nfd: New package
diff --git a/nfd/Makefile b/nfd/Makefile
new file mode 100644
index 0000000..11ead93
--- /dev/null
+++ b/nfd/Makefile
@@ -0,0 +1,16 @@
+# URL for git clone
+GIT_URL=https://github.com/named-data/NFD.git
+
+# Tag name or commit hash for checkout
+GIT_VERSION=NFD-0.1.0
+
+# Package name
+NAME=nfd
+
+# Package version
+VERSION=0.1.0
+
+# PPA version
+PPA_VERSION=0.1
+
+include ../packaging.mk
diff --git a/nfd/debian/changelog b/nfd/debian/changelog
new file mode 100644
index 0000000..60b71ac
--- /dev/null
+++ b/nfd/debian/changelog
@@ -0,0 +1,12 @@
+nfd (0.1.0-ppa0.1~DISTRO) DISTRO; urgency=low
+
+ * New version based on NFD-0.1.0 (https://github.com/named-
+ data/NFD.git)
+
+ -- Alexander Afanasyev <alexander.afanasyev@ucla.edu> Thu, 08 May 2014 22:21:34 -0700
+
+nfd (0.1.0~rc1-ppa0~DISTRO) DISTRO; urgency=low
+
+ * Initial release
+
+ -- Alexander Afanasyev <alexander.afanasyev@ucla.edu> Wed, 7 May 2014 13:58:30 -0800
diff --git a/nfd/debian/compat b/nfd/debian/compat
new file mode 100644
index 0000000..45a4fb7
--- /dev/null
+++ b/nfd/debian/compat
@@ -0,0 +1 @@
+8
diff --git a/nfd/debian/control b/nfd/debian/control
new file mode 100644
index 0000000..dc10b30
--- /dev/null
+++ b/nfd/debian/control
@@ -0,0 +1,22 @@
+Source: nfd
+Priority: extra
+Maintainer: Alexander Afanasyev <alexander.afanasyev@ucla.edu>
+Build-Depends: debhelper (>= 8.0.0),
+ python (>= 2.7.0),
+ pkg-config (>= 0.26),
+ ndn-cxx-dev (>= 0.1.0~rc1),
+ python-sphinx,
+ libpcap-dev,
+ libboost-all-dev (>= 1.48.0)
+Standards-Version: 3.9.2
+Section: net
+Homepage: http://named-data.net/doc/NFD/
+Vcs-Git: git://github.com/named-data/NFD.git
+Vcs-Browser: http://github.com/named-data/NFD
+
+Package: nfd
+Architecture: i386 amd64
+Depends: ${shlibs:Depends}, ${misc:Depends}, ndn-cxx
+Description: NFD - Named Data Networking Forwarding Daemon
+ NFD is a network forwarder that implements and evolves together with the Named Data
+ Networking (NDN) protocol.
diff --git a/nfd/debian/control.precise b/nfd/debian/control.precise
new file mode 100644
index 0000000..94b7375
--- /dev/null
+++ b/nfd/debian/control.precise
@@ -0,0 +1,22 @@
+Source: nfd
+Priority: extra
+Maintainer: Alexander Afanasyev <alexander.afanasyev@ucla.edu>
+Build-Depends: debhelper (>= 8.0.0),
+ python (>= 2.7.0),
+ pkg-config (>= 0.26),
+ ndn-cxx-dev (>= 0.1.0~rc1),
+ python-sphinx,
+ libpcap-dev,
+ libboost1.48-all-dev (>= 1.48.0)
+Standards-Version: 3.9.2
+Section: net
+Homepage: http://named-data.net/doc/NFD/
+Vcs-Git: git://github.com/named-data/NFD.git
+Vcs-Browser: http://github.com/named-data/NFD
+
+Package: nfd
+Architecture: i386 amd64
+Depends: ${shlibs:Depends}, ${misc:Depends}, ndn-cxx
+Description: NFD - Named Data Networking Forwarding Daemon
+ NFD is a network forwarder that implements and evolves together with the Named Data
+ Networking (NDN) protocol.
diff --git a/nfd/debian/copyright b/nfd/debian/copyright
new file mode 100644
index 0000000..c6fe8f5
--- /dev/null
+++ b/nfd/debian/copyright
@@ -0,0 +1,50 @@
+Format: http://dep.debian.net/deps/dep5
+Upstream-Name: nfd
+Source: http://github.com/named-data/NFD
+
+Files: *
+Copyright: Copyright (c) 2014, Regents of the University of California,
+ Arizona Board of Regents,
+ Colorado State University,
+ University Pierre & Marie Curie, Sorbonne University,
+ Washington University in St. Louis,
+ Beijing Institute of Technology,
+ The University of Memphis
+License: GPL-3+
+ NFD is free software: you can redistribute it and/or modify it under the terms
+ of the GNU General Public License as published by the Free Software Foundation,
+ either version 3 of the License, or (at your option) any later version.
