ldpd
+endif
+
+ifeq ($(WANT_PIM), 1)
+ USE_PIM=--enable-pimd
+else
+ USE_PIM=--disable-pimd
+endif
+
+ifeq ($(WANT_OSPFAPI), 1)
+ USE_OSPFAPI=--enable-ospfapi=yes
+else
+ USE_OSPFAPI=--enable-ospfapi=no
+endif
+
+ifeq ($(WANT_TCP_ZEBRA),1)
+ USE_TCP_ZEBRA=--enable-tcp-zebra
+else
+ USE_TCP_ZEBRA=--disable-tcp-zebra
+endif
+
+ifeq ($(WANT_BGP_VNC), 1)
+ USE_BGP_VNC=--enable-bgp-vnc=yes
+else
+ USE_BGP_VNC=--enable-bgp-vnc=no
+endif
+
+USE_FRR_USER=--enable-user=$(WANT_FRR_USER)
+USE_FRR_GROUP=--enable-group=$(WANT_FRR_USER)
+USE_FRR_VTY_GROUP=--enable-vty-group=$(WANT_FRR_VTY_GROUP)
+
+ifeq ($(WANT_MULTIPATH), 1)
+ USE_MULTIPATH=--enable-multipath=$(MULTIPATH)
+else
+ USE_MULTIPATH=--disable-multipath
+endif
+
+ifeq ($(WANT_CUMULUS_MODE), 1)
+ USE_CUMULUS=--enable-cumulus=yes
+else
+ USE_CUMULUS=--enable-cumulus=no
+endif
+
+ifeq ($(WANT_RPKI), 1)
+ USE_RPKI=--enable-rpki
+else
+ USE_RPKI=--disable-rpki
+endif
+
+ifneq (,$(filter parallel=%,$(DEB_BUILD_OPTIONS)))
+ DEBIAN_JOBS := $(subst parallel=,,$(filter parallel=%,$(DEB_BUILD_OPTIONS)))
+endif
+
+ifdef DEBIAN_JOBS
+MAKEFLAGS += -j$(DEBIAN_JOBS)
+endif
+
+%:
+ dh $@ --with=autoreconf --parallel --dbg-package=frr-dbg --list-missing
+
+override_dh_gencontrol:
+ifeq ($(WANT_RPKI), 1)
+ dh_gencontrol -- -Vdist:Depends="librtr0 (>= 0.5)"
+else
+ dh_gencontrol
+endif
+
+override_dh_auto_configure:
+ # Frr needs /proc to check some BSD vs Linux specific stuff.
+ # Else it fails with an obscure error message pointing out that
+ # IPCTL_FORWARDING is an undefined symbol which is not very helpful.
+ @if ! [ -d /proc/1 ]; then \
+ echo "./configure needs a mounted /proc"; \
+ exit 1; \
+ fi
+
+ if ! [ -e config.status ]; then \
+ dh_auto_configure -- \
+ --enable-exampledir=/usr/share/doc/frr/examples/ \
+ --localstatedir=/var/run/frr \
+ --sbindir=/usr/lib/frr \
+ --sysconfdir=/etc/frr \
+ $(USE_SNMP) \
+ $(USE_OSPFAPI) \
+ $(USE_MULTIPATH) \
+ $(USE_LDP) \
+ $(USE_TCP_ZEBRA) \
+ --enable-fpm \
+ $(USE_FRR_USER) $(USE_FRR_GROUP) \
+ $(USE_FRR_VTY_GROUP) \
+ --enable-configfile-mask=0640 \
+ --enable-logfile-mask=0640 \
+ --with-libpam \
+ --enable-systemd=no \
+ --enable-poll=yes \
+ $(USE_CUMULUS) \
+ $(USE_PIM) \
+ --enable-dependency-tracking \
+ $(USE_BGP_VNC) \
+ $(USE_RPKI) \
+ $(shell dpkg-buildflags --export=configure); \
+ fi
+
+override_dh_auto_build:
+ #dh_auto_build
+ $(MAKE)
+
+ # doc/ is a bit crazy
+ifeq ($(GENERATE_PDF), 1)
+ dh_auto_build -- -C doc pdf
+endif
+ rm -vf doc/_build/texinfo/frr.info
+ dh_auto_build -- -C doc info
+
+override_dh_auto_test:
+
+override_dh_auto_install:
+ dh_auto_install
+
+ # installed in frr-pythontools
+ rm debian/tmp/usr/lib/frr/frr-reload.py
+
+ # cleaning up the info dir
+ rm -f debian/tmp/usr/share/info/dir*
+
+ # install config files
+ mkdir -p debian/tmp/etc/frr/
+ perl -pi -e 's#^!log file #!log file /var/log/frr/#' debian/tmp/usr/share/doc/frr/examples/*sample*
+
+ # installing the Frr specific SNMP MIB
+ifeq ($(WANT_SNMP), 1)
+ install -D -m 644 ./zebra/GNOME-PRODUCT-ZEBRA-MIB debian/tmp/usr/share/snmp/mibs/GNOME-PRODUCT-ZEBRA-MIB
+else
+ mkdir -p debian/tmp/usr/share/snmp/mibs/
+endif
+
+ # cleaning .la files
+ sed -i "/dependency_libs/ s/'.*'/''/" debian/tmp/usr/lib/*.la
+ sed -i "/dependency_libs/ s/'.*'/''/" debian/tmp/usr/lib/frr/modules/*.la
+
+override_dh_systemd_start:
+ dh_systemd_start frr.service
+
+override_dh_systemd_enable:
+ dh_systemd_enable frr.service
+
diff --git a/debian/backports/ubuntu14.04/debian/source/format b/debian/backports/ubuntu14.04/debian/source/format
new file mode 100644
index 0000000..163aaf8
--- /dev/null
+++ b/debian/backports/ubuntu14.04/debian/source/format
@@ -0,0 +1 @@
+3.0 (quilt)
diff --git a/debian/backports/ubuntu14.04/exclude b/debian/backports/ubuntu14.04/exclude
new file mode 100644
index 0000000..e69de29
diff --git a/debian/backports/ubuntu14.04/versionext b/debian/backports/ubuntu14.04/versionext
new file mode 100644
index 0000000..c5be065
--- /dev/null
+++ b/debian/backports/ubuntu14.04/versionext
@@ -0,0 +1 @@
+-1~ubuntu14.04+1
diff --git a/debian/backports/ubuntu16.04/debian/source/format b/debian/backports/ubuntu16.04/debian/source/format
new file mode 100644
index 0000000..163aaf8
--- /dev/null
+++ b/debian/backports/ubuntu16.04/debian/source/format
@@ -0,0 +1 @@
+3.0 (quilt)
diff --git a/debian/backports/ubuntu16.04/exclude b/debian/backports/ubuntu16.04/exclude
new file mode 100644
index 0000000..e69de29
diff --git a/debian/backports/ubuntu16.04/versionext b/debian/backports/ubuntu16.04/versionext
new file mode 100644
index 0000000..dc33d97
--- /dev/null
+++ b/debian/backports/ubuntu16.04/versionext
@@ -0,0 +1 @@
+-1~ubuntu16.04+1
diff --git a/debian/backports/ubuntu17.10/debian/control b/debian/backports/ubuntu17.10/debian/control
new file mode 100644
index 0000000..1bc3c4e
--- /dev/null
+++ b/debian/backports/ubuntu17.10/debian/control
@@ -0,0 +1,54 @@
+Source: frr
+Section: net
+Priority: optional
+Maintainer: Nobody <nobody at frrouting.org>
+Uploaders: Nobody <nobody at frrouting.org>
+XSBC-Original-Maintainer: <maintainers at frrouting.org>
+Build-Depends: debhelper (>= 7.0.50~), libncurses5-dev, libreadline-dev, texlive-latex-base, texlive-generic-recommended, libpam0g-dev | libpam-dev, libcap-dev, texinfo (>= 4.7), imagemagick, ghostscript, groff, autotools-dev, libpcre3-dev, gawk, chrpath, libsnmp-dev, git, dh-autoreconf, libjson-c-dev, libjson-c2 | libjson-c3, dh-systemd, libsystemd-dev, bison, flex, libc-ares-dev, pkg-config, python (>= 2.7), python-ipaddr, libpython-dev
+Standards-Version: 3.9.6
+Homepage: http://www.frrouting.org/
+
+Package: frr
+Architecture: any
+Depends: ${shlibs:Depends}, logrotate (>= 3.2-11), iproute2 | iproute, ${misc:Depends}, libc-ares2
+Pre-Depends: adduser
+Conflicts: zebra, zebra-pj, quagga
+Replaces: zebra, zebra-pj
+Suggests: snmpd
+Description: BGP/OSPF/RIP/RIPng/ISIS/PIM/LDP routing daemon forked from Quagga
+ FRR is free software which manages TCP/IP based routing protocols.
+ It supports BGP4, BGP4+, OSPFv2, OSPFv3, IS-IS, RIPv1, RIPv2, RIPng,
+ PIM and LDP as well as the IPv6 versions of these.
+ .
+ FRR is a fork of Quagga with an open community model. The main git
+ lives on https://github.com/frrouting/frr.git
+
+Package: frr-dbg
+Architecture: any
+Depends: ${shlibs:Depends}, ${misc:Depends}, frr (= ${binary:Version})
+Priority: optional
+Section: debug
+Description: BGP/OSPF/RIP/RIPng/ISIS/PIM/LDP routing daemon (debug symbols)
+ This package provides debugging symbols for all binary packages built
+ from frr source package. It's highly recommended to have this package
+ installed before reporting any FRR crashes to either FRR developers or
+ Debian package maintainers.
+
+Package: frr-doc
+Section: net
+Architecture: all
+Depends: ${misc:Depends}
+Suggests: frr
+Description: BGP/OSPF/RIP/RIPng/ISIS/PIM/LDP routing daemon (documentation)
+ This package includes info files for frr, a free software which manages
+ TCP/IP based routing protocols. It supports BGP4, BGP4+, OSPFv2, OSPFv3,
+ IS-IS, RIPv1, RIPv2, RIPng, PIM and LDP as well as the IPv6 versions of these.
+
+Package: frr-pythontools
+Section: net
+Architecture: all
+Depends: ${misc:Depends}, frr (= ${binary:Version}), python (>= 2.7), python-ipaddr
+Description: BGP/OSPF/RIP/RIPng/ISIS/PIM/LDP routing daemon (Python Tools)
+ This package includes info files for frr, a free software which manages
+ TCP/IP based routing protocols. It supports BGP4, BGP4+, OSPFv2, OSPFv3,
+ IS-IS, RIPv1, RIPv2, RIPng, PIM and LDP as well as the IPv6 versions of these.
diff --git a/debian/backports/ubuntu17.10/debian/source/format b/debian/backports/ubuntu17.10/debian/source/format
new file mode 100644
index 0000000..163aaf8
--- /dev/null
+++ b/debian/backports/ubuntu17.10/debian/source/format
@@ -0,0 +1 @@
+3.0 (quilt)
diff --git a/debian/backports/ubuntu17.10/exclude b/debian/backports/ubuntu17.10/exclude
new file mode 100644
index 0000000..e69de29
diff --git a/debian/backports/ubuntu17.10/versionext b/debian/backports/ubuntu17.10/versionext
new file mode 100644
index 0000000..bfbeccd
--- /dev/null
+++ b/debian/backports/ubuntu17.10/versionext
@@ -0,0 +1 @@
+-1~ubuntu17.10+1
diff --git a/debian/backports/ubuntu18.04/debian/control b/debian/backports/ubuntu18.04/debian/control
new file mode 100644
index 0000000..8379451
--- /dev/null
+++ b/debian/backports/ubuntu18.04/debian/control
@@ -0,0 +1,54 @@
+Source: frr
+Section: net
+Priority: optional
+Maintainer: Nobody <nobody at frrouting.org>
+Uploaders: Nobody <nobody at frrouting.org>
+XSBC-Original-Maintainer: <maintainers at frrouting.org>
+Build-Depends: debhelper (>= 7.0.50~), libncurses5-dev, libreadline-dev, texlive-latex-base, texlive-generic-recommended, libpam0g-dev | libpam-dev, libcap-dev, texinfo (>= 4.7), imagemagick, ghostscript, groff, autotools-dev, libpcre3-dev, gawk, chrpath, libsnmp-dev, git, dh-autoreconf, libjson-c-dev, libjson-c2 | libjson-c3, dh-systemd, libsystemd-dev, bison, flex, libc-ares-dev, pkg-config, python (>= 2.7), python-ipaddr, python-sphinx, libpython-dev, install-info
+Standards-Version: 3.9.6
+Homepage: http://www.frrouting.org/
+
+Package: frr
+Architecture: any
+Depends: ${shlibs:Depends}, logrotate (>= 3.2-11), iproute2 | iproute, ${misc:Depends}, libc-ares2
+Pre-Depends: adduser
+Conflicts: zebra, zebra-pj, quagga
+Replaces: zebra, zebra-pj
+Suggests: snmpd
+Description: BGP/OSPF/RIP/RIPng/ISIS/PIM/LDP routing daemon forked from Quagga
+ FRR is free software which manages TCP/IP based routing protocols.
+ It supports BGP4, BGP4+, OSPFv2, OSPFv3, IS-IS, RIPv1, RIPv2, RIPng,
+ PIM and LDP as well as the IPv6 versions of these.
+ .
+ FRR is a fork of Quagga with an open community model. The main git
+ lives on https://github.com/frrouting/frr.git
+
+Package: frr-dbg
+Architecture: any
+Depends: ${shlibs:Depends}, ${misc:Depends}, frr (= ${binary:Version})
+Priority: optional
+Section: debug
+Description: BGP/OSPF/RIP/RIPng/ISIS/PIM/LDP routing daemon (debug symbols)
+ This package provides debugging symbols for all binary packages built
+ from frr source package. It's highly recommended to have this package
+ installed before reporting any FRR crashes to either FRR developers or
+ Debian package maintainers.
+
+Package: frr-doc
+Section: net
+Architecture: all
+Depends: ${misc:Depends}
+Suggests: frr
+Description: BGP/OSPF/RIP/RIPng/ISIS/PIM/LDP routing daemon (documentation)
+ This package includes info files for frr, a free software which manages
+ TCP/IP based routing protocols. It supports BGP4, BGP4+, OSPFv2, OSPFv3,
+ IS-IS, RIPv1, RIPv2, RIPng, PIM and LDP as well as the IPv6 versions of these.
+
+Package: frr-pythontools
+Section: net
+Architecture: all
+Depends: ${misc:Depends}, frr (= ${binary:Version}), python (>= 2.7), python-ipaddr
+Description: BGP/OSPF/RIP/RIPng/ISIS/PIM/LDP routing daemon (Python Tools)
+ This package includes info files for frr, a free software which manages
+ TCP/IP based routing protocols. It supports BGP4, BGP4+, OSPFv2, OSPFv3,
+ IS-IS, RIPv1, RIPv2, RIPng, PIM and LDP as well as the IPv6 versions of these.
diff --git a/debian/backports/ubuntu18.04/debian/source/format b/debian/backports/ubuntu18.04/debian/source/format
new file mode 100644
index 0000000..163aaf8
--- /dev/null
+++ b/debian/backports/ubuntu18.04/debian/source/format
@@ -0,0 +1 @@
+3.0 (quilt)
diff --git a/debian/backports/ubuntu18.04/exclude b/debian/backports/ubuntu18.04/exclude
new file mode 100644
index 0000000..e69de29
diff --git a/debian/backports/ubuntu18.04/versionext b/debian/backports/ubuntu18.04/versionext
new file mode 100644
index 0000000..832fb4c
--- /dev/null
+++ b/debian/backports/ubuntu18.04/versionext
@@ -0,0 +1 @@
+-1~ubuntu18.04+1
diff --git a/debian/changelog.in b/debian/changelog.in
new file mode 100644
index 0000000..8f3f475
--- /dev/null
+++ b/debian/changelog.in
@@ -0,0 +1,1375 @@
+frr (@VERSION@) RELEASED; urgency=medium
+
+ * New Enabled: PIM draft Unnumbered
+
+ -- FRRouting-Dev <dev at lists.frrouting.org> Wed, 18 Oct 2017 17:01:42 -0700
+
+frr (3.0-1) RELEASED; urgency=medium
+
+ * Added Debian 9 Backport
+
+ -- FRRouting-Dev <dev at lists.frrouting.org> Mon, 16 Oct 2017 03:28:00 -0700
+
+frr (3.0-0) RELEASED; urgency=medium
+
+ * New Enabled: BGP Shutdown Message
+ * New Enabled: BGP Large Community
+ * New Enabled: BGP RFC 7432 Partial Support w/ Ethernet VPN
+ * New Enabled: BGP EVPN RT-5
+ * New Enabled: LDP RFC 5561
+ * New Enabled: LDP RFC 5918
+ * New Enabled: LDP RFC 5919
+ * New Enabled: LDP RFC 6667
+ * New Enabled: LDP RFC 7473
+ * New Enabled: OSPF RFC 4552
+ * New Enabled: ISIS SPF Backoff draft
+ * New Enabled: PIM Unnumbered Interfaces
+ * New Enabled: PIM RFC 4611
+ * New Enabled: PIM Sparse Mode
+ * New Enabled: NHRP RFC 2332
+ * New Enabled: Label Manager
+ * Switched from hardening-wrapper to dpkg-buildflags.
+
+ -- FRRouting-Dev <dev at lists.frrouting.org> Fri, 13 Oct 2017 16:17:26 -0700
+
+frr (2.0-0) RELEASED; urgency=medium
+
+ * Switchover to FRR
+
+ -- FRRouting-Dev <dev at lists.frrouting.org> Mon, 23 Jan 2017 16:30:22 -0400
+
+quagga (0.99.24+cl3u5) RELEASED; urgency=medium
+
+ * Closes: CM-12846 - Resolve Memory leaks in 'show ip bgp neighbor json'
+ * Closes: CM-5878 - Display all ospf peers with 'show ip ospf neighbor detail all'
+ * Closes: CM-5794 - Add support for IPv6 static to null0
+ * Closes: CM-13060 - Reduce JSON memory usage.
+ * Closes: CM-10394 - protect 'could not get instance' error messages with debug
+ * Closes: CM-11173 - Move netlink error messages undeer a debug
+ * Closes: CM-13328 - Fixes route missing in hardware after reboot
+
+ -- dev-support <dev-support at cumulusnetworks.com> Fri, 11 Nov 2016 22:13:29 -0400
+
+quagga (0.99.24+cl3u4) RELEASED; urgency=medium
+
+ * Closes: CM-12687 - Buffer overflow in zebra RA code
+
+ -- dev-support <dev-support at cumulusnetworks.com> Wed, 31 Aug 2016 12:36:10 -0400
+
+quagga (0.99.24+cl3u3) RELEASED; urgency=medium
+
+ * New Enabled: Merge up-to 0.99.24 code from upstream
+ * New Enabled: Additional CLI simplification
+ * New Enabled: Various Bug Fixes
+
+ -- dev-support <dev-support at cumulusnetworks.com> Thu, 04 Aug 2016 08:43:36 -0700
+
+quagga (0.99.23.1-1+cl3u2) RELEASED; urgency=medium
+
+ * New Enabled: VRF - See Documentation for how to use
+ * New Enabled: Improved interface statistics
+ * New Enabled: Various vtysh improvements
+ * New Enabled: Numerous compile warnings and SA fixes
+ * New Enabled: Improved priviledge handlingA
+ * New Enabled: Various OSPF CLI fixes
+ * New Enabled: Prefix-list Performance Improvements.
+ * New Enabled: Allow more than 1k peers in Quagga
+ and Performance Improvements
+ * New Enabled: Systemd integration
+ * New Enabled: Various ISIS fixes
+ * New Enabled: BGP MRT improvements
+ * New Enabled: Lowered default MRAI timers
+ * New Enabled: Lowered default 'timers connect'
+ * New Enabled: 'bgp log-neighbor-changes' enabled by default
+ * New Enabled: BGP default keepalive to 3s and holdtime to 9s
+ * New Enabled: OSPF spf timers are now '0 50 5000' by default
+ * New Enabled: BGP hostname is displayed by default
+ * New Enabled: BGP 'no-as-set' is the default for
+ 'bgp as-path multipath-relax"
+ * New Enabled: RA is on by default if using 5549 on an interface
+ * New Enabled: peer-group restrictions relaxed, update-groups determine
+ outbund policy anyway
+ * New Enabled: BGP enabled 'maximum-paths 64' by default
+ * New Enabled: OSPF "log-adjacency-changes" on by default
+ * New Enabled: Zebra: Add IPv6 protocol filtering support
+ * and setting src of IPv6 routes.
+ * New Enabled: BGP and OSPF JSON commands added.
+ * New Enabled: BGP Enable multiple instances support by default
+ * New Enabled: 'banner motd file' command
+ * New Enabled: Remove bad default passwords from default conf
+ * New Enabled: BGP addpath TX
+ * New Enabled: Simplified configuration for BGP Unnumbered
+
+ * New Deprecated: Remove unused 'show memory XXX' functionality
+ * New Deprecated: Remove babel protocol
+
+ * Closes: CM-10435 Addition on hidden command
+ "bfd multihop/singlehop" and "ptm-enable" per interface command
+ * Closes: CM-9974 Get route counts right for show ip route summary
+ * Closes: CM-9786 BGP memory leak in peer hostname
+ * Closes: CM-9340 BGP: Ensure correct sequence of processing at exit
+ * Closes: CM-9270 ripd: Fix crash when a default route is passed to rip
+ * Closes: CM-9255 BGPD crash around bgp_config_write ()
+ * Closes: CM-9134 ospf6d: Fix for crash when non area 0 network
+ entered first
+ * Closes: CM-8934 OSPFv3: Check area before scheduling SPF
+ * Closes: CM-8514 zebra: Crash upon disabling a link
+ * Closes: CM-8295 BGP crash in group_announce_route_walkcb
+ * Closes: CM-8191 BGP: crash in update_subgroup_merge()
+ * Closes: CM-8015 lib: Memory reporting fails over 2GB
+ * Closes: CM-7926 BGP: crash from not NULLing freed pointers
+
+ -- dev-support <dev-support at cumulusnetworks.com> Wed, 04 May 2016 16:22:52 -0700
+
+quagga (0.99.23.1-1) unstable; urgency=medium
+
+ * New upstream release
+ * Added .png figures for info files to quagga-doc package.
+ * Changed dependency from iproute to iproute2 (thanks to Andreas
+ Henriksson). Closes: #753736
+ * Added texlive-fonts-recommended to build-depends to get ecrm1095 font
+ (thanks to Christoph Biedl). Closes: #651545
+
+ -- Christian Brunotte <ch at debian.org> Tue, 30 Sep 2014 00:20:12 +0200
+
+quagga (0.99.23-1) unstable; urgency=low
+
+ * New upstream release
+ * Removed debian/patches/readline-6.3.diff which was already in upstream.
+
+ -- Christian Hammers <ch at debian.org> Tue, 08 Jul 2014 09:15:48 +0200
+
+quagga (0.99.22.4-4) unstable; urgency=medium
+
+ * Fix build failure with readline-6.3 (thanks to Matthias Klose).
+ Closes: #741774
+
+ -- Christian Hammers <ch at debian.org> Sun, 23 Mar 2014 15:28:42 +0100
+
+quagga (0.99.22.4-3) unstable; urgency=low
+
+ * Added status to init script (thanks to Peter J. Holzer). Closes: #730625
+ * Init script now sources /lib/lsb/init-functions.
+ * Switched from hardening-wrapper to dpkg-buildflags.
+
+ -- Christian Hammers <ch at debian.org> Wed, 01 Jan 2014 19:12:01 +0100
+
+quagga (0.99.22.4-2) unstable; urgency=low
+
+ * Fixed typo in package description (thanks to Davide Prina).
+ Closes: #625860
+ * Added Italian Debconf translation (thanks to Beatrice Torracca)
+ Closes: #729798
+
+ -- Christian Hammers <ch at debian.org> Tue, 26 Nov 2013 00:47:11 +0100
+
+quagga (0.99.22.4-1) unstable; urgency=high
+
+ * SECURITY:
+ "ospfd: CVE-2013-2236, stack overrun in apiserver
+
+ the OSPF API-server (exporting the LSDB and allowing announcement of
+ Opaque-LSAs) writes past the end of fixed on-stack buffers. This leads
+ to an exploitable stack overflow.
+
+ For this condition to occur, the following two conditions must be true:
+ - Quagga is configured with --enable-opaque-lsa
+ - ospfd is started with the "-a" command line option
+
+ If either of these does not hold, the relevant code is not executed and
+ the issue does not get triggered."
+ Closes: #726724
+
+ * New upstream release
+ - ospfd: protect vs. VU#229804 (malformed Router-LSA)
+ (Quagga is said to be non-vulnerable but still adds some protection)
+
+ -- Christian Hammers <ch at debian.org> Thu, 24 Oct 2013 22:58:37 +0200
+
+quagga (0.99.22.1-2) unstable; urgency=low
+
+ * Added autopkgtests (thanks to Yolanda Robla). Closes: #710147
+ * Added "status" command to init script (thanks to James Andrewartha).
+ Closes: #690013
+ * Added "libsnmp-dev" to Build-Deps. There not needed for the official
+ builds but for people who compile Quagga themselves to activate the
+ SNMP feature (which for licence reasons cannot be done by Debian).
+ Thanks to Ben Winslow). Closes: #694852
+ * Changed watchquagga_options to an array so that quotes can finally
+ be used as expected. Closes: #681088
+ * Fixed bug that prevented restarting only the watchquagga daemon
+ (thanks to Harald Kappe). Closes: #687124
+
+ -- Christian Hammers <ch at debian.org> Sat, 27 Jul 2013 16:06:25 +0200
+
+quagga (0.99.22.1-1) unstable; urgency=low
+
+ * New upstream release
+ - ospfd restore nexthop IP for p2p interfaces
+ - ospfd: fix LSA initialization for build without opaque LSA
+ - ripd: correctly redistribute ifindex routes (BZ#664)
+ - bgpd: fix lost passwords of grouped neighbors
+ * Removed 91_ld_as_needed.diff as it was found in the upstream source.
+
+ -- Christian Hammers <ch at debian.org> Mon, 22 Apr 2013 22:21:20 +0200
+
+quagga (0.99.22-1) unstable; urgency=low
+
+ * New upstream release.
+ - [bgpd] The semantics of default-originate route-map have changed.
+ The route-map is now used to advertise the default route conditionally.
+ The old behaviour which allowed to set attributes on the originated
+ default route is no longer supported.
+ - [bgpd] this version of bgpd implements draft-idr-error-handling. This was
+ added in 0.99.21 and may not be desirable. If you need a version
+ without this behaviour, please use 0.99.20.1. There will be a
+ runtime configuration switch for this in future versions.
+ - [isisd] is in "beta" state.
+ - [ospf6d] is in "alpha/experimental" state
+ - More changes are documented in the upstream changelog!
+ * debian/watch: Adjusted to new savannah.gnu.org site, thanks to Bart
+ Martens.
+ * debian/patches/99_CVE-2012-1820_bgp_capability_orf.diff removed as its
+ in the changelog.
+ * debian/patches/99_distribute_list.diff removed as its in the changelog.
+ * debian/patches/10_doc__Makefiles__makeinfo-force.diff removed as it
+ was just for Debian woody.
+
+ -- Christian Hammers <ch at debian.org> Thu, 14 Feb 2013 00:22:00 +0100
+
+quagga (0.99.21-4) unstable; urgency=medium
+
+ * Fixed regression bug that caused OSPF "distribute-list" statements to be
+ silently ignored. The patch has already been applied upstream but there
+ has been no new Quagga release since then.
+ Thanks to Hans van Kranenburg for reporting. Closes: #697240
+
+ -- Christian Hammers <ch at debian.org> Sun, 06 Jan 2013 15:50:32 +0100
+
+quagga (0.99.21-3) unstable; urgency=high
+
+ * SECURITY:
+ CVE-2012-1820 - Quagga contained a bug in BGP OPEN message handling.
+ A denial-of-service condition could be caused by an attacker controlling
+ one of the pre-configured BGP peers. In most cases this means, that the
+ attack must be originated from an adjacent network. Closes: #676510
+
+ -- Christian Hammers <ch at debian.org> Fri, 08 Jun 2012 01:15:32 +0200
+
+quagga (0.99.21-2) unstable; urgency=low
+
+ * Renamed babeld.8 to quagga-babeld.8 as it conflicted with the
+ original mapage of the babeld package which users might want to
+ install in parallel as it is slightly more capable. Closes: #671916
+
+ -- Christian Hammers <ch at debian.org> Thu, 10 May 2012 07:53:01 +0200
+
+quagga (0.99.21-1) unstable; urgency=low
+
+ * New upstream release
+ - [bgpd] BGP multipath support has been merged
+ - [bgpd] SAFI (Multicast topology) support has been extended to propagate
+ the topology to zebra.
+ - [bgpd] AS path limit functionality has been removed
+ - [babeld] a new routing daemon implementing the BABEL ad-hoc mesh routing
+ protocol has been merged.
+ - [isisd] a major overhaul has been picked up. Please note that isisd is
+ STILL NOT SUITABLE FOR PRODUCTION USE.
+ - a lot of bugs have been fixed
+ * Added watchquagga daemon.
+ * Added DEP-3 conforming patch comments.
+
+ -- Christian Hammers <ch at debian.org> Sun, 06 May 2012 15:33:33 +0200
+
+quagga (0.99.20.1-1) unstable; urgency=high
+
+ * SECURITY:
+ CVE-2012-0249 - Quagga ospfd DoS on malformed LS-Update packet
+ CVE-2012-0250 - Quagga ospfd DoS on malformed Network-LSA data
+ CVE-2012-0255 - Quagga bgpd DoS on malformed OPEN message
+ * New upstream release. Closes: #664033
+
+ -- Christian Hammers <ch at debian.org> Fri, 16 Mar 2012 22:14:05 +0100
+
+quagga (0.99.20-4) unstable; urgency=low
+
+ * Switch to dpkg-source 3.0 (quilt) format.
+ * Switch to changelog-format-1.0.
+
+ -- Christian Hammers <ch at debian.org> Sat, 25 Feb 2012 18:52:06 +0100
+
+quagga (0.99.20-3) unstable; urgency=low
+
+ * Added --sysconfdir back to the configure options (thanks to Sven-Haegar
+ Koch). Closes: #645649
+
+ -- Christian Hammers <ch at debian.org> Tue, 18 Oct 2011 00:24:37 +0200
+
+quagga (0.99.20-2) unstable; urgency=low
+
+ * Bumped standards version to 0.9.2.
+ * Migrated to "dh" build system.
+ * Added quagga-dbg package.
+
+ -- Christian Hammers <ch at debian.org> Fri, 14 Oct 2011 23:59:26 +0200
+
+quagga (0.99.20-1) unstable; urgency=low
+
+ * New upstream release:
+ "The primary focus of this release is a fix of SEGV regression in ospfd,
+ which was introduced in 0.99.19. It also features a series of minor
+ improvements, including better RFC compliance in bgpd, better support
+ of FreeBSD and some enhancements to isisd."
+ * Fixes off-by-one bug (removed 20_ospf6_area_argv.dpatch). Closes: #519488
+
+ -- Christian Hammers <ch at debian.org> Fri, 30 Sep 2011 00:59:24 +0200
+
+quagga (0.99.19-1) unstable; urgency=high
+
+ * SECURITY:
+ "This release provides security fixes, which address assorted
+ vulnerabilities in bgpd, ospfd and ospf6d (CVE-2011-3323,
+ CVE-2011-3324, CVE-2011-3325, CVE-2011-3326 and CVE-2011-3327).
+ * New upstream release.
+ * Removed incorporated debian/patches/92_opaque_lsa_enable.dpatch.
+ * Removed incorporated debian/patches/93_opaque_lsa_fix.dpatch.
+ * Removed obsolete debian/README.Debian.Woody and README.Debian.MD5.
+
+ -- Christian Hammers <ch at debian.org> Tue, 27 Sep 2011 00:16:27 +0200
+
+quagga (0.99.18-1) unstable; urgency=low
+
+ * SECURITY:
+ "This release fixes 2 denial of services in bgpd, which can be remotely
+ triggered by malformed AS-Pathlimit or Extended-Community attributes.
+ These issues have been assigned CVE-2010-1674 and CVE-2010-1675.
+ Support for AS-Pathlimit has been removed with this release."
+ * Added Brazilian Portuguese debconf translation. Closes: #617735
+ * Changed section for quagga-doc from "doc" to "net".
+ * Added patch to fix FTBFS with latest GCC. Closes: #614459
+
+ -- Christian Hammers <ch at debian.org> Tue, 22 Mar 2011 23:13:34 +0100
+
+quagga (0.99.17-4) unstable; urgency=low
+
+ * Added comment to init script (thanks to Marc Haber). Closes: #599524
+
+ -- Christian Hammers <ch at debian.org> Thu, 13 Jan 2011 23:53:29 +0100
+
+quagga (0.99.17-3) unstable; urgency=low
+
+ * Fix FTBFS with ld --as-needed (thanks to Matthias Klose at Ubuntu).
+ Closes: #609555
+
+ -- Christian Hammers <ch at debian.org> Thu, 13 Jan 2011 23:27:06 +0100
+
+quagga (0.99.17-2) unstable; urgency=low
+
+ * Added Danisch Debconf translation (thanks to Joe Dalton). Closes: #596259
+
+ -- Christian Hammers <ch at debian.org> Sat, 18 Sep 2010 12:20:07 +0200
+
+quagga (0.99.17-1) unstable; urgency=high
+
+ * SECURITY:
+ "This release provides two important bugfixes, which address remote crash
+ possibility in bgpd discovered by CROSS team.":
+ 1. Stack buffer overflow by processing certain Route-Refresh messages
+ CVE-2010-2948
+ 2. DoS (crash) while processing certain BGP update AS path messages
+ CVE-2010-2949
+ Closes: #594262
+
+ -- Christian Hammers <ch at debian.org> Wed, 25 Aug 2010 00:52:48 +0200
+
+quagga (0.99.16-1) unstable; urgency=low
+
+ * New upstream release. Closes: #574527
+ * Added chrpath to debian/rules to fix rpath problems that lintian spottet.
+
+ -- Christian Hammers <ch at debian.org> Sun, 21 Mar 2010 17:05:40 +0100
+
+quagga (0.99.15-2) unstable; urgency=low
+
+ * Applied patch for off-by-one bug in ospf6d that caused a segmentation
+ fault when using the "area a.b.c.d filter-list prefix" command (thanks
+ to Steinar H. Gunderson). Closes: 519488
+
+ -- Christian Hammers <ch at debian.org> Sun, 14 Feb 2010 20:02:03 +0100
+
+quagga (0.99.15-1) unstable; urgency=low
+
+ * New upstream release
+ "This fixes some annoying little ospfd and ospf6d regressions, which made
+ 0.99.14 a bit of a problem release (...) This release still contains a
+ regression in the "no ip address ..." command, at least on Linux.
+ See bug #486, which contains a workaround patch. This release should be
+ considered a 1.0.0 release candidate. Please test this release as widely
+ as possible."
+ * Fixed wrong port number in zebra.8 (thanks to Thijs Kinkhorst).
+ Closes: #517860
+ * Added Russian Debconf tanslation (thanks to Yuri Kozlov).
+ Closes: #539464
+ * Removed so-version in build-dep to libreadline-dev on request of
+ Matthias Klose.
+ * Added README.source with reference to dpatch as suggested by lintian.
+ * Bumped standards versionto 3.8.3.
+
+ -- Christian Hammers <ch at debian.org> Sun, 13 Sep 2009 18:12:06 +0200
+
+quagga (0.99.14-1) unstable; urgency=low
+
+ * New upstream release
+ "This release contains a regression fix for ospf6d, various small fixes
+ and some hopefully very significant bgpd stability fixes.
+ This release should be considered a 1.0.0 release candidate. Please test
+ this release as widely as possible."
+ * Fixes bug with premature LSA aging in ospf6d. Closes: #535030
+ * Fixes section number in zebra.8 manpage. Closes: #517860
+
+ -- Christian Hammers <ch at debian.org> Sat, 25 Jul 2009 00:40:38 +0200
+
+quagga (0.99.13-2) unstable; urgency=low
+
+ * Added Japanese Debconf translation (thanks to Hideki Yamane).
+ Closes: #510714
+ * When checking for obsoleted config options in preinst, print filename
+ where it occures (thanks to Michael Bussmann). Closes: #339489
+
+ -- Christian Hammers <ch at debian.org> Sun, 19 Jul 2009 17:13:23 +0200
+
+quagga (0.99.13-1) unstable; urgency=low
+
+ * New upstream release
+ "This release is contains a number of small fixes, for potentially
+ irritating issues, as well as small enhancements to vtysh and support
+ for linking to PCRE (a much faster regex library)."
+ * Added build-dep to gawk as configure required it for memtypes.awk
+ * Replaced build-dep to gs-gpl with ghostscript as requested by lintian
+ * Minor changes to copyright and control files to make lintian happy.
+
+ -- Christian Hammers <ch at debian.org> Wed, 24 Jun 2009 17:53:28 +0200
+
+quagga (0.99.12-1) unstable; urgency=high
+
+ * New upstream release
+ "This release fixes an urgent bug in bgpd where it could hit an assert
+ if it received a long AS_PATH with a 4-byte ASN." Noteworthy bugfixes:
+ + [bgpd] Fix bgp ipv4/ipv6 accept handling
+ + [bgpd] AS4 bugfix by Chris Caputo
+ + [bgpd] Allow accepted peers to progress even if realpeer is in Connect
+ + [ospfd] Switch Fletcher checksum back to old ospfd version
+
+ -- Christian Hammers <ch at debian.org> Mon, 22 Jun 2009 00:16:33 +0200
+
+quagga (0.99.11-1) unstable; urgency=low
+
+ * New upstream release
+ "Most regressions in 0.99 over 0.98 are now believed to be fixed. This
+ release should be considered a release-candidate for a new stable series."
+ + bgpd: Preliminary UI and Linux-IPv4 support for TCP-MD5 merged
+ + zebra: ignore dead routes in RIB update
+ + [ospfd] Default route needs to be refreshed after neighbour state change
+ + [zebra:netlink] Set proto/scope on all route update messages
+ * Removed debian/patches/20_*bgp*md5*.dpatch due to upstream support.
+
+ -- Christian Hammers <ch at debian.org> Thu, 09 Oct 2008 22:56:38 +0200
+
+quagga (0.99.10-1) unstable; urgency=medium
+
+ * New upstream release
+ + bgpd: 4-Byte AS Number support
+ + Sessions were incorrectly reset if a partial AS-Pathlimit attribute
+ was received.
+ + Advertisement of Multi-Protocol prefixes (i.e. non-IPv4) had been
+ broken in the 0.99.9 release. Closes: #467656
+
+ -- Christian Hammers <ch at debian.org> Tue, 08 Jul 2008 23:32:42 +0200
+
+quagga (0.99.9-6) unstable; urgency=low
+
+ * Fixed FTBFS by adding a build-dep to libpcre3-dev (thanks to Luk Claes).
+ Closes: #469891
+
+ -- Christian Hammers <ch at debian.org> Sat, 12 Apr 2008 12:53:51 +0200
+
+quagga (0.99.9-5) unstable; urgency=low
+
+ * C.J. Adams-Collier and Paul Jakma suggested to build against libpcre3
+ which is supposed to be faster.
+
+ -- Christian Hammers <ch at debian.org> Sun, 02 Mar 2008 13:19:42 +0100
+
+quagga (0.99.9-4) unstable; urgency=low
+
+ * Added hardening-wrapper to the build-deps (thanks to Moritz Muehlenhoff).
+
+ -- Christian Hammers <ch at debian.org> Tue, 29 Jan 2008 22:33:56 +0100
+
+quagga (0.99.9-3) unstable; urgency=low
+
+ * Replaced the BGP patch by a new one so that the package builds again
+ with kernels above 2.6.21!
+ * debian/control:
+ + Moved quagga-doc to section doc to make lintian happy.
+ * Added Spanish debconf translation (thanks to Carlos Galisteo de Cabo).
+ Closes: #428574
+ * debian/control: (thanks to Marco Rodrigues)
+ + Bump Standards-Version to 3.7.3 (no changes needed).
+ + Add Homepage field.
+
+ -- Christian Hammers <ch at debian.org> Mon, 28 Jan 2008 22:29:18 +0100
+
+quagga (0.99.9-2.1) unstable; urgency=low
+
+ * Non-maintainer upload.
+ * debian/rules: fixed bashisms. (Closes: #459122)
+
+ -- Miguel Angel Ruiz Manzano <debianized at gmail.com> Tue, 22 Jan 2008 14:37:21 -0300
+
+quagga (0.99.9-2) unstable; urgency=low
+
+ * Added CVE id for the security bug to the last changelog entry.
+ Closes: 442133
+
+ -- Christian Hammers <ch at debian.org> Tue, 25 Sep 2007 22:01:31 +0200
+
+quagga (0.99.9-1) unstable; urgency=high
+
+ * SECURITY:
+ "This release fixes two potential DoS conditions in bgpd, reported by Mu
+ Security, where a bgpd could be crashed if a peer sent a malformed OPEN
+ message or a malformed COMMUNITY attribute. Only configured peers can do
+ this, hence we consider these issues to be very low impact." CVE-2007-4826
+
+ -- Christian Hammers <ch at debian.org> Wed, 12 Sep 2007 21:12:41 +0200
+
+quagga (0.99.8-1) unstable; urgency=low
+
+ * New upstream version.
+
+ -- Christian Hammers <ch at debian.org> Fri, 17 Aug 2007 00:07:04 +0200
+
+quagga (0.99.7-3) unstable; urgency=medium
+
+ * Applied patch for FTBFS with linux-libc-dev (thanks to Andrew J. Schorr
+ and Lucas Nussbaum). Closes: #429003
+
+ -- Christian Hammers <ch at debian.org> Fri, 22 Jun 2007 21:34:55 +0200
+
+quagga (0.99.7-2) unstable; urgency=low
+
+ * Added Florian Weimar as co-maintainer. Closes: 421977
+ * Added Dutch debconf translation (thanks to Bart Cornelis).
+ Closes: #420932
+ * Added Portuguese debconf translation (thanks to Rui Branco).
+ Closes: #421185
+ * Improved package description (thanks to Reuben Thomas).
+ Closes: #418933
+ * Added CVE Id to 0.99.6-5 changelog entry.
+
+ -- Christian Hammers <ch at debian.org> Wed, 02 May 2007 20:27:12 +0200
+
+quagga (0.99.7-1) unstable; urgency=low
+
+ * New upstream release. Closes: #421553
+
+ -- Christian Hammers <ch at debian.org> Mon, 30 Apr 2007 14:22:34 +0200
+
+quagga (0.99.6-6) unstable; urgency=medium
+
+ * Fixes FTBFS with tetex-live. Closes: #420468
+
+ -- Christian Hammers <ch at debian.org> Mon, 23 Apr 2007 21:34:13 +0200
+
+quagga (0.99.6-5) unstable; urgency=high
+
+ * SECURITY:
+ The bgpd daemon was vulnerable to a Denial-of-Service. Configured peers
+ could cause a Quagga bgpd to, typically, assert() and abort. The DoS
+ could be triggered by peers by sending an UPDATE message with a crafted,
+ malformed Multi-Protocol reachable/unreachable NLRI attribute.
+ This is CVE-2007-1995 and Quagga Bug#354. Closes: #418323
+
+ -- Christian Hammers <ch at debian.org> Thu, 12 Apr 2007 23:21:58 +0200
+
+quagga (0.99.6-4) unstable; urgency=low
+
+ * Improved note in README.Debian for SNMP self-builders (thanks to Matthias
+ Wamser). Closes: #414788
+
+ -- Christian Hammers <ch at debian.org> Wed, 14 Mar 2007 02:18:57 +0100
+
+quagga (0.99.6-3) unstable; urgency=low
+
+ * Updated German Debconf translation (thanks to Matthias Julius).
+ Closes: #409327
+
+ -- Christian Hammers <ch at debian.org> Sat, 10 Feb 2007 15:06:16 +0100
+
+quagga (0.99.6-2) unstable; urgency=low
+
+ * Updated config.guess/config.sub as suggested by lintian.
+ * Corrected README.Debian text regarding the WANT_SNMP flag.
+
+ -- Christian Hammers <ch at debian.org> Sun, 17 Dec 2006 01:45:37 +0100
+
+quagga (0.99.6-1) unstable; urgency=low
+
+ * New upstream release. Closes: #402361
+
+ -- Christian Hammers <ch at debian.org> Mon, 11 Dec 2006 00:28:09 +0100
+
+quagga (0.99.5-5) unstable; urgency=high
+
+ * Changed Depends on adduser to Pre-Depends to avoid uninstallability
+ in certain cases (thanks to Steve Langasek, Lucas Nussbaum).
+ Closes: #398562
+
+ -- Christian Hammers <ch at debian.org> Wed, 15 Nov 2006 17:46:34 +0100
+
+quagga (0.99.5-4) unstable; urgency=low
+
+ * Added default PAM file and some explanations regarding PAM authentication
+ of vtysh which could prevent the start at boot-time when used wrong.
+ Now PAM permits anybody to access the vtysh tool (a malicious user could
+ build his own vtysh without PAM anyway) and the access is controled by
+ the read/write permissions of the vtysh socket which are only granted to
+ users belonging to the quaggavty group (thanks to Wakko Warner).
+ Closes: #389496
+ * Added "case" to prerm script so that the Debconf question is not called a
+ second time in e.g. "new-prerm abort-upgrade" after being NACKed in the
+ old-prerm.
+
+ -- Christian Hammers <ch at debian.org> Fri, 3 Nov 2006 01:22:15 +0100
+
+quagga (0.99.5-3) unstable; urgency=medium
+
+ * Backport CVS fix for an OSPF DD Exchange regression (thanks to Matt
+ Brown). Closes: #391040
+
+ -- Christian Hammers <ch at debian.org> Wed, 25 Oct 2006 19:47:11 +0200
+
+quagga (0.99.5-2) unstable; urgency=medium
+
+ * Added LSB info section to initscript.
+ * Removed unnecessary depends to libncurses5 to make checklib happy.
+ The one to libcap should remain though as it is just temporarily
+ unused.
+
+ -- Christian Hammers <ch at debian.org> Thu, 21 Sep 2006 00:04:07 +0200
+
+quagga (0.99.5-1) unstable; urgency=low
+
+ * New upstream release. Closes: #38704
+ * Upstream fixes ospfd documentary inconsistency. Closes: #347897
+ * Changed debconf question in prerm to "high" (thanks to Rafal Pietrak).
+
+ -- Christian Hammers <ch at debian.org> Mon, 11 Sep 2006 23:43:42 +0200
+
+quagga (0.99.4-4) unstable; urgency=low
+
+ * Recreate /var/run if not present because /var is e.g. on a tmpfs
+ filesystem (thanks to Martin Pitt). Closes: #376142
+ * Removed nonexistant option from ospfd.8 manpage (thanks to
+ David Medberry). Closes: 378274
+
+ -- Christian Hammers <ch at debian.org> Sat, 15 Jul 2006 20:22:12 +0200
+
+quagga (0.99.4-3) unstable; urgency=low
+
+ * Removed invalid semicolon from rules file (thanks to Philippe Gramoulle).
+
+ -- Christian Hammers <ch at debian.org> Tue, 27 Jun 2006 23:36:07 +0200
+
+quagga (0.99.4-2) unstable; urgency=high
+
+ * Set urgency to high as 0.99.4-1 fixes a security problem!
+ * Fixed building of the info file.
+
+ -- Christian Hammers <ch at debian.org> Sun, 14 May 2006 23:04:28 +0200
+
+quagga (0.99.4-1) unstable; urgency=low
+
+ * New upstream release to fix a security problem in the telnet interface
+ of the BGP daemon which could be used for DoS attacks (CVE-2006-2276).
+ Closes: 366980
+
+ -- Christian Hammers <ch at debian.org> Sat, 13 May 2006 19:54:40 +0200
+
+quagga (0.99.3-3) unstable; urgency=low
+
+ * Added CVE numbers for the security patch in 0.99.3-2.
+
+ -- Christian Hammers <ch at debian.org> Sat, 6 May 2006 17:14:22 +0200
+
+quagga (0.99.3-2) unstable; urgency=high
+
+ * SECURITY:
+ Added security bugfix patch from upstream BTS for security problem
+ that could lead to injected routes when using RIPv1.
+ CVE-2006-2223 - missing configuration to disable RIPv1 or require
+ plaintext or MD5 authentication
+ CVE-2006-2224 - lack of enforcement of RIPv2 authentication requirements
+ Closes: #365940
+ * First amd64 upload.
+
+ -- Christian Hammers <ch at debian.org> Thu, 4 May 2006 00:22:09 +0200
+
+quagga (0.99.3-1) unstable; urgency=low
+
+ * New upstream release
+
+ -- Christian Hammers <ch at debian.org> Wed, 25 Jan 2006 13:37:27 +0100
+
+quagga (0.99.2-1) unstable; urgency=low
+
+ * New upstream release
+ Closes: #330248, #175553
+
+ -- Christian Hammers <ch at debian.org> Wed, 16 Nov 2005 00:25:52 +0100
+
+quagga (0.99.1-7) unstable; urgency=low
+
+ * Changed debian/rules check for mounted /proc directory to check
+ for /proc/1 as not all systems (e.g. 2.6 arm kernels) have
+ /proc/kcore which is a optional feature only (thanks to Lennert
+ Buytenhek). Closes: #335695
+ * Added Swedish Debconf translation (thanks to Daniel Nylander).
+ Closes: #331367
+
+ -- Christian Hammers <ch at debian.org> Thu, 27 Oct 2005 20:53:19 +0200
+
+quagga (0.99.1-6) unstable; urgency=low
+
+ * Fixed debconf dependency as requested by Joey Hess.
+
+ -- Christian Hammers <ch at debian.org> Mon, 26 Sep 2005 20:47:35 +0200
+
+quagga (0.99.1-5) unstable; urgency=low
+
+ * Rebuild with libreadline5-dev as build-dep as requested by
+ Matthias Klose. Closes: #326306
+ * Made initscript more fault tolerant against missing lines in
+ /etc/quagga/daemons (thanks to Ralf Hildebrandt). Closes: #323774
+ * Added dependency to adduser.
+
+ -- Christian Hammers <ch at debian.org> Tue, 13 Sep 2005 21:42:17 +0200
+
+quagga (0.99.1-4) unstable; urgency=low
+
+ * Added French Debconf translation (thanks to Mohammed Adnene Trojette).
+ Closes: #319324
+ * Added Czech Debconf translation (thanks to Miroslav Kure).
+ Closes: #318127
+
+ -- Christian Hammers <ch at debian.org> Sun, 31 Jul 2005 04:19:41 +0200
+
+quagga (0.99.1-3) unstable; urgency=low
+
+ * A Debconf question now asks the admin before upgrading if the daemon
+ should really be stopped as this could lead to the loss of network
+ connectivity or BGP flaps (thanks to Michael Horn and Achilleas Kotsis).
+ Also added a hint about setting Quagga "on hold" to README.Debian.
+ Closes: #315467
+ * Added patch to build on Linux/ARM.
+
+ -- Christian Hammers <ch at debian.org> Sun, 10 Jul 2005 22:19:38 +0200
+
+quagga (0.99.1-2) unstable; urgency=low
+
+ * Fixed SNMP enabled command in debian/rules (thanks to Christoph Kluenter).
+ Closes: #306840
+
+ -- Christian Hammers <ch at debian.org> Sat, 4 Jun 2005 14:04:01 +0200
+
+quagga (0.99.1-1) unstable; urgency=low
+
+ * New upstream version. Among others:
+ - BGP graceful restart and "match ip route-source" added
+ - support for interface renaming
+ - improved threading for better responsivness under load
+ * Switched to dpatch to make diffs cleaner.
+ * Made autoreconf unnecessary.
+ * Replaced quagga.dvi and quagga.ps by quagga.pdf in quagga-doc.
+ (the PostScript would have needed Makefile corrections and PDF
+ is more preferable anyway)
+ * Added isisd to the list of daemons in /etc/init.d/quagga (thanks
+ to Ernesto Elbe).
+ * Added hint for "netlink-listen: overrun" messages (thanks to
+ Hasso Tepper).
+ * Added preinst check that bails out if old smux options are in use
+ as Quagga would not start up else anyway (thanks to Bjorn Mork).
+ Closes: #308320
+
+ -- Christian Hammers <ch at debian.org> Fri, 13 May 2005 01:18:24 +0200
+
+quagga (0.98.3-7) unstable; urgency=high
+
+ * Removed SNMP support as linking against NetSNMP introduced a dependency
+ to OpenSSL which is not compatible to the GPL which governs this
+ application (thanks to Faidon Liambotis). See README.Debian for more
+ information. Closes: #306840
+ * Changed listening address of ospf6d and ripngd from 127.0.0.1 to "::1".
+ * Added build-dep to groff to let drafz-zebra-00.txt build correctly.
+
+ -- Christian Hammers <ch at debian.org> Wed, 4 May 2005 20:08:14 +0200
+
+quagga (0.98.3-6) testing-proposed-updates; urgency=high
+
+ * Removed "Recommends kernel-image-2.4" as aptitude then
+ installes a kernel-image for an arbitrary architecture as long
+ as it fullfill that recommendation which can obviously fatal
+ at the next reboot :) Also it is a violation of the policy
+ which mandates a reference to real packages (thanks to Holger Levsen).
+ Closes: #307281
+
+ -- Christian Hammers <ch at debian.org> Tue, 3 May 2005 22:53:39 +0200
+
+quagga (0.98.3-5) unstable; urgency=high
+
+ * The patch which tried to remove the OpenSSL dependency, which is
+ not only unneccessary but also a violation of the licence and thus RC,
+ stopped working a while ago, since autoreconf is no longer run before
+ building the binaries. So now ./configure is patched directly (thanks
+ to Faidon Liambotis for reporting). Closes: #306840
+ * Raised Debhelper compatibility level from 3 to 4. Nothing changed.
+ * Added build-dep to texinfo (>= 4.7) to ease work for www.backports.org.
+
+ -- Christian Hammers <ch at debian.org> Fri, 29 Apr 2005 02:31:03 +0200
+
+quagga (0.98.3-4) unstable; urgency=low
+
+ * Removed Debconf upgrade note as it was considered a Debconf abuse
+ and apart from that so obvious that it was not even worth to be
+ put into NEWS.Debian (thanks to Steve Langasek). Closes: #306384
+
+ -- Christian Hammers <ch at debian.org> Wed, 27 Apr 2005 00:10:24 +0200
+
+quagga (0.98.3-3) unstable; urgency=medium
+
+ * Adding the debconf module due to a lintian suggestion is a very
+ bad idea if no db_stop is called as the script hangs then (thanks
+ to Tore Anderson for reporting). Closes: #306324
+
+ -- Christian Hammers <ch at debian.org> Mon, 25 Apr 2005 21:55:58 +0200
+
+quagga (0.98.3-2) unstable; urgency=low
+
+ * Added debconf confmodule to postinst as lintian suggested.
+
+ -- Christian Hammers <ch at debian.org> Sun, 24 Apr 2005 13:16:00 +0200
+
+quagga (0.98.3-1) unstable; urgency=low
+
+ * New upstream release.
+ Mmost notably fixes last regression in bgpd (reannounce of prefixes
+ with changed attributes works again), race condition in netlink
+ handling while using IPv6, MTU changes handling in ospfd and several
+ crashes in ospfd, bgpd and ospf6d.
+
+ -- Christian Hammers <ch at debian.org> Mon, 4 Apr 2005 12:51:24 +0200
+
+quagga (0.98.2-2) unstable; urgency=low
+
+ * Added patch to let Quagga compile with gcc-4.0 (thanks to
+ Andreas Jochens). Closes: #300949
+
+ -- Christian Hammers <ch at debian.org> Fri, 25 Mar 2005 19:33:30 +0100
+
+quagga (0.98.2-1) unstable; urgency=medium
+
+ * Quoting the upstream announcement:
+ The 0.98.1 release unfortunately was a brown paper bag release with
+ respect to ospfd. [...] 0.98.2 has been released, with one crucial change
+ to fix the unfortunate mistake in 0.98.1, which caused problems if
+ ospfd became DR.
+ * Note: the upstream tarball had a strange problem, apparently redhat.spec
+ was twice in it? At least debuild gave a strange error message so I
+ unpacked it by hand. No changes were made to the .orig.tar.gz!
+
+ -- Christian Hammers <ch at debian.org> Fri, 4 Feb 2005 01:31:36 +0100
+
+quagga (0.98.1-1) unstable; urgency=medium
+
+ * New upstream version
+ "fixing a fatal OSPF + MD5 auth regression, and a non-fatal high-load
+ regression in bgpd which were present in the 0.98.0 release."
+ * Upstream version fixes bug in ospfd that could lead to crash when OSPF
+ packages had a MTU > 1500. Closes: #290566
+ * Added notice regarding capability kernel support to README.Debian
+ (thanks to Florian Weimer). Closes: #291509
+ * Changed permission setting in postinst script (thanks to Bastian Blank).
+ Closes: #292690
+
+ -- Christian Hammers <ch at debian.org> Tue, 1 Feb 2005 02:01:27 +0100
+
+quagga (0.98.0-3) unstable; urgency=low
+
+ * Fixed problem in init script. Closes: #290317
+ * Removed obsolete "smux peer enable" patch.
+
+ -- Christian Hammers <ch at debian.org> Fri, 14 Jan 2005 17:37:27 +0100
+
+quagga (0.98.0-2) unstable; urgency=low
+
+ * Updated broken TCP MD5 patch for BGP (thanks to John P. Looney
+ for telling me).
+
+ -- Christian Hammers <ch at debian.org> Thu, 13 Jan 2005 02:03:54 +0100
+
+quagga (0.98.0-1) unstable; urgency=low
+
+ * New upstream release
+ * Added kernel-image-2.6 as alternative to 2.4 to the recommends
+ (thanks to Faidon Liambotis). Closes: #289530
+
+ -- Christian Hammers <ch at debian.org> Mon, 10 Jan 2005 19:36:17 +0100
+
+quagga (0.97.5-1) unstable; urgency=low
+
+ * New upstream version.
+ * Added Czech debconf translation (thanks to Miroslav Kure).
+ Closes: #287293
+ * Added Brazilian debconf translation (thanks to Andre Luis Lopes).
+ Closes: #279352
+
+ -- Christian Hammers <ch at debian.org> Wed, 5 Jan 2005 23:49:57 +0100
+
+quagga (0.97.4-2) unstable; urgency=low
+
+ * Fixed quagga.info build problem.
+
+ -- Christian Hammers <ch at debian.org> Wed, 5 Jan 2005 22:38:01 +0100
+
+quagga (0.97.4-1) unstable; urgency=low
+
+ * New upstream release.
+
+ -- Christian Hammers <ch at debian.org> Tue, 4 Jan 2005 01:45:22 +0100
+
+quagga (0.97.3-2) unstable; urgency=low
+
+ * Included isisd in the daemon list.
+ * Wrote an isisd manpage.
+ * It is now ensured that zebra is always the last daemon to be stopped.
+ * (Thanks to Hasso Tepper for mailing me a long list of suggestions
+ which lead to this release)
+
+ -- Christian Hammers <ch at debian.org> Sat, 18 Dec 2004 13:14:55 +0100
+
+quagga (0.97.3-1) unstable; urgency=medium
+
+ * New upstream version.
+ - Fixes important OSPF bug.
+ * Added ht-20040911-smux.patch regarding Quagga bug #112.
+ * Updated ht-20041109-0.97.3-bgp-md5.patch for BGP with TCP MD5
+ (thanks to Matthias Wamser).
+
+ -- Christian Hammers <ch at debian.org> Tue, 9 Nov 2004 17:45:26 +0100
+
+quagga (0.97.2-4) unstable; urgency=low
+
+ * Added Portuguese debconf translation (thanks to Andre Luis Lopes).
+ Closes: #279352
+ * Disabled ospfapi server by default on recommendation of Paul Jakma.
+
+ -- Christian Hammers <ch at debian.org> Sun, 7 Nov 2004 15:07:05 +0100
+
+quagga (0.97.2-3) unstable; urgency=low
+
+ * Added Andrew Schorrs VTY Buffer patch from the [quagga-dev 1729].
+
+ -- Christian Hammers <ch at debian.org> Tue, 2 Nov 2004 00:46:56 +0100
+
+quagga (0.97.2-2) unstable; urgency=low
+
+ * Changed file and directory permissions and ownerships according to a
+ suggestion from Paul Jakma. Still not perfect though.
+ * Fixed upstream vtysh.conf.sample file.
+ * "ip ospf network broadcast" is now saved correctly. Closes: #244116
+ * Daemon options are now in /etc/quagga/debian.conf to be user
+ configurable (thanks to Simon Raven and Hasso Tepper). Closes: #266715
+
+ -- Christian Hammers <ch at debian.org> Tue, 26 Oct 2004 23:35:45 +0200
+
+quagga (0.97.2-1) unstable; urgency=low
+
+ * New upstream version.
+ Closes: #254541
+ * Fixed warning on unmodular kernels (thanks to Christoph Biedl).
+ Closes: #277973
+
+ -- Christian Hammers <ch at debian.org> Mon, 25 Oct 2004 00:47:04 +0200
+
+quagga (0.97.1-2) unstable; urgency=low
+
+ * Version 0.97 introduced shared libraries. They are now included.
+ (thanks to Raf D'Halleweyn). Closes: #277446
+
+ -- Christian Hammers <ch at debian.org> Wed, 20 Oct 2004 15:32:06 +0200
+
+quagga (0.97.1-1) unstable; urgency=low
+
+ * New upstream version.
+ * Removed some obsolete files from debian/patches.
+ * Added patch from upstream bug 113. Closes: #254541
+ * Added patch from upstream that fixes a compilation problem in the
+ ospfclient code (thanks to Hasso Tepper).
+ * Updated German debconf translation (thanks to Jens Nachtigall)
+ Closes: #277059
+
+ -- Christian Hammers <ch at debian.org> Mon, 18 Oct 2004 01:16:35 +0200
+
+quagga (0.96.5-11) unstable; urgency=low
+
+ * Fixed /tmp/buildd/* paths in binaries.
+ For some unknown reason the upstream Makefile modified a .h file at
+ the end of the "debian/rules build" target. During the following
+ "make install" one library got thus be re*compiled* - with /tmp/buildd
+ paths as sysconfdir (thanks to Peder Chr. Norgaard). Closes: #274050
+
+ -- Christian Hammers <ch at debian.org> Fri, 1 Oct 2004 01:21:02 +0200
+
+quagga (0.96.5-10) unstable; urgency=medium
+
+ * The BGP routing daemon might freeze on network disturbances when
+ their peer is also a Quagga/Zebra router.
+ Applied patch from http://bugzilla.quagga.net/show_bug.cgi?id=102
+ which has been confirmed by the upstream author.
+ (thanks to Gunther Stammwitz)
+ * Changed --enable-pam to --with-libpam (thanks to Hasso Tepper).
+ Closes: #264562
+ * Added patch for vtysh (thanks to Hasso Tepper). Closes: #215919
+
+ -- Christian Hammers <ch at debian.org> Mon, 9 Aug 2004 15:33:02 +0200
+
+quagga (0.96.5-9) unstable; urgency=low
+
+ * Rewrote the documentation chapter about SNMP support. Closes: #195653
+ * Added MPLS docs.
+
+ -- Christian Hammers <ch at debian.org> Thu, 29 Jul 2004 21:01:52 +0200
+
+quagga (0.96.5-8) unstable; urgency=low
+
+ * Adjusted a grep in the initscript to also match a modprobe message
+ from older modutils packages (thanks to Faidon Paravoid).
+
+ -- Christian Hammers <ch at debian.org> Wed, 28 Jul 2004 21:19:02 +0200
+
+quagga (0.96.5-7) unstable; urgency=low
+
+ * Added a "cd /etc/quagga/" to the init script as quagga tries to load
+ the config file first from the current working dir and then from the
+ config dir which could lead to confusion (thanks to Marco d'Itri).
+ Closes: #255078
+ * Removed warning regarding problems with the Debian kernels from
+ README.Debian as they are no longer valid (thanks to Raphael Hertzog).
+ Closes: #257580
+ * Added patch from Hasso Tepper that makes "terminal length 0" work
+ in vtysh (thanks to Matthias Wamser). Closes: #252579
+
+ -- Christian Hammers <ch at debian.org> Thu, 8 Jul 2004 21:53:21 +0200
+
+quagga (0.96.5-6) unstable; urgency=low
+
+ * Try to load the capability module as it is needed now.
+
+ -- Christian Hammers <ch at debian.org> Tue, 8 Jun 2004 23:25:29 +0200
+
+quagga (0.96.5-5) unstable; urgency=low
+
+ * Changed the homedir of the quagga user to /etc/quagga/ to allow
+ admins to put ~/.ssh/authorized_keys there (thanks to Matthias Wamser).
+ Closes: #252577
+
+ -- Christian Hammers <ch at debian.org> Sat, 5 Jun 2004 14:47:31 +0200
+
+quagga (0.96.5-4) unstable; urgency=medium
+
+ * Fixed rules file to use the renamed ./configure option --enable-tcp-md5
+ (thanks to Matthias Wamser). Closes: #252141
+
+ -- Christian Hammers <ch at debian.org> Tue, 1 Jun 2004 22:58:32 +0200
+
+quagga (0.96.5-3) unstable; urgency=low
+
+ * Provided default binary package name to all build depends that were
+ virtual packages (thanks to Goswin von Brederlow). Closes: #251625
+
+ -- Christian Hammers <ch at debian.org> Sat, 29 May 2004 22:48:53 +0200
+
+quagga (0.96.5-2) unstable; urgency=low
+
+ * New upstream version.
+ * New md5 patch version (thanks to Niklas Jakobsson and Hasso Tepper).
+ Closes: #250985
+ * Fixes info file generation (thanks to Peder Chr. Norgaard).
+ Closes: #250992
+ * Added catalan debconf translation (thanks to Aleix Badia i Bosch).
+ Closes: #250118
+ * PATCHES:
+ This release contains BGP4 MD5 support which requires a kernel patch
+ to work. See /usr/share/doc/quagga/README.Debian.MD5.
+ (The patch is ht-20040525-0.96.5-bgp-md5.patch from Hasso Tepper)
+
+ -- Christian Hammers <ch at debian.org> Thu, 27 May 2004 20:09:37 +0200
+
+quagga (0.96.5-1) unstable; urgency=low
+
+ * New upstream version.
+ * PATCHES:
+ This release contains BGP4 MD5 support which also requires a kernel patch.
+ See /usr/share/doc/quagga/README.Debian.MD5 and search for CAN-2004-0230.
+
+ -- Christian Hammers <ch at debian.org> Sun, 16 May 2004 17:40:40 +0200
+
+quagga (0.96.4x-10) unstable; urgency=low
+
+ * SECURITY:
+ This release contains support for MD5 for BGP which is one suggested
+ prevention of the actually long known TCP SYN/RST attacks which got
+ much news in the last days as ideas were revealed that made them much
+ easier probable agains especially the BGP sessions than commonly known.
+ There are a lot of arguments agains the MD5 approach but some ISPs
+ started to require it.
+ See: CAN-2004-0230, http://www.us-cert.gov/cas/techalerts/TA04-111A.html
+ * PATCHES:
+ This release contains the MD5 patch from Hasso Tepper. It also seems to
+ required a kernel patch. See /usr/share/doc/quagga/README.Debian.MD5.
+
+ -- Christian Hammers <ch at debian.org> Thu, 29 Apr 2004 01:01:38 +0200
+
+quagga (0.96.4x-9) unstable; urgency=low
+
+ * Fixed daemon loading order (thanks to Matt Kemner).
+ * Fixed typo in init script (thanks to Charlie Brett). Closes: #238582
+
+ -- Christian Hammers <ch at debian.org> Sun, 4 Apr 2004 15:32:18 +0200
+
+quagga (0.96.4x-8) unstable; urgency=low
+
+ * Patched upstream source so that quagga header files end up in
+ /usr/include/quagga/. Closes: #233792
+
+ -- Christian Hammers <ch at debian.org> Mon, 23 Feb 2004 01:42:53 +0100
+
+quagga (0.96.4x-7) unstable; urgency=low
+
+ * Fixed info file installation (thanks to Holger Dietze). Closes: #227579
+ * Added Japanese translation (thanks to Hideki Yamane). Closes: #227812
+
+ -- Christian Hammers <ch at debian.org> Sun, 18 Jan 2004 17:28:29 +0100
+
+quagga (0.96.4x-6) unstable; urgency=low
+
+ * Added dependency to iproute.
+ * Initscript now checks not only for the pid file but also for the
+ daemons presence (thanks to Phil Gregory). Closes: #224389
+ * Added my patch to configure file permissions.
+
+ -- Christian Hammers <ch at debian.org> Mon, 15 Dec 2003 22:34:29 +0100
+
+quagga (0.96.4x-5) unstable; urgency=low
+
+ * Added patch which gives bgpd the CAP_NET_RAW capability to allow it
+ to bind to special IPv6 link-local interfaces (Thanks to Bastian Blank).
+ Closes: #222930
+ * Made woody backport easier by applying Colin Watsons po-debconf hack.
+ Thanks to Marc Haber for suggesting it. Closes: #223527
+ * Made woody backport easier by applying a patch that removes some
+ obscure whitespaces inside an C macro. (Thanks to Marc Haber).
+ Closes: #223529
+ * Now uses /usr/bin/pager. Closes: #204070
+ * Added note about the "official woody backports" on my homepage.
+
+ -- Christian Hammers <ch at debian.org> Mon, 15 Dec 2003 20:39:06 +0100
+
+quagga (0.96.4x-4) unstable; urgency=high
+
+ * SECURITY:
+ Fixes another bug that was originally reported against Zebra.
+ .
+ http://rhn.redhat.com/errata/RHSA-2003-307.html
+ Herbert Xu reported that Zebra can accept spoofed messages sent on the
+ kernel netlink interface by other users on the local machine. This could
+ lead to a local denial of service attack. The Common Vulnerabilities and
+ Exposures project (cve.mitre.org) has assigned the name CAN-2003-0858 to
+ this issue.
+
+ * Minor improvements to init script (thanks to Iustin Pop).
+ Closes: #220938
+
+ -- Christian Hammers <ch at debian.org> Sat, 22 Nov 2003 13:27:57 +0100
+
+quagga (0.96.4x-3) unstable; urgency=low
+
+ * Changed "more" to "/usr/bin/pager" as default pager if $PAGER or
+ $VTYSH_PAGER is not set (thanks to Bastian Blank). Closes: #204070
+ * Made the directory (but not the config/log files!) world accessible
+ again on user request (thanks to Anand Kumria)). Closes: #213129
+ * No longer providing sample configuration in /etc/quagga/. They are
+ now only available in /usr/share/doc/quagga/ to avoid accidently
+ using them without changing the adresses (thanks to Marc Haber).
+ Closes: #215918
+
+ -- Christian Hammers <ch at debian.org> Sun, 16 Nov 2003 16:59:30 +0100
+
+quagga (0.96.4x-2) unstable; urgency=low
+
+ * Fixed permission problem with pidfile (thanks to Kir Kostuchenko).
+ Closes: #220938
+
+ -- Christian Hammers <ch at debian.org> Sun, 16 Nov 2003 14:24:08 +0100
+
+quagga (0.96.4x-1) unstable; urgency=low
+
+ * Reupload of 0.96.4. Last upload-in-a-hurry produced a totally
+ crappy .tar.gz file. Closes: #220621
+
+ -- Christian Hammers <ch at debian.org> Fri, 14 Nov 2003 19:45:57 +0100
+
+quagga (0.96.4-1) unstable; urgency=high
+
+ * SECURITY: Remote DoS of protocol daemons.
+ Fix for a remote triggerable crash in vty layer. The management
+ ports ("telnet myrouter ospfd") should not be open to the internet!
+
+ * New upstream version.
+ - OSPF bugfixes.
+ - Some improvements for bgp and rip.
+
+ -- Christian Hammers <ch at debian.org> Thu, 13 Nov 2003 11:52:27 +0100
+
+quagga (0.96.3-3) unstable; urgency=low
+
+ * Fixed pid file generation by substituting the daemons "-d" by the
+ start-stop-daemon option "--background" (thanks to Micha Gaisser).
+ Closes: #218103
+
+ -- Christian Hammers <ch at debian.org> Wed, 29 Oct 2003 05:17:49 +0100
+
+quagga (0.96.3-2) unstable; urgency=low
+
+ * Readded GNOME-PRODUCT-ZEBRA-MIB.
+
+ -- Christian Hammers <ch at debian.org> Thu, 23 Oct 2003 06:17:03 +0200
+
+quagga (0.96.3-1) unstable; urgency=medium
+
+ * New upstream version.
+ * Removed -u and -e in postrm due to problems with debhelper and userdel
+ (thanks to Adam Majer and Jaakko Niemi). Closes: #216770
+ * Removed SNMP MIBs as they are now included in libsnmp-base (thanks to
+ David Engel and Peter Gervai). Closes: #216138, #216086
+ * Fixed seq command in init script (thanks to Marc Haber). Closes: #215915
+ * Improved /proc check (thanks to Marc Haber). Closes: #212331
+
+ -- Christian Hammers <ch at debian.org> Thu, 23 Oct 2003 03:42:02 +0200
+
+quagga (0.96.2-9) unstable; urgency=medium
+
+ * Removed /usr/share/info/dir.* which were accidently there and prevented
+ the installation by dpkg (thanks to Simon Raven). Closes: #212614
+ * Reworded package description (thanks to Anand Kumria). Closes: #213125
+ * Added french debconf translation (thanks to Christian Perrier).
+ Closes: #212803
+
+ -- Christian Hammers <ch at debian.org> Tue, 7 Oct 2003 13:26:58 +0200
+
+quagga (0.96.2-8) unstable; urgency=low
+
+ * debian/rules now checks if /proc is mounted as ./configure needs
+ it but just fails with an obscure error message if it is absent.
+ (Thanks to Norbert Tretkowski). Closes: #212331
+
+ -- Christian Hammers <ch at debian.org> Tue, 23 Sep 2003 12:57:38 +0200
+
+quagga (0.96.2-7) unstable; urgency=low
+
+ * Last build was rejected due to a buggy dpkg-dev version. Rebuild.
+
+ -- Christian Hammers <ch at debian.org> Mon, 22 Sep 2003 20:34:12 +0200
+
+quagga (0.96.2-6) unstable; urgency=low
+
+ * Fixed init script so that is is now possible to just start
+ the bgpd but not the zebra daemon. Also daemons are now actually
+ started in the order defined their priority. (Thanks to Thomas Kaehn
+ and Jochen Friedrich) Closes: #210924
+
+ -- Christian Hammers <ch at debian.org> Fri, 19 Sep 2003 21:17:02 +0200
+
+quagga (0.96.2-5) unstable; urgency=low
+
+ * For using quagga as BGP route server or similar, it is not
+ wanted to have the zebra daemon running too. For this reason
+ it can now be disabled in /etc/quagga/daemons, too.
+ (Thanks to Jochen Friedrich). Closes: #210924
+ * Attached *unapplied* patch for the ISIS protocol. I did not dare
+ to apply it as long as upstream does not do it but this way give
+ users the possibilities to use it if they like to.
+ (Thanks to Remco van Mook)
+
+ -- Christian Hammers <ch at debian.org> Wed, 17 Sep 2003 19:57:31 +0200
+
+quagga (0.96.2-4) unstable; urgency=low
+
+ * Enabled IPV6 router advertisement feature by default on user request
+ (thanks to Jochen Friedrich and Hasso Tepper). Closes: #210732
+ * Updated GNU autoconf to let it build on hppa/parisc64 (thanks to
+ lamont). Closes: #210492
+
+ -- Christian Hammers <ch at debian.org> Sat, 13 Sep 2003 14:11:13 +0200
+
+quagga (0.96.2-3) unstable; urgency=medium
+
+ * Removed unnecessary "-lcrypto" to avoid dependency against OpenSSL
+ which would require further copyright addtions.
+
+ -- Christian Hammers <ch at debian.org> Wed, 10 Sep 2003 01:37:28 +0200
+
+quagga (0.96.2-2) unstable; urgency=low
+
+ * Added note that config files of quagga are in /etc/quagga and
+ not /etc/zebra for the zebra users that migrate to quagga.
+ (Thanks to Roberto Suarez Soto for the idea)
+ * Fixed setgid rights in /etc/quagga.
+
+ -- Christian Hammers <ch at debian.org> Wed, 27 Aug 2003 14:05:39 +0200
+
+quagga (0.96.2-1) unstable; urgency=low
+
+ * This package has formally been known as "zebra-pj"!
+ * New upstream release.
+ Fixes "anoying OSPF problem".
+ * Modified group ownerships so that vtysh can now be used by normal
+ uses if they are in the quaggavty group.
+
+ -- Christian Hammers <ch at debian.org> Mon, 25 Aug 2003 23:40:14 +0200
+
+quagga (0.96.1-1) unstable; urgency=low
+
+ * Zebra-pj, the fork of zebra has been renamed to quagga as the original
+ upstream author asked the new project membed not to use "zebra" in the
+ name. zebra-pj is obsolete.
+
+ -- Christian Hammers <ch at debian.org> Mon, 18 Aug 2003 23:37:20 +0200
+
+zebra-pj (0.94+cvs20030721-1) unstable; urgency=low
+
+ * New CVS build.
+ - OSPF changes (integration of the OSPF API?)
+ - code cleanups (for ipv6?)
+ * Tightened Build-Deps to gcc-2.95 as 3.x does not compile a stable ospfd.
+ This is a known problem and has been discussed on the mailing list.
+ No other solutions so far.
+
+ -- Christian Hammers <ch at debian.org> Mon, 21 Jul 2003 23:52:00 +0200
+
+zebra-pj (0.94+cvs20030701-1) unstable; urgency=low
+
+ * Initial Release.
+
+ -- Christian Hammers <ch at debian.org> Tue, 1 Jul 2003 01:58:06 +0200
diff --git a/debian/compat b/debian/compat
new file mode 100644
index 0000000..7f8f011
--- /dev/null
+++ b/debian/compat
@@ -0,0 +1 @@
+7
diff --git a/debian/control b/debian/control
new file mode 100644
index 0000000..e016eeb
--- /dev/null
+++ b/debian/control
@@ -0,0 +1,54 @@
+Source: frr
+Section: net
+Priority: optional
+Maintainer: Nobody <nobody at frrouting.org>
+Uploaders: Nobody <nobody at frrouting.org>
+XSBC-Original-Maintainer: <maintainers at frrouting.org>
+Build-Depends: debhelper (>= 7.0.50~), libncurses5-dev, libreadline-dev, texlive-latex-base, texlive-generic-recommended, libpam0g-dev | libpam-dev, libcap-dev, texinfo (>= 4.7), autotools-dev, libpcre3-dev, gawk, chrpath, libsnmp-dev, git, dh-autoreconf, libjson-c-dev, libjson-c2 | libjson-c3, dh-systemd, libsystemd-dev, bison, flex, libc-ares-dev, pkg-config, python (>= 2.7), python-ipaddr, python-sphinx, libpython-dev, install-info
+Standards-Version: 3.9.6
+Homepage: http://www.frrouting.org/
+
+Package: frr
+Architecture: any
+Depends: ${shlibs:Depends}, logrotate (>= 3.2-11), iproute2 | iproute, ${misc:Depends}, libc-ares2
+Pre-Depends: adduser
+Conflicts: zebra, zebra-pj, quagga
+Replaces: zebra, zebra-pj
+Suggests: snmpd
+Description: BGP/OSPF/RIP/RIPng/ISIS/PIM/LDP routing daemon forked from Quagga
+ FRR is free software which manages TCP/IP based routing protocols.
+ It supports BGP4, BGP4+, OSPFv2, OSPFv3, IS-IS, RIPv1, RIPv2, RIPng,
+ PIM and LDP as well as the IPv6 versions of these.
+ .
+ FRR is a fork of Quagga with an open community model. The main git
+ lives on https://github.com/frrouting/frr.git
+
+Package: frr-dbg
+Architecture: any
+Depends: ${shlibs:Depends}, ${misc:Depends}, frr (= ${binary:Version})
+Priority: extra
+Section: debug
+Description: BGP/OSPF/RIP/RIPng/ISIS/PIM/LDP routing daemon (debug symbols)
+ This package provides debugging symbols for all binary packages built
+ from frr source package. It's highly recommended to have this package
+ installed before reporting any FRR crashes to either FRR developers or
+ Debian package maintainers.
+
+Package: frr-doc
+Section: net
+Architecture: all
+Depends: ${misc:Depends}
+Suggests: frr
+Description: BGP/OSPF/RIP/RIPng/ISIS/PIM/LDP routing daemon (documentation)
+ This package includes info files for frr, a free software which manages
+ TCP/IP based routing protocols. It supports BGP4, BGP4+, OSPFv2, OSPFv3,
+ IS-IS, RIPv1, RIPv2, RIPng, PIM and LDP as well as the IPv6 versions of these.
+
+Package: frr-pythontools
+Section: net
+Architecture: all
+Depends: ${misc:Depends}, frr (= ${binary:Version}), python (>= 2.7), python-ipaddr
+Description: BGP/OSPF/RIP/RIPng/ISIS/PIM/LDP routing daemon (Python Tools)
+ This package includes info files for frr, a free software which manages
+ TCP/IP based routing protocols. It supports BGP4, BGP4+, OSPFv2, OSPFv3,
+ IS-IS, RIPv1, RIPv2, RIPng, PIM and LDP as well as the IPv6 versions of these.
diff --git a/debian/copyright b/debian/copyright
new file mode 100644
index 0000000..7b873ab
--- /dev/null
+++ b/debian/copyright
@@ -0,0 +1,29 @@
+Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
+Upstream-Name: Frr
+Upstream-Contact: maintainers at frrouting.org, security at frrouting.org
+Source: http://www.frrouting.org/
+
+Files: *
+Copyright: 1996-2003 by the original Zebra authors:
+ Kunihiro Ishiguro <kunihiro at zebra.org>
+ Toshiaki Takada <takada at zebra.org>
+ Yasuhiro Ohara <yasu at sfc.wide.ad.jp>
+ 2003-2012 by the Quagga Project, mostly Paul Jakma <paul at jakma.org>
+License: GPL-2+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+ .
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+ .
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
+ .
+ On Debian systems, the full text of the GNU General Public
+ License version 2 can be found in the file
+ `/usr/share/common-licenses/GPL-2'.
diff --git a/debian/frr-dbg.lintian-overrides b/debian/frr-dbg.lintian-overrides
new file mode 100644
index 0000000..7880bba
--- /dev/null
+++ b/debian/frr-dbg.lintian-overrides
@@ -0,0 +1 @@
+frr-dbg: debug-file-with-no-debug-symbols usr/lib/debug/usr/lib/libfrrfpm_pb.so.0.0.0
diff --git a/debian/frr-doc.docs b/debian/frr-doc.docs
new file mode 100644
index 0000000..4720a3b
--- /dev/null
+++ b/debian/frr-doc.docs
@@ -0,0 +1,6 @@
+AUTHORS
+NEWS
+README
+REPORTING-BUGS
+doc/user/*.rst
+doc/figures/*.png
diff --git a/debian/frr-doc.info b/debian/frr-doc.info
new file mode 100644
index 0000000..a83255a
--- /dev/null
+++ b/debian/frr-doc.info
@@ -0,0 +1 @@
+doc/user/_build/texinfo/frr.info
diff --git a/debian/frr-doc.install b/debian/frr-doc.install
new file mode 100644
index 0000000..8854b2c
--- /dev/null
+++ b/debian/frr-doc.install
@@ -0,0 +1 @@
+doc/user/_build/texinfo/*.png usr/share/info
diff --git a/debian/frr-doc.lintian-overrides b/debian/frr-doc.lintian-overrides
new file mode 100644
index 0000000..1fe64ff
--- /dev/null
+++ b/debian/frr-doc.lintian-overrides
@@ -0,0 +1 @@
+frr-doc: wrong-section-according-to-package-name frr-doc => doc
diff --git a/debian/frr-pythontools.install b/debian/frr-pythontools.install
new file mode 100644
index 0000000..aee093c
--- /dev/null
+++ b/debian/frr-pythontools.install
@@ -0,0 +1 @@
+tools/frr-reload.py usr/lib/frr/
diff --git a/debian/frr.conf b/debian/frr.conf
new file mode 100644
index 0000000..dee3cd8
--- /dev/null
+++ b/debian/frr.conf
@@ -0,0 +1,2 @@
+# Create the /run/frr directory at boot or from systemd-tmpfiles on install
+d /run/frr 0755 frr frr
diff --git a/debian/frr.dirs b/debian/frr.dirs
new file mode 100644
index 0000000..56699b2
--- /dev/null
+++ b/debian/frr.dirs
@@ -0,0 +1,8 @@
+etc/logrotate.d/
+etc/frr/
+etc/iproute2/rt_protos.d/
+usr/share/doc/frr/
+usr/share/doc/frr/examples/
+usr/share/lintian/overrides/
+usr/share/snmp/mibs/
+var/log/frr/
diff --git a/debian/frr.docs b/debian/frr.docs
new file mode 100644
index 0000000..f72aae1
--- /dev/null
+++ b/debian/frr.docs
@@ -0,0 +1,2 @@
+tools
+debian/README.Debian
diff --git a/debian/frr.install b/debian/frr.install
new file mode 100644
index 0000000..20a58bb
--- /dev/null
+++ b/debian/frr.install
@@ -0,0 +1,12 @@
+etc/frr/
+usr/bin/vtysh
+usr/bin/mtracebis
+usr/include/frr/
+usr/lib/
+tools/frr usr/lib/frr
+usr/share/doc/frr/
+usr/share/snmp/mibs/
+tools/etc/* etc/
+tools/*.service lib/systemd/system
+tools/frr-reload usr/lib/frr/
+debian/frr.conf usr/lib/tmpfiles.d
diff --git a/debian/frr.lintian-overrides b/debian/frr.lintian-overrides
new file mode 100644
index 0000000..1ff0b80
--- /dev/null
+++ b/debian/frr.lintian-overrides
@@ -0,0 +1,5 @@
+frr: non-dev-pkg-with-shlib-symlink usr/lib/libfrrospfapiclient.so.0.0.0 usr/lib/libfrrospfapiclient.so
+frr: non-dev-pkg-with-shlib-symlink usr/lib/libfrr.so.0.0.0 usr/lib/libfrr.so
+frr: non-dev-pkg-with-shlib-symlink usr/lib/libfrrfpm_pb.so.0.0.0 usr/lib/libfrrfpm_pb.so
+frr: package-name-doesnt-match-sonames libfrr0 libfrrfpm-pb0 libfrrospfapiclient0
+frr: systemd-service-file-refers-to-unusual-wantedby-target lib/systemd/system/frr.service network-online.target
diff --git a/debian/frr.logrotate b/debian/frr.logrotate
new file mode 100644
index 0000000..2b4acd8
--- /dev/null
+++ b/debian/frr.logrotate
@@ -0,0 +1,27 @@
+/var/log/frr/*.log {
+ size 500k
+ sharedscripts
+ missingok
+ compress
+ rotate 14
+ create 640 frr frrvty
+
+ postrotate
+ pid=$(lsof -t -a -c /syslog/ /var/log/frr/* 2>/dev/null)
+ if [ -n "$pid" ]
+ then # using syslog
+ kill -HUP $pid
+ fi
+ # in case using file logging; if switching back and forth
+ # between file and syslog, rsyslogd might still have file
+ # open, as well as the daemons, so always signal the daemons.
+ # It's safe, a NOP if (only) syslog is being used.
+ for i in babeld bgpd eigrpd isisd ldpd nhrpd ospf6d ospfd \
+ pimd ripd ripngd zebra ; do
+ if [ -e /var/run/frr/$i.pid ] ; then
+ pids="$pids $(cat /var/run/frr/$i.pid)"
+ fi
+ done
+ [ -n "$pids" ] && kill -USR1 $pids || true
+ endscript
+}
diff --git a/debian/frr.manpages b/debian/frr.manpages
new file mode 100644
index 0000000..d4bb920
--- /dev/null
+++ b/debian/frr.manpages
@@ -0,0 +1,15 @@
+doc/manpages/_build/man/frr.1
+doc/manpages/_build/man/bgpd.8
+doc/manpages/_build/man/pimd.8
+doc/manpages/_build/man/eigrpd.8
+doc/manpages/_build/man/ldpd.8
+doc/manpages/_build/man/nhrpd.8
+doc/manpages/_build/man/ospf6d.8
+doc/manpages/_build/man/ospfd.8
+doc/manpages/_build/man/ripd.8
+doc/manpages/_build/man/ripngd.8
+doc/manpages/_build/man/vtysh.1
+doc/manpages/_build/man/zebra.8
+doc/manpages/_build/man/isisd.8
+doc/manpages/_build/man/watchfrr.8
+doc/manpages/_build/man/mtracebis.8
diff --git a/debian/frr.pam b/debian/frr.pam
new file mode 100644
index 0000000..2b106d4
--- /dev/null
+++ b/debian/frr.pam
@@ -0,0 +1,3 @@
+# Any user may call vtysh but only those belonging to the group frrvty can
+# actually connect to the socket and use the program.
+auth sufficient pam_permit.so
diff --git a/debian/frr.postinst b/debian/frr.postinst
new file mode 100644
index 0000000..32af741
--- /dev/null
+++ b/debian/frr.postinst
@@ -0,0 +1,37 @@
+#!/bin/bash -e
+
+######################
+PASSWDFILE=/etc/passwd
+GROUPFILE=/etc/group
+
+frruid=`egrep "^frr:" $PASSWDFILE | awk -F ":" '{ print $3 }'`
+frrgid=`egrep "^frr:" $GROUPFILE | awk -F ":" '{ print $3 }'`
+frrvtygid=`egrep "^frrvty:" $GROUPFILE | awk -F ":" '{ print $3 }'`
+
+[ -n ${frruid} ] || (echo "No uid for frr in ${PASSWDFILE}" && /bin/false)
+[ -n ${frrgid} ] || (echo "No gid for frr in ${GROUPFILE}" && /bin/false)
+[ -n ${frrVTYgid} ] || (echo "No gid for frrvty in ${GROUPFILE}" && /bin/false)
+
+chown ${frruid}:${frrgid} /etc/frr
+chown ${frruid}:${frrgid} /etc/frr/*
+touch /etc/frr/vtysh.conf
+chgrp ${frrvtygid} /etc/frr/vtysh*
+chmod 644 /etc/frr/*
+
+ENVIRONMENTFILE=/etc/environment
+if ! egrep --quiet '^VTYSH_PAGER=' ${ENVIRONMENTFILE}; then
+ echo "VTYSH_PAGER=/bin/cat" >> ${ENVIRONMENTFILE}
+fi
+##################################################
+
+if [ -n "$DEBIAN_SCRIPT_DEBUG" ]; then set -v -x; DEBIAN_SCRIPT_TRACE=1; fi
+${DEBIAN_SCRIPT_TRACE:+ echo "#42#DEBUG# RUNNING $0 $*"}
+
+# This is most likely due to the answer "no" to the "really stop the server"
+# question in the prerm script.
+if [ "$1" = "abort-upgrade" ]; then
+ exit 0
+fi
+
+#DEBHELPER#
+
diff --git a/debian/frr.postrm b/debian/frr.postrm
new file mode 100644
index 0000000..26576fd
--- /dev/null
+++ b/debian/frr.postrm
@@ -0,0 +1,12 @@
+#!/bin/bash -e
+
+if [ -n "$DEBIAN_SCRIPT_DEBUG" ]; then set -v -x; DEBIAN_SCRIPT_TRACE=1; fi
+${DEBIAN_SCRIPT_TRACE:+ echo "#42#DEBUG# RUNNING $0 $*"}
+# set -u not because of debhelper
+
+if [ "$1" = "purge" ]; then
+ rm -rf /etc/frr /var/run/frr /var/log/frr
+ userdel frr >/dev/null 2>&1 || true
+fi
+
+#DEBHELPER#
diff --git a/debian/frr.preinst b/debian/frr.preinst
new file mode 100644
index 0000000..477e690
--- /dev/null
+++ b/debian/frr.preinst
@@ -0,0 +1,81 @@
+#!/bin/bash
+
+if [ -n "$DEBIAN_SCRIPT_DEBUG" ]; then set -v -x; DEBIAN_SCRIPT_TRACE=1; fi
+${DEBIAN_SCRIPT_TRACE:+ echo "#42#DEBUG# RUNNING $0 $*"}
+set -e
+set -u
+
+# creating frrvty group if it isn't already there
+if ! getent group frrvty >/dev/null; then
+ addgroup --system frrvty >/dev/null
+fi
+
+# creating frr group if it isn't already there
+if ! getent group frr >/dev/null; then
+ addgroup --system frr >/dev/null
+fi
+
+# creating frr user if he isn't already there
+if ! getent passwd frr >/dev/null; then
+ adduser \
+ --system \
+ --ingroup frr \
+ --home /var/run/frr/ \
+ --gecos "Frr routing suite" \
+ --shell /bin/false \
+ frr >/dev/null
+fi
+
+# We may be installing over an older version of
+# frr and as such we need to intelligently
+# check to see if the frr user is in the frrvty
+# group.
+if ! id frr | grep &>/dev/null 'frrvty'; then
+ usermod -a -G frrvty frr >/dev/null
+fi
+
+# Do not change permissions when upgrading as it would violate policy.
+if [ "$1" = "install" ]; then
+ # Logfiles are group readable in case users were put into the frr group.
+ d=/var/log/frr/
+ mkdir -p $d
+ chown frr:frr $d
+ chown --quiet frr:frr $d/* | true
+ chmod u=rwx,go=rx $d
+ find $d -type f -print0 | xargs -0 --no-run-if-empty chmod u=rw,g=r,o=
+
+ # Strict permissions for the sockets.
+ d=/var/run/frr/
+ mkdir -p $d
+ chown frr:frr $d
+ chown --quiet frr:frr $d/* | true
+ chmod u=rwx,go=rx $d
+ find $d -type f -print0 | xargs -0 --no-run-if-empty chmod u=rw,go=
+
+ # Config files. Vtysh does not have access to the individual daemons config file
+ d=/etc/frr/
+ mkdir -p $d
+ chown frr:frrvty $d
+ chmod ug=rwx,o=rx $d
+ find $d -type f -print0 | xargs -0 --no-run-if-empty chown frr:frr
+ find $d -type f -print0 | xargs -0 --no-run-if-empty chmod u=rw,g=r,o=
+
+ # Exceptions for vtysh.
+ f=$d/vtysh.conf
+ if [ -f $f ]; then
+ chown frr:frrvty $f
+ chmod u=rw,g=r,o= $f
+ fi
+
+ # Exceptions for vtysh.
+ f=$d/frr.conf
+ if [ -f $d/Zebra.conf ]; then
+ mv $d/Zebra.conf $f
+ fi
+ if [ -f $f ]; then
+ chown frr:frrvty $f
+ chmod u=rw,g=r,o= $f
+ fi
+fi
+
+#DEBHELPER#
diff --git a/debian/frr.prerm b/debian/frr.prerm
new file mode 100644
index 0000000..4b71202
--- /dev/null
+++ b/debian/frr.prerm
@@ -0,0 +1,23 @@
+#!/bin/bash -e
+
+if [ -n "$DEBIAN_SCRIPT_DEBUG" ]; then set -v -x; DEBIAN_SCRIPT_TRACE=1; fi
+${DEBIAN_SCRIPT_TRACE:+ echo "#42#DEBUG# RUNNING $0 $*"}
+
+# prerm remove
+# old-prerm upgrade new-version
+# new-prerm failed-upgrade old-version
+# conflictor's-prerm remove in-favour package new-version
+# deconfigured's-prerm deconfigure in-favour package-being-installed version removing conflicting-package
+case $1 in
+ remove|upgrade)
+ ;;
+
+ failed-upgrade)
+ # If frr/really_stop was negated then this script exits with return
+ # code 1 and is called again with "failed-upgrade". Well, exit again.
+ exit 1
+ ;;
+
+esac
+
+#DEBHELPER#
diff --git a/debian/rules b/debian/rules
new file mode 100755
index 0000000..9c84c06
--- /dev/null
+++ b/debian/rules
@@ -0,0 +1,233 @@
+#!/usr/bin/make -f
+
+# FRRouting Configuration options
+######################################
+#
+# WANT_xxxx --> Set to 1 for enable, 0 for disable
+# The following are the defaults. They can be overridden by setting a
+# env variable to a different value
+
+WANT_LDP ?= 1
+WANT_PIM ?= 1
+WANT_OSPFAPI ?= 1
+WANT_TCP_ZEBRA ?= 0
+WANT_BGP_VNC ?= 1
+WANT_CUMULUS_MODE ?= 0
+WANT_MULTIPATH ?= 1
+WANT_SNMP ?= 0
+WANT_RPKI ?= 0
+
+# NOTES:
+#
+# If you use WANT_RPKI, then there is a new dependency for librtr0 package
+# and a build dependency of the librtr-dev package.
+# While the librtr0 is added to the depenencies automatically, the build
+# dependency can't be changed dynamically and building will fail if the
+# librtr-dev isn't installed during package build
+# Tested versions of both packages can be found at
+# https://ci1.netdef.org/browse/RPKI-RTRLIB/latestSuccessful/artifact
+#
+# If multipath is enabled (WANT_MULTIPATH=1), then set number of multipaths here
+# Please be aware that 0 is NOT disabled, but treated as unlimited
+
+MULTIPATH ?= 256
+
+# Set the following to the value required (or leave alone for the default below)
+# WANT_FRR_USER is used for the username and groupname of the FRR user account
+
+WANT_FRR_USER ?= frr
+WANT_FRR_VTY_GROUP ?= frrvty
+
+# Don't build PDF docs by default
+GENERATE_PDF ?= 0
+
+#
+####################################
+
+export DH_VERBOSE=1
+export DEB_BUILD_MAINT_OPTIONS = hardening=+all
+export DH_OPTIONS=-v
+
+ifeq ($(WANT_SNMP), 1)
+ USE_SNMP=--enable-snmp
+ $(warning "DEBIAN: SNMP enabled, sorry for your inconvenience")
+else
+ USE_SNMP=--disable-snmp
+ $(warning "DEBIAN: SNMP disabled, see README.Debian")
+endif
+
+ifeq ($(WANT_LDP), 1)
+ USE_LDP=--enable-ldpd
+else
+ USE_LDP=--disable-ldpd
+endif
+
+ifeq ($(WANT_PIM), 1)
+ USE_PIM=--enable-pimd
+else
+ USE_PIM=--disable-pimd
+endif
+
+ifeq ($(WANT_OSPFAPI), 1)
+ USE_OSPFAPI=--enable-ospfapi=yes
+else
+ USE_OSPFAPI=--enable-ospfapi=no
+endif
+
+ifeq ($(WANT_TCP_ZEBRA),1)
+ USE_TCP_ZEBRA=--enable-tcp-zebra
+else
+ USE_TCP_ZEBRA=--disable-tcp-zebra
+endif
+
+ifeq ($(WANT_BGP_VNC), 1)
+ USE_BGP_VNC=--enable-bgp-vnc=yes
+else
+ USE_BGP_VNC=--enable-bgp-vnc=no
+endif
+
+USE_FRR_USER=--enable-user=$(WANT_FRR_USER)
+USE_FRR_GROUP=--enable-group=$(WANT_FRR_USER)
+USE_FRR_VTY_GROUP=--enable-vty-group=$(WANT_FRR_VTY_GROUP)
+
+ifeq ($(WANT_MULTIPATH), 1)
+ USE_MULTIPATH=--enable-multipath=$(MULTIPATH)
+else
+ USE_MULTIPATH=--disable-multipath
+endif
+
+ifeq ($(WANT_CUMULUS_MODE), 1)
+ USE_CUMULUS=--enable-cumulus=yes
+else
+ USE_CUMULUS=--enable-cumulus=no
+endif
+
+ifeq ($(WANT_RPKI), 1)
+ USE_RPKI=--enable-rpki
+else
+ USE_RPKI=--disable-rpki
+endif
+
+ifneq (,$(filter parallel=%,$(DEB_BUILD_OPTIONS)))
+ DEBIAN_JOBS := $(subst parallel=,,$(filter parallel=%,$(DEB_BUILD_OPTIONS)))
+endif
+
+ifdef DEBIAN_JOBS
+MAKEFLAGS += -j$(DEBIAN_JOBS)
+endif
+
+%:
+ dh $@ --with=systemd,autoreconf --parallel --dbg-package=frr-dbg --list-missing
+
+override_dh_gencontrol:
+ifeq ($(WANT_RPKI), 1)
+ dh_gencontrol -- -Vdist:Depends="librtr0 (>= 0.5)"
+else
+ dh_gencontrol
+endif
+
+override_dh_auto_configure:
+ # Frr needs /proc to check some BSD vs Linux specific stuff.
+ # Else it fails with an obscure error message pointing out that
+ # IPCTL_FORWARDING is an undefined symbol which is not very helpful.
+ @if ! [ -d /proc/1 ]; then \
+ echo "./configure needs a mounted /proc"; \
+ exit 1; \
+ fi
+
+ if ! [ -e config.status ]; then \
+ dh_auto_configure -- \
+ --enable-exampledir=/usr/share/doc/frr/examples/ \
+ --localstatedir=/var/run/frr \
+ --sbindir=/usr/lib/frr \
+ --sysconfdir=/etc/frr \
+ $(USE_SNMP) \
+ $(USE_OSPFAPI) \
+ $(USE_MULTIPATH) \
+ $(USE_LDP) \
+ $(USE_TCP_ZEBRA) \
+ --enable-fpm \
+ $(USE_FRR_USER) $(USE_FRR_GROUP) \
+ $(USE_FRR_VTY_GROUP) \
+ --enable-configfile-mask=0640 \
+ --enable-logfile-mask=0640 \
+ --enable-werror \
+ --with-libpam \
+ --enable-systemd=yes \
+ --enable-poll=yes \
+ $(USE_CUMULUS) \
+ $(USE_PIM) \
+ --enable-dependency-tracking \
+ $(USE_BGP_VNC) \
+ $(USE_RPKI) \
+ $(shell dpkg-buildflags --export=configure); \
+ fi
+
+override_dh_auto_build:
+ # doc/ is a bit crazy
+ifeq ($(GENERATE_PDF), 1)
+ dh_auto_build -- -C doc pdf
+endif
+ rm -vf doc/user/_build/texinfo/frr.info
+ dh_auto_build -- -C doc info
+
+override_dh_auto_test:
+
+override_dh_auto_install:
+ dh_auto_install
+
+ # installed in frr-pythontools
+ rm debian/tmp/usr/lib/frr/frr-reload.py
+
+ # cleaning up the info dir
+ rm -f debian/tmp/usr/share/info/dir*
+
+ # install config files
+ mkdir -p debian/tmp/etc/frr/
+ perl -pi -e 's#^!log file #!log file /var/log/frr/#' debian/tmp/usr/share/doc/frr/examples/*sample*
+
+ # installing the Frr specific SNMP MIB
+ifeq ($(WANT_SNMP), 1)
+ install -D -m 644 ./zebra/GNOME-PRODUCT-ZEBRA-MIB debian/tmp/usr/share/snmp/mibs/GNOME-PRODUCT-ZEBRA-MIB
+else
+ mkdir -p debian/tmp/usr/share/snmp/mibs/
+endif
+
+ # cleaning .la files
+ sed -i "/dependency_libs/ s/'.*'/''/" debian/tmp/usr/lib/*.la
+ sed -i "/dependency_libs/ s/'.*'/''/" debian/tmp/usr/lib/frr/modules/*.la
+
+override_dh_systemd_start:
+ dh_systemd_start frr.service
+
+override_dh_systemd_enable:
+ dh_systemd_enable frr.service
+
+# backports
+SRCPKG = frr
+KNOWN_BACKPORTS = debian8 debian9 ubuntu12.04 ubuntu14.04 ubuntu16.04 ubuntu17.10 ubuntu18.04
+DEBIAN_VERSION := $(shell dh_testdir && \
+ dpkg-parsechangelog -c1 < debian/changelog | \
+ sed -rn 's/^Version: ?//p')
+ORIG_VERSION := $(DEBIAN_VERSION)
+-include debian/backports/rules
+
+ifneq ($(TARBALLDIR),)
+ifeq ($(wildcard frr-$(ORIG_VERSION).tar.gz),frr-$(ORIG_VERSION).tar.gz)
+
+$(TARBALLDIR)/$(SRCPKG)_$(ORIG_VERSION).orig.tar.gz: \
+ frr-$(ORIG_VERSION).tar.gz
+ cp $< $@
+
+else # wildcard frr-$(ORIG_VERSION).tar.gz
+
+# better error message on missing .orig.tar.gz
+$(TARBALLDIR)/$(SRCPKG)_$(ORIG_VERSION).orig.tar.gz:
+ @ echo "\`$(TARBALLDIR)/$(SRCPKG)-$(ORIG_VERSION).tar.gz'" not \
+ found and not generated by debian/rules. Provided you have the \
+ necessary packages installed, you can generate it yourself via \
+ "\"./bootstrap.sh && ./configure && make dist\"".
+ exit 1
+
+endif # wildcard frr-$(ORIG_VERSION).tar.gz
+endif # TARBALLDIR nonempty
diff --git a/debian/source/format b/debian/source/format
new file mode 100644
index 0000000..af745b3
--- /dev/null
+++ b/debian/source/format
@@ -0,0 +1 @@
+3.0 (git)
diff --git a/debian/tests/control b/debian/tests/control
new file mode 100644
index 0000000..53fd537
--- /dev/null
+++ b/debian/tests/control
@@ -0,0 +1,3 @@
+Tests: daemons
+Depends: frr
+Restrictions: needs-root
diff --git a/debian/tests/daemons b/debian/tests/daemons
new file mode 100644
index 0000000..ac35ecd
--- /dev/null
+++ b/debian/tests/daemons
@@ -0,0 +1,30 @@
+#!/bin/bash
+#---------------
+# Testing frr
+#---------------
+set -e
+
+# modify config file to enable all daemons and copy config files
+CONFIG_FILE=/etc/frr/daemons
+DAEMONS=("zebra" "bgpd" "ospfd" "ospf6d" "ripd" "ripngd" "isisd" "pimd")
+
+for daemon in "${DAEMONS[@]}"
+do
+ sed -i -e "s/${daemon}=no/${daemon}=yes/g" $CONFIG_FILE
+ cp /usr/share/doc/frr/examples/${daemon}.conf.sample /etc/frr/${daemon}.conf
+done
+
+# reload frr
+/etc/init.d/frr restart > /dev/null 2>&1
+
+# check daemons
+for daemon in "${DAEMONS[@]}"
+do
+ echo -n "check $daemon - "
+ if pidof -x $daemon > /dev/null; then
+ echo "${daemon} OK"
+ else
+ echo "ERROR: ${daemon} IS NOT RUNNING"
+ exit 1
+ fi
+done
diff --git a/debian/watchfrr.rc b/debian/watchfrr.rc
new file mode 100644
index 0000000..4110b86
--- /dev/null
+++ b/debian/watchfrr.rc
@@ -0,0 +1,4 @@
+check process watchfrr with pidfile /var/run/frr/watchfrr.pid
+ start program = "/etc/init.d/frr start watchfrr" with timeout 120 seconds
+ stop program = "/etc/init.d/frr stop watchfrr"
+ if 3 restarts within 10 cycles then timeout
--
2.11.0
More information about the pve-devel
mailing list