network/dnscrypt-proxy: Updated for version 1.4.1.

Signed-off-by: Willy Sudiarto Raharjo <willysr@slackbuilds.org>
2024-09-30 05:39:56 +02:00 · 2014-10-05 23:38:01 +07:00 · 2014-10-05 23:38:01 +07:00 · 1bbffca294
commit 1bbffca294
parent 7d79d34559
10 changed files with 542 additions and 4 deletions
--- a/network/dnscrypt-proxy/README
+++ b/network/dnscrypt-proxy/README
@ -4,3 +4,8 @@ resolver or as a DNS forwarder, encrypting and authenticating requests using the
 DNSCrypt protocol and passing them to an upstream server.

 By default dnscrypt-proxy is configured to use OpenDNS' servers.
+
+Be sure to read README.Slackware for information on configuring/running
+dnscrypt-proxy as a daemon!
+
+Optional dependency: ldns
--- a/network/dnscrypt-proxy/README.Slackware
+++ b/network/dnscrypt-proxy/README.Slackware
@ -0,0 +1,56 @@
+A. Setup
+
+An init script and configuration file have been provided to run dnscrypt-proxy
+as a daemon. To configure dnscrypt-proxy, edit /etc/default/dnscrypt-proxy with
+the desired settings. By default dnscrypt-proxy will use an OpenDNS server and
+will run on localhost (127.0.0.1), port 53.
+
+The configuration file is setup to use a dnscrypt user by default, and to
+chroot into that user's home directory to maximize security. In order to use
+the default configuration you should create a dnscrypt user and group with the
+following commands:
+
+    groupadd -g 293 dnscrypt
+    useradd -u 293 -g 293 -c "DNSCrypt" -d /run/dnscrypt -s /bin/false dnscrypt
+
+If you decide to use another user you should edit the CHROOTDIR and USER
+options in /etc/default/dnscrypt-proxy (there are example settings provided for
+the user 'nobody').
+
+In order to send all DNS requests through dnscrypt-proxy, you will need to
+update /etc/resolv.conf to point to localhost. If using dhcpcd, the easiest way
+to set dnscrypt-proxy as the primary (but not exclusive) dns resolver is to
+create file /etc/resolv.conf.head with the following line:
+
+    nameserver 127.0.0.1
+
+You may also have to add the following line to enable EDNS:
+
+    options edns0
+
+To start dnscrypt-proxy automatically at system start, add the following to
+/etc/rc.d/rc.local:
+
+    if [ -x /etc/rc.d/rc.dnscrypt-proxy ]; then
+        /etc/rc.d/rc.dnscrypt-proxy start
+    fi
+
+To properly stop dnscrypt-proxy on system shutdown, add the following to
+/etc/rc.d/rc.local_shutdown:
+
+    if [ -x /etc/rc.d/rc.dnscrypt-proxy ]; then
+        /etc/rc.d/rc.dnscrypt-proxy stop
+    fi
+
+B. DNS Cache
+
+dnscrypt-proxy is just a DNS resolver and does not cache DNS queries. In order
+to minimize the number of external DNS lookups, you can also run a local
+caching DNS server. A sample configuration for dnsmasq (included with
+Slackware) is provided at /usr/doc/dnscrypt-proxy-@VERSION@/dnsmasq.conf. A
+sample configuration for bind/named that also does local DNSSEC validation (if
+supported by the upstream DNS server) is also provided at
+/usr/doc/dnscrypt-proxy-@VERSION@/named.conf. Both configurations run on port
+53, forwarding lookups to dnscrypt-proxy running on port 55. In order to use
+these configurations you will need to change the port dnscrypt-proxy runs on in
+/etc/default/dnscrypt-proxy.
--- a/network/dnscrypt-proxy/dnscrypt-proxy.SlackBuild
+++ b/network/dnscrypt-proxy/dnscrypt-proxy.SlackBuild
@ -22,8 +22,13 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