+ .
+ NFD is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY;
+ without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
+ PURPOSE. See the GNU General Public License for more details.
+ .
+ You should have received a copy of the GNU General Public License along with
+ NFD, e.g., in COPYING.md file. If not, see <http://www.gnu.org/licenses/>.
+
+
+Files: debian/*
+Copyright: Copyright (c) 2013-2014, Alexander Afanasyev <alexander.afanasyev@ucla.edu>
+License: BSD
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+ * Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ * Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ * Neither the name of the Regents of the University of California nor
+ the names of its contributors may be used to endorse or promote
+ products derived from this software without specific prior written
+ permission.
+ .
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+ AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ ARE DISCLAIMED. IN NO EVENT SHALL REGENTS BE LIABLE FOR ANY DIRECT, INDIRECT,
+ INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
+ OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
+ EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
diff --git a/nfd/debian/nfd-start b/nfd/debian/nfd-start
new file mode 100755
index 0000000..0edfea9
--- /dev/null
+++ b/nfd/debian/nfd-start
@@ -0,0 +1,3 @@
+#!/bin/sh
+
+sudo start nfd
diff --git a/nfd/debian/nfd-stop b/nfd/debian/nfd-stop
new file mode 100755
index 0000000..2069e9c
--- /dev/null
+++ b/nfd/debian/nfd-stop
@@ -0,0 +1,3 @@
+#!/bin/sh
+
+sudo stop nfd
diff --git a/nfd/debian/nfd.conf b/nfd/debian/nfd.conf
new file mode 100644
index 0000000..05f0316
--- /dev/null
+++ b/nfd/debian/nfd.conf
@@ -0,0 +1,195 @@
+; The general section contains settings of nfd process.
+; general
+; {
+; }
+
+log
+{
+ ; default_level specifies the logging level for modules
+ ; that are not explicitly named. All debugging levels
+ ; listed above the selected value are enabled.
+ ;
+ ; Valid values:
+ ;
+ ; NONE ; no messages
+ ; ERROR ; error messages
+ ; WARN ; warning messages
+ ; INFO ; informational messages (default)
+ ; DEBUG ; debugging messages
+ ; TRACE ; trace messages (most verbose)
+ ; ALL ; all messages
+
+ default_level INFO
+
+ ; You may override default_level by assigning a logging level
+ ; to the desired module name. Module names can be found in two ways:
+ ;
+ ; Run:
+ ; nfd --modules
+ ; nrd --modules
+ ;
+ ; Or look for NFD_LOG_INIT(<module name>) statements in .cpp files
+ ;
+ ; Example module-level settings:
+ ;
+ ; FibManager DEBUG
+ ; Forwarder INFO
+}
+
+; The face_system section defines what faces and channels are created.
+face_system
+{
+ ; The unix section contains settings of UNIX stream faces and channels.
+ unix
+ {
+ listen yes ; set to 'no' to disable UNIX stream listener, default 'yes'
+ path /var/run/nfd.sock ; UNIX stream listener path
+ }
+
+ ; The tcp section contains settings of TCP faces and channels.
+ tcp
+ {
+ listen yes ; set to 'no' to disable TCP listener, default 'yes'
+ port 6363 ; TCP listener port number
+ enable_v4 yes ; set to 'no' to disable IPv4 channels, default 'yes'
+ enable_v6 yes ; set to 'no' to disable IPv6 channels, default 'yes'
+ }
+
+ ; The udp section contains settings of UDP faces and channels.
+ ; UDP channel is always listening; delete udp section to disable UDP
+ udp
+ {
+ port 6363 ; UDP unicast port number
+ enable_v4 yes ; set to 'no' to disable IPv4 channels, default 'yes'
+ enable_v6 yes ; set to 'no' to disable IPv6 channels, default 'yes'
+ idle_timeout 600 ; idle time (seconds) before closing a UDP unicast face
+ keep_alive_interval 25; interval (seconds) between keep-alive refreshes
+
+ ; UDP multicast settings
+ ; NFD creates one UDP multicast face per NIC
+ mcast yes ; set to 'no' to disable UDP multicast, default 'yes'
+ mcast_port 56363 ; UDP multicast port number
+ mcast_group 224.0.23.170 ; UDP multicast group (IPv4 only)
+ }
+
+ ; The ether section contains settings of Ethernet faces and channels.
+ ether
+ {
+ ; Ethernet multicast settings
+ ; NFD creates one Ethernet multicast face per NIC
+ mcast yes ; set to 'no' to disable Ethernet multicast, default 'yes'
+ mcast_group 01:00:5E:00:17:AA ; Ethernet multicast group
+ }
+}
+
+authorizations
+{
+ authorize
+ {
+ certfile certs/localhost_daemons_nrd.ndncert
+ privileges
+ {
+ faces
+ fib
+ strategy-choice
+ }
+ }
+
+ authorize
+ {
+ certfile any
+ privileges
+ {
+ faces
+ strategy-choice
+ }
+ }
+}
+
+rib
+{
+ ; The following localhost_security allows anyone to register routing entries in local RIB
+ localhost_security
+ {
+ trust-anchor
+ {
+ type any
+ }
+ }
+
+ ; localhop_security should be enabled when NFD runs on a hub.
+ ; "/localhop/nfd/fib" command prefix will be disabled when localhop_security section is missing.
+ ; localhop_security
+ ; {
+ ; ; This section defines the trust model for NFD RIB Management. It consists of rules and
+ ; ; trust-anchors, which are briefly defined in this file. For more information refer to
+ ; ; manpage of ndn-validator.conf:
+ ; ;
+ ; ; man ndn-validator.conf
+ ; ;
+ ; ; A trust-anchor is a pre-trusted certificate. This can be any certificate that is the
+ ; ; root of certification chain (e.g., NDN testbed root certificate) or an existing
+ ; ; default system certificate `default.ndncert`.
+ ; ;
+ ; ; A rule defines conditions a valid packet MUST have. A packet must satisfy one of the
+ ; ; rules defined here. A rule can be broken into two parts: matching & checking. A packet
+ ; ; will be matched against rules from the first to the last until a matched rule is
+ ; ; encountered. The matched rule will be used to check the packet. If a packet does not
+ ; ; match any rule, it will be treated as invalid. The matching part of a rule consists
+ ; ; of `for` and `filter` sections. They collectively define which packets can be checked
+ ; ; with this rule. `for` defines packet type (data or interest) and `filter` defines
+ ; ; conditions on other properties of a packet. Right now, you can only define conditions
+ ; ; on packet name, and you can only specify ONLY ONE filter for packet name. The
+ ; ; checking part of a rule consists of `checker`, which defines the conditions that a
+ ; ; VALID packet MUST have. See comments in checker section for more details.
+ ;
+ ; rule
+ ; {
+ ; id "NRD Prefix Registration Command Rule"
+ ; for interest ; rule for Interests (to validate CommandInterests)
+ ; filter
+ ; {
+ ; type name ; condition on interest name (w/o signature)
+ ; regex ^[<localhop><localhost>]<nfd><rib>[<register><unregister>]<>{3}$
+ ; }
+ ; checker
+ ; {
+ ; type customized
+ ; sig-type rsa-sha256 ; interest must have a rsa-sha256 signature
+ ; key-locator
+ ; {
+ ; type name ; key locator must be the certificate name of the
+ ; ; signing key
+ ; regex ^[^<KEY>]*<KEY><>*<ksk-.*><ID-CERT>$
+ ; }
+ ; }
+ ; }
+ ; rule
+ ; {
+ ; id "NDN Testbed Hierarchy Rule"
+ ; for data ; rule for Data (to validate NDN certificates)
+ ; filter
+ ; {
+ ; type name ; condition on data name
+ ; regex ^[^<KEY>]*<KEY><>*<ksk-.*><ID-CERT><>$
+ ; }
+ ; checker
+ ; {
+ ; type hierarchical ; the certificate name of the signing key and
+ ; ; the data name must follow the hierarchical model
+ ; sig-type rsa-sha256 ; data must have a rsa-sha256 signature
+ ; }
+ ; }
+ ; trust-anchor
+ ; {
+ ; type file
+ ; file-name keys/default.ndncert ; the file name, by default this file should be placed in the
+ ; ; same folder as this config file.
+ ; }
+ ; ; trust-anchor ; Can be repeated multiple times to specify multiple trust anchors
+ ; ; {
+ ; ; type file
+ ; ; file-name keys/ndn-testbed.ndncert
+ ; ; }
+ ; }
+}
diff --git a/nfd/debian/nfd.dirs b/nfd/debian/nfd.dirs
new file mode 100644
index 0000000..7b4b7fd
--- /dev/null
+++ b/nfd/debian/nfd.dirs
@@ -0,0 +1,3 @@
+etc
+usr/bin
+usr/share
diff --git a/nfd/debian/nfd.install b/nfd/debian/nfd.install
new file mode 100644
index 0000000..8eb146e
--- /dev/null
+++ b/nfd/debian/nfd.install
@@ -0,0 +1,6 @@
+etc/ndn/*
+usr/bin/*
+usr/share/*
+debian/nfd-start usr/bin/
+debian/nfd-stop usr/bin/
+debian/nfd.conf /etc/ndn/
diff --git a/nfd/debian/nfd.nrd.upstart b/nfd/debian/nfd.nrd.upstart
new file mode 100644
index 0000000..69d5913
--- /dev/null
+++ b/nfd/debian/nfd.nrd.upstart
@@ -0,0 +1,29 @@
+# nrd.conf
+#
+# NDN RIB Manager Daemon
+
+description "NDN RIB Manager Daemon"
+author "Tai-Lin Chu <tailinchu@gmail.com>"
+
+start on started nfd
+stop on stopping nfd
+
+respawn
+respawn limit unlimited
+
+setuid ndn
+setgid ndn
+
+pre-start exec sleep 2
+script
+ export HOME=/var/lib/ndn/nrd
+ /usr/bin/nrd --config /etc/ndn/nfd.conf 2>> /var/log/ndn/nrd.log
+end script
+
+post-stop exec sleep 2
+
+# post-start script
+# sleep 3
+# # Apply initial configuration
+# [ -r /etc/ndn/nfd.init ] && sh /etc/ndn/nfd.init
+# end script
diff --git a/nfd/debian/nfd.postinst b/nfd/debian/nfd.postinst
new file mode 100644
index 0000000..d608129
--- /dev/null
+++ b/nfd/debian/nfd.postinst
@@ -0,0 +1,31 @@
+#!/bin/sh -e
+
+if [ "$1" != "configure" ]; then
+ exit 0
+fi
+
+mkdir -p /var/log/ndn
+chown -R ndn:ndn /var/log/ndn
+
+if [ ! -f /etc/ndn/certs/localhost_daemons_nrd.ndncert ]; then
+ # Create HOME and generate self-signed NDN certificate for nfd
+ mkdir -p /var/lib/ndn/nfd/.ndn
+ HOME=/var/lib/ndn/nfd ndnsec-keygen /localhost/daemons/nfd | \
+ HOME=/var/lib/ndn/nfd ndnsec-install-cert -
+
+ # Create HOME and generate self-signed NDN certificate for nrd
+ sudo mkdir -p /var/lib/ndn/nrd/.ndn
+ sudo chown -R ndn:ndn /var/lib/ndn/nrd
+ sudo -u ndn -g ndn HOME=/var/lib/ndn/nrd ndnsec-keygen /localhost/daemons/nrd | \
+ sudo -u ndn -g ndn HOME=/var/lib/ndn/nrd ndnsec-install-cert -
+
+ # Dump RIB Management daemon's certificate
+ sudo mkdir /etc/ndn/certs
+ sudo sh -c 'sudo -u ndn -g ndn HOME=/var/lib/ndn/nrd \
+ ndnsec-dump-certificate -i /localhost/daemons/nrd \
+ > /etc/ndn/certs/localhost_daemons_nrd.ndncert'
+fi
+
+#DEBHELPER#
+
+exit 0
diff --git a/nfd/debian/nfd.preinst b/nfd/debian/nfd.preinst
new file mode 100644
index 0000000..37f4d91
--- /dev/null
+++ b/nfd/debian/nfd.preinst
@@ -0,0 +1,61 @@
+#!/bin/sh
+# preinst script for nfd
+#
+# see: dh_installdeb(1)
+
+set -e
+
+# summary of how this script can be called:
+# * <new-preinst> `install'
+# * <new-preinst> `install' <old-version>
+# * <new-preinst> `upgrade' <old-version>
+# * <old-preinst> `abort-upgrade' <new-version>
+# for details, see http://www.debian.org/doc/debian-policy/ or
+# the debian-policy package
+
+
+case "$1" in
+ install|upgrade)
+ # Now we have to ensure the following state:
+ # /etc/passwd: ndn:x:YYY:ZZZ:NDN User:/nonexistent:/bin/false
+ # /etc/group: ndn:x:ZZZ:
+ #
+ # Sadly there could any state be present on the system so we have to
+ # modify everything carefully i.e. not doing a chown before creating
+ # the user etc...
+
+ # creating ndn group if he isn't already there
+ if ! getent group ndn >/dev/null; then
+ # Adding system group: ndn.
+ addgroup --system ndn >/dev/null
+ fi
+
+ # creating ndn user if he isn't already there
+ if ! getent passwd ndn >/dev/null; then
+ # Adding system user: ndn.
+ adduser \
+ --system \
+ --disabled-login \
+ --ingroup ndn \
+ --home /nonexistent \
+ --gecos "NDN User" \
+ --shell /bin/false \
+ ndn >/dev/null
+ fi
+ ;;
+
+ abort-upgrade)
+ ;;
+
+ *)
+ echo "preinst called with unknown argument \`$1'" >&2
+ exit 1
+ ;;
+esac
+
+# dh_installdeb will replace this with shell code automatically
+# generated by other debhelper scripts.
+
+#DEBHELPER#
+
+exit 0
\ No newline at end of file
diff --git a/nfd/debian/nfd.upstart b/nfd/debian/nfd.upstart
new file mode 100644
index 0000000..c9f077f
--- /dev/null
+++ b/nfd/debian/nfd.upstart
@@ -0,0 +1,21 @@
+# nfd.conf
+#
+# NDN Forwarding Daemon
+
+description "NDN forwarding daemon"
+author "Alexander Afanasyev <alexander.afanasyev@ucla.edu>"
+
+# start on filesystem or runlevel [2345]
+# stop on runlevel [!2345]
+
+start on started network-services
+stop on stopping network-services
+
+respawn
+respawn limit unlimited
+
+env HOME=/var/lib/ndn/nfd
+export HOME
+
+exec /usr/bin/nfd --config /etc/ndn/nfd.conf 2>> /var/log/ndn/nfd.log
+post-stop exec sleep 2
diff --git a/nfd/debian/rules b/nfd/debian/rules
new file mode 100755
index 0000000..7625da5
--- /dev/null
+++ b/nfd/debian/rules
@@ -0,0 +1,40 @@
+#!/usr/bin/make -f
+# -*- makefile -*-
+# Sample debian/rules that uses debhelper.
+# This file was originally written by Joey Hess and Craig Small.
+# As a special exception, when this file is copied by dh-make into a
+# dh-make output file, you may use that output file without restriction.
+# This special exception was added by Craig Small in version 0.37 of dh-make.
+
+# Uncomment this to turn on verbose mode.
+# export DH_VERBOSE=1
+
+LDFLAGS := $(shell dpkg-buildflags --get LDFLAGS)
+
+%:
+ dh $@ --parallel
+
+override_dh_auto_configure:
+ ./waf --nocache configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var
+
+override_dh_auto_build:
+ ./waf --nocache build
+
+override_dh_auto_install:
+ ./waf install --destdir=debian/tmp
+
+override_dh_auto_clean:
+ ./waf distclean
+
+override_dh_clean:
+ dh_clean
+ ./waf distclean
+ rm -rf .waf-1*
+ rm -f .waf-tools/*.pyc
+ rm -f docs/*.pyc
+
+override_dh_auto_test:
+
+override_dh_installinit:
+ dh_installinit
+ dh_installinit --name=nrd
diff --git a/nfd/debian/source/format b/nfd/debian/source/format
new file mode 100644
index 0000000..163aaf8
--- /dev/null
+++ b/nfd/debian/source/format
@@ -0,0 +1 @@
+3.0 (quilt)