Debian Bug report logs - #481243
apt-p2p: configuration option to function as LAN-wide mirror/proxy

version graph

Package: apt-p2p; Maintainer for apt-p2p is Cameron Dale <camrdale@gmail.com>; Source for apt-p2p is src:apt-p2p.

Reported by: Chris Lawrence <lawrencc@debian.org>

Date: Wed, 14 May 2008 18:48:02 UTC

Severity: wishlist

Found in versions apt-p2p/0.1.3, apt-p2p/0.1.5

Reply or subscribe to this bug.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to debian-bugs-dist@lists.debian.org, Cameron Dale <camrdale@gmail.com>:
Bug#481243; Package apt-p2p. Full text and rfc822 format available.

Acknowledgement sent to Chris Lawrence <lawrencc@debian.org>:
New Bug report received and forwarded. Copy sent to Cameron Dale <camrdale@gmail.com>. Full text and rfc822 format available.

Message #5 received at submit@bugs.debian.org (full text, mbox):

From: Chris Lawrence <lawrencc@debian.org>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: wish: configuration option to allow apt-p2p to function as LAN-wide mirror/proxy
Date: Wed, 14 May 2008 13:46:19 -0500
Package: apt-p2p
Version: 0.1.3
Severity: wishlist

For the moment, I've done a manual hack to HTTPServer.py (adding
addr.startswith('192.168.') to the IP permission check) to allow local
IP addresses behind my firewall to download Packages files, but it
would be nice to have a configurable option in apt-p2p.conf that
includes a list/netmask/wildcard/something of permissible addresses
(as was the case for debtorrent).  The functions for IP checks in the
python-ipy package might be helpful in this regard.

-- System Information:
Debian Release: lenny/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.25.1 (SMP w/2 CPU cores; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages apt-p2p depends on:
ii  adduser                       3.107      add and remove users and groups
ii  python                        2.5.2-1    An interactive high-level object-o
ii  python-apt                    0.7.5      Python interface to libapt-pkg
ii  python-debian                 0.1.10     Python modules to work with Debian
ii  python-pysqlite2              2.4.1-1    Python interface to SQLite 3
ii  python-support                0.8.1      automated rebuilding support for P
ii  python-twisted-web2           8.0.1-1    An HTTP/1.1 Server Framework

apt-p2p recommends no packages.

-- debconf information:
* apt-p2p/port_forward:




Information forwarded to debian-bugs-dist@lists.debian.org, Cameron Dale <camrdale@gmail.com>:
Bug#481243; Package apt-p2p. Full text and rfc822 format available.

Acknowledgement sent to "Cameron Dale" <camrdale@gmail.com>:
Extra info received and forwarded to list. Copy sent to Cameron Dale <camrdale@gmail.com>. Full text and rfc822 format available.

Message #10 received at 481243@bugs.debian.org (full text, mbox):

From: "Cameron Dale" <camrdale@gmail.com>
To: "Chris Lawrence" <lawrencc@debian.org>, 481243@bugs.debian.org
Subject: Re: Bug#481243: wish: configuration option to allow apt-p2p to function as LAN-wide mirror/proxy
Date: Wed, 14 May 2008 12:02:26 -0700
On 5/14/08, Chris Lawrence <lawrencc@debian.org> wrote:
>  For the moment, I've done a manual hack to HTTPServer.py (adding
>  addr.startswith('192.168.') to the IP permission check) to allow local
>  IP addresses behind my firewall to download Packages files, but it
>  would be nice to have a configurable option in apt-p2p.conf that
>  includes a list/netmask/wildcard/something of permissible addresses
>  (as was the case for debtorrent).

Thanks for the suggestion. This option had occurred to me before, but
there are issues that prevent me from implementing it, so the
inclusion of only the localhost address was intentional.

The main reason is the obtaining of hashes from downloaded Packages
files uses python-apt, which requires knowledge of the architecture.
You may experience problems with the finding of hashes because of
this, especially if you have multiple architectures accessing apt-p2p
on the same host. However you may not have any problems, in which case
please let me know and I'll consider adding the option.

Because I excluded proxy functionality, I'm also not sure what will
happen if multiple requests come in to apt-p2p at the same time from
different hosts. Again there may be problems, there may not. Adding
support for multiple concurrent connections would also be the hardest
part of implementing this (otherwise simple) option.

> The functions for IP checks in the
> python-ipy package might be helpful in this regard.

Thanks for the tip, I wasn't aware of that package, and it looks really useful.

Cameron




Information forwarded to debian-bugs-dist@lists.debian.org, Cameron Dale <camrdale@gmail.com>:
Bug#481243; Package apt-p2p. Full text and rfc822 format available.

Acknowledgement sent to "Chris Lawrence" <lawrencc@debian.org>:
Extra info received and forwarded to list. Copy sent to Cameron Dale <camrdale@gmail.com>. Full text and rfc822 format available.

Message #15 received at 481243@bugs.debian.org (full text, mbox):

From: "Chris Lawrence" <lawrencc@debian.org>
To: "Cameron Dale" <camrdale@gmail.com>, 481243@bugs.debian.org
Subject: Re: Bug#481243: wish: configuration option to allow apt-p2p to function as LAN-wide mirror/proxy
Date: Wed, 14 May 2008 18:27:56 -0500
On Wed, May 14, 2008 at 2:02 PM, Cameron Dale <camrdale@gmail.com> wrote:
> On 5/14/08, Chris Lawrence <lawrencc@debian.org> wrote:
>>  For the moment, I've done a manual hack to HTTPServer.py (adding
>>  addr.startswith('192.168.') to the IP permission check) to allow local
>>  IP addresses behind my firewall to download Packages files, but it
>>  would be nice to have a configurable option in apt-p2p.conf that
>>  includes a list/netmask/wildcard/something of permissible addresses
>>  (as was the case for debtorrent).
>
> Thanks for the suggestion. This option had occurred to me before, but
> there are issues that prevent me from implementing it, so the
> inclusion of only the localhost address was intentional.
>
> The main reason is the obtaining of hashes from downloaded Packages
> files uses python-apt, which requires knowledge of the architecture.
> You may experience problems with the finding of hashes because of
> this, especially if you have multiple architectures accessing apt-p2p
> on the same host. However you may not have any problems, in which case
> please let me know and I'll consider adding the option.
>
> Because I excluded proxy functionality, I'm also not sure what will
> happen if multiple requests come in to apt-p2p at the same time from
> different hosts. Again there may be problems, there may not. Adding
> support for multiple concurrent connections would also be the hardest
> part of implementing this (otherwise simple) option.
>
>> The functions for IP checks in the
>> python-ipy package might be helpful in this regard.
>
> Thanks for the tip, I wasn't aware of that package, and it looks really useful.

I haven't had any trouble using apt-p2p (on an unstable amd64 box)
from my MacBook that runs testing i386 in Parallels, but I hadn't
really investigated whether it was doing peer downloads or mirror
downloads for those packages.  It's entirely possible it's making
apt-p2p deeply confused.

The simultaneity issue might be problematic, though; I don't think
I've tried both at the same time.


Chris




Information forwarded to debian-bugs-dist@lists.debian.org, Cameron Dale <camrdale@gmail.com>:
Bug#481243; Package apt-p2p. (Sun, 09 Nov 2008 17:42:06 GMT) Full text and rfc822 format available.

Acknowledgement sent to chrysn <chrysn@fsfe.org>:
Extra info received and forwarded to list. Copy sent to Cameron Dale <camrdale@gmail.com>. (Sun, 09 Nov 2008 17:42:06 GMT) Full text and rfc822 format available.

Message #20 received at 481243@bugs.debian.org (full text, mbox):

From: chrysn <chrysn@fsfe.org>
To: 481243@bugs.debian.org
Subject: Re: Bug#481243: wish: configuration option to allow apt-p2p to function as LAN-wide mirror/proxy
Date: Sun, 9 Nov 2008 18:40:37 +0100
[Message part 1 (text/plain, inline)]
"Chris Lawrence" <lawrencc@debian.org> wrote:
> The simultaneity issue might be problematic, though; I don't think
> I've tried both at the same time.

i just have; seems to work well both with same and different
distributions; cross-distribution file reuse works as well.
[signature.asc (application/pgp-signature, inline)]

Information forwarded to debian-bugs-dist@lists.debian.org, Cameron Dale <camrdale@gmail.com>:
Bug#481243; Package apt-p2p. (Tue, 11 Nov 2008 09:06:03 GMT) Full text and rfc822 format available.

Acknowledgement sent to "Egon Willighagen" <egon.willighagen@gmail.com>:
Extra info received and forwarded to list. Copy sent to Cameron Dale <camrdale@gmail.com>. (Tue, 11 Nov 2008 09:06:04 GMT) Full text and rfc822 format available.

Message #25 received at 481243@bugs.debian.org (full text, mbox):

From: "Egon Willighagen" <egon.willighagen@gmail.com>
To: 481243@bugs.debian.org
Subject: Re: Bug#481243: wish: configuration option to allow apt-p2p to function as LAN-wide mirror/proxy
Date: Tue, 11 Nov 2008 10:05:14 +0100
Hi Chris,

being rather interested in your patch, I tried to find where you added
the line, but could not find it. Maybe it's because I'm running 0.1.5
and on Ubuntu, not Debian, but could you give some details (patch?)
where you added that addr.startswith('192.168.') line...

BTW, I'm running it on my laptop, so the 'local' network actually
changes often, but it seems that was discussed in this wishlist report
too...

Egon

-- 
----
http://chem-bla-ics.blogspot.com/




Information forwarded to debian-bugs-dist@lists.debian.org, Cameron Dale <camrdale@gmail.com>:
Bug#481243; Package apt-p2p. (Tue, 11 Nov 2008 19:06:07 GMT) Full text and rfc822 format available.

Acknowledgement sent to "Cameron Dale" <camrdale@gmail.com>:
Extra info received and forwarded to list. Copy sent to Cameron Dale <camrdale@gmail.com>. (Tue, 11 Nov 2008 19:06:07 GMT) Full text and rfc822 format available.

Message #30 received at 481243@bugs.debian.org (full text, mbox):

From: "Cameron Dale" <camrdale@gmail.com>
To: "Egon Willighagen" <egon.willighagen@gmail.com>, 481243@bugs.debian.org
Subject: Re: Bug#481243: wish: configuration option to allow apt-p2p to function as LAN-wide mirror/proxy
Date: Tue, 11 Nov 2008 11:04:45 -0800
On Tue, Nov 11, 2008 at 1:05 AM, Egon Willighagen
<egon.willighagen@gmail.com> wrote:
> being rather interested in your patch, I tried to find where you added
> the line, but could not find it. Maybe it's because I'm running 0.1.5
> and on Ubuntu, not Debian, but could you give some details (patch?)
> where you added that addr.startswith('192.168.') line...

The change is to the line in apt_p2p/HTTPServer.py (should be around
266) that says:

    if request.remoteAddr.host != "127.0.0.1":

That allows only the local host to send apt requests (everyone else
matches this if statement, and so gets blocked). If you want anyone on
your local network to be able to send requests, you can change it to:

    if (request.remoteAddr.host != "127.0.0.1" and
        not request.remoteAddr.host.startswith("192.168.")):

replacing "192.168." with whatever prefix is appropriate to your local
network. You could add more ands to the if for other local prefixes
you want to allow here too.

The logic gets a little confusing here, but if you want to make it
seem simpler the above should be equivalent to:

    if not (request.remoteAddr.host == "127.0.0.1" or
            request.remoteAddr.host.startswith("192.168.")):

I hope that helps. Feel free to ask more questions if you still can't
get it to work.

Cameron




Changed Bug title to `apt-p2p: configuration option to function as LAN-wide mirror/proxy' from `wish: configuration option to allow apt-p2p to function as LAN-wide mirror/proxy'. Request was from "Boyd Stephen Smith Jr." <bss@iguanasuicide.net> to control@bugs.debian.org. (Tue, 07 Jul 2009 19:42:03 GMT) Full text and rfc822 format available.

Information forwarded to debian-bugs-dist@lists.debian.org, Cameron Dale <camrdale@gmail.com>:
Bug#481243; Package apt-p2p. (Mon, 15 Feb 2010 21:45:07 GMT) Full text and rfc822 format available.

Acknowledgement sent to cheako@visi.com:
Extra info received and forwarded to list. Copy sent to Cameron Dale <camrdale@gmail.com>. (Mon, 15 Feb 2010 21:45:07 GMT) Full text and rfc822 format available.

Message #37 received at 481243@bugs.debian.org (full text, mbox):

From: Mike Mestnik <cheako@visi.com>
To: Debian Bug Tracking System <481243@bugs.debian.org>
Subject: Using nc and inetd to expose apt-p2p to a network.
Date: Mon, 15 Feb 2010 15:22:10 -0600
Package: apt-p2p
Version: 0.1.5
Followup-For: Bug #481243

Add this to /etc/inetd.conf and restart openbsd-inetd:
# tproxy stream tcp nowait root /tproxy.pl tproxy
9988 stream tcp nowait nobody /usr/sbin/tcpd /bin/nc localhost 9977
9988 stream tcp6 nowait nobody /usr/sbin/tcpd /bin/nc localhost 9977

You can then controle access via /etc/hosts.allow

-- System Information:
Debian Release: 5.0.3
  APT prefers stable
  APT policy: (990, 'stable'), (90, 'testing')
Architecture: i386 (i686)

Kernel: Linux 2.6.31-1-686 (SMP w/1 CPU core)
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Shell: /bin/sh linked to /bin/bash

Versions of packages apt-p2p depends on:
ii  adduser                     3.110        add and remove users and groups
ii  python                      2.5.2-3      An interactive high-level object-o
ii  python-apt                  0.7.7.1+nmu1 Python interface to libapt-pkg
ii  python-debian               0.1.10       Python modules to work with Debian
ii  python-pysqlite2            2.4.1-1      Python interface to SQLite 3
ii  python-support              0.8.4lenny1  automated rebuilding support for P
ii  python-twisted-web2         8.1.0-1      An HTTP/1.1 Server Framework

apt-p2p recommends no packages.

apt-p2p suggests no packages.

-- no debconf information




Send a report that this bug log contains spam.


Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Thu Apr 17 21:36:06 2014; Machine Name: beach.debian.org

Debian Bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.