+# Thanks to Larry Hajali for work on README.Slackware, some configure options,
+# the basis for the sample dnsmasq configuration, the logrotate configuration,
+# and the idea for an init script. His contributions significantly improved the
+# value of this script!
+
 PRGNAM=dnscrypt-proxy
-VERSION=${VERSION:-1.4.0}
+VERSION=${VERSION:-1.4.1}
 BUILD=${BUILD:-1}
 TAG=${TAG:-_SBo}

@ -78,6 +83,11 @@ CXXFLAGS="$SLKCFLAGS" \
  --localstatedir=/var \
  --mandir=/usr/man \
  --docdir=/usr/doc/$PRGNAM-$VERSION \
+  --enable-plugins \
+  --enable-plugins-root \
+  --enable-static=no \
+  --disable-ltdl-install \
+  --without-included-ltdl \
  --build=$ARCH-slackware-linux

 make
@ -86,14 +96,24 @@ make install-strip DESTDIR=$PKG
 find $PKG/usr/man -type f -exec gzip -9 {} \;
 for i in $( find $PKG/usr/man -type l ) ; do ln -s $( readlink $i ).gz $i.gz ; rm $i ; done

+mkdir -p $PKG/var/{run,log}/$PRGNAM $PKG/etc/default
+chmod 0700 $PKG/var/{run,log}/$PRGNAM
+sed "s/@VERSION@/$VERSION/" $CWD/$PRGNAM.default > $PKG/etc/default/$PRGNAM.new
+install -D -m 0755 $CWD/rc.$PRGNAM $PKG/etc/rc.d/rc.$PRGNAM.new
+install -D -m 0644 $CWD/$PRGNAM.logrotate $PKG/etc/logrotate.d/$PRGNAM.new
+
 mkdir -p $PKG/usr/doc/$PRGNAM-$VERSION
 cp -a \
  AUTHORS ChangeLog COPYING INSTALL NEWS README README-PLUGINS.markdown README.markdown TECHNOTES THANKS \
  $PKG/usr/doc/$PRGNAM-$VERSION
+sed "s/@VERSION@/$VERSION/g" $CWD/README.Slackware > $PKG/usr/doc/$PRGNAM-$VERSION/README.Slackware
+cat $CWD/dnsmasq.conf > $PKG/usr/doc/$PRGNAM-$VERSION/dnsmasq.conf
+cat $CWD/named.conf > $PKG/usr/doc/$PRGNAM-$VERSION/named.conf
 cat $CWD/$PRGNAM.SlackBuild > $PKG/usr/doc/$PRGNAM-$VERSION/$PRGNAM.SlackBuild

 mkdir -p $PKG/install
 cat $CWD/slack-desc > $PKG/install/slack-desc
+cat $CWD/doinst.sh > $PKG/install/doinst.sh

 cd $PKG
 /sbin/makepkg -l y -c n $OUTPUT/$PRGNAM-$VERSION-$ARCH-$BUILD$TAG.${PKGTYPE:-tgz}
--- a/network/dnscrypt-proxy/dnscrypt-proxy.default
+++ b/network/dnscrypt-proxy/dnscrypt-proxy.default
@ -0,0 +1,72 @@
+# /etc/default/dnscrypt-proxy
+
+# This file contains the configuration settings for dnscrypt-proxy. This file
+# supports configuring and running multiple instances (see the bottom of this
+# file for a sample secondary configuration).
+
+# CHROOTDIR should be the same path as the USER's home directory.
+# For the standard dnscrypt user this should be "/run/dnscrypt". For nobody,
+# this should be "/".
+CHROOTDIR[0]="/run/dnscrypt"
+#CHROOTDIR[0]="/"
+
+# The local address and (optional) port to listen on. The default port is 53.
+LOCALADDRESS[0]="127.0.0.1:53"
+
+# The pid file for this instance. PIDFILE must always be specified for each
+# instance!
+PIDFILE[0]="/var/run/dnscrypt-proxy/dnscrypt-proxy-0.pid"
+
+# Runs the daemon as the following user and chroots to that user's home
+# directory (this is a security feature -- it is best not to change this!)
+USER[0]="dnscrypt"
+#USER[0]="nobody"
+
+# If RESOLVERNAME is set, then RESOLVERADDRESS, PROVIDERNAME, and
+# PROVIDERKEY will be ignored. RESOLVERNAME should be the name of a resolver
+# from RESOLVERSLIST (the first column).
+RESOLVERNAME[0]="opendns"
+
+# Specify the location of the resolver list, used if RESOLVERNAME is set.
+RESOLVERSLIST[0]="/usr/share/dnscrypt-proxy/dnscrypt-resolvers.csv"
+
+# If RESOLVERNAME is unset, RESOLVERADDRESS, PROVIDERNAME and PROVIDERKEY are
+# the settings of the remote DNSCrypt provider.
+#RESOLVERADDRESS[0]="208.67.220.220:443"
+#PROVIDERNAME[0]="2.dnscrypt-cert.opendns.com"
+#PROVIDERKEY[0]="B735:1140:206F:225D:3E2B:D822:D7FD:691E:A1C3:3CC8:D666:8D0C:BE04:BFAB:CA43:FB79"
+
+# Transparently add an OPT pseudo-RR to outgoing queries in order to enable
+# the EDNS0 extension mechanism. The payload size is the size of the largest
+# response we accept from the resolver before retrying over TCP. This feature
+# is enabled by default, with a payload size  of  1252 bytes. Any value below
+# 512 disables it.
+#EDNSPAYLOADSIZE[0]="1252"
+
+# Set the maximum number of simultaneous active requests (default 250).
+#MAXACTIVEREQUESTS[0]="250"
+
+# Use TCP instead of UDP. This is slower than UDP, and this workaround should
+# never be used except when bypassing a filter is actually required. Moreover,
+# multiple queries over a single TCP connection aren't supported yet.
+# Don't use this unless you have to. Defaults to off ("no").
+#TCPONLY[0]="no"
+
+# Load the following plugins. None are loaded by default. See
+# /usr/doc/dnscrypt-proxy-@VERSION@/README-PLUGINS.markdown for more
+# information.
+#PLUGINS[0]="libdcplugin_example,--ips=/etc/blk-ips,--domains=/etc/blk-names \
+#libdcplugin_example_logging,/var/log/dns.log"
+
+# Where and what to log. The default LOGLEVEL is LOG_INFO.
+#LOGLEVEL[0]="LOG_INFO"
+LOGFILE[0]="/var/log/dnscrypt-proxy/dnscrypt-proxy.log"
+
+# A simple example configuration for a second instance
+#CHROOTDIR[1]="/run/dnscrypt"
+#LOCALADDRESS[1]="127.0.0.2:53"
+#PIDFILE[1]="/var/run/dnscrypt-proxy/dnscrypt-proxy-1.pid"
+#USER[1]="dnscrypt"
+#RESOLVERNAME[1]="cloudns-can"
+#RESOLVERSLIST[1]="/usr/share/dnscrypt-proxy/dnscrypt-resolvers.csv"
+#LOGFILE[1]="/var/log/dnscrypt-proxy/dnscrypt-proxy-1.log"
--- a/network/dnscrypt-proxy/dnscrypt-proxy.info
+++ b/network/dnscrypt-proxy/dnscrypt-proxy.info
@ -1,8 +1,8 @@
 PRGNAM="dnscrypt-proxy"
-VERSION="1.4.0"
+VERSION="1.4.1"
 HOMEPAGE="http://dnscrypt.org/"
-DOWNLOAD="http://download.dnscrypt.org/dnscrypt-proxy/dnscrypt-proxy-1.4.0.tar.bz2"
-MD5SUM="40b5b73f5042330b86084460d7c839c6"
+DOWNLOAD="http://download.dnscrypt.org/dnscrypt-proxy/dnscrypt-proxy-1.4.1.tar.bz2"
+MD5SUM="f9d59b23fcad864af7db7d6304fda77f"
 DOWNLOAD_x86_64=""
 MD5SUM_x86_64=""
 REQUIRES="libsodium"
--- a/network/dnscrypt-proxy/dnscrypt-proxy.logrotate
+++ b/network/dnscrypt-proxy/dnscrypt-proxy.logrotate
@ -0,0 +1,9 @@
+/var/log/dnscrypt-proxy/*log {
+    weekly
+    rotate 7
+    copytruncate
+    delaycompress
+    compress
+    notifempty
+    missingok
+}
--- a/network/dnscrypt-proxy/dnsmasq.conf
+++ b/network/dnscrypt-proxy/dnsmasq.conf
@ -0,0 +1,21 @@
+# Use dnsmasq as a caching DNS forwarder to dnscrypt-proxy. This configuration
+# assumes dnscrypt-proxy is running on port 55.
+
+# Never forward plain names (without a dot or domain part)
+domain-needed
+
+# Never forward addresses in the non-routed address spaces.
+bogus-priv
+
+# Don't use /etc/resolv.conf. Forward all queries to dnscrypt-proxy.
+no-resolv
+
+# Use the resolver on localhost port 55 (dnscrypt-proxy)
+server=127.0.0.1#55
+
+# Listen on localhost. Default port 53
+listen-address=127.0.0.1
+
+# Pass on the upstream DNSSEC flag. Only enable this if you trust the upstream
+# resolver.
+#proxy-dnssec
--- a/network/dnscrypt-proxy/doinst.sh
+++ b/network/dnscrypt-proxy/doinst.sh
@ -0,0 +1,27 @@
+config() {
+  NEW="$1"
+  OLD="$(dirname $NEW)/$(basename $NEW .new)"
+  # If there's no config file by that name, mv it over:
+  if [ ! -r $OLD ]; then
+    mv $NEW $OLD
+  elif [ "$(cat $OLD | md5sum)" = "$(cat $NEW | md5sum)" ]; then
+    # toss the redundant copy
+    rm $NEW
+  fi
+  # Otherwise, we leave the .new copy for the admin to consider...
+}
+
+preserve_perms() {
+  NEW="$1"
+  OLD="$(dirname $NEW)/$(basename $NEW .new)"
+  if [ -e $OLD ]; then
+    cp -a $OLD ${NEW}.incoming
+    cat $NEW > ${NEW}.incoming
+    mv ${NEW}.incoming $NEW
+  fi
+  config $NEW
+}
+
+preserve_perms etc/rc.d/rc.dnscrypt-proxy.new
+config etc/default/dnscrypt-proxy.new
+config etc/logrotate.d/dnscrypt-proxy.new
--- a/network/dnscrypt-proxy/named.conf
+++ b/network/dnscrypt-proxy/named.conf
@ -0,0 +1,153 @@
+options {
+	directory "/var/named";
+	/*
+	 * If there is a firewall between you and nameservers you want
+	 * to talk to, you might need to uncomment the query-source
+	 * directive below.  Previous versions of BIND always asked
+	 * questions using port 53, but BIND 8.1 uses an unprivileged
+	 * port by default.
+	 */
+	// query-source address * port 53;
+	forwarders { 127.0.0.1 port 55; };
+	forward only;
+	dnssec-enable yes;
+	dnssec-validation auto;
+	dnssec-lookaside auto;
+	allow-transfer { "none"; };
+	allow-query { 127.0.0.1; };
+	listen-on { 127.0.0.1; };
+};
+
+// 
+// a caching only nameserver config
+// 
+zone "." IN {
+	type hint;
+	file "caching-example/named.root";
+};
+
+zone "localhost" IN {
+	type master;
+	file "caching-example/localhost.zone";
+	allow-update { none; };
+};
+
+zone "0.0.127.in-addr.arpa" IN {
+	type master;
+	file "caching-example/named.local";
+	allow-update { none; };
+};
+
+// RFC 1918. These shouldn't be necessary but empty-zones-enable isn't
+// working properly...
+zone "10.in-addr.arpa" IN {
+	type master;
+	file "caching-example/named.local";
+	allow-update { none; };
+};
+
+zone "16.172.in-addr.arpa" IN {
+	type master;
+	file "caching-example/named.local";
+	allow-update { none; };
+};
+
+zone "17.172.in-addr.arpa" IN {
+	type master;
+	file "caching-example/named.local";
+	allow-update { none; };
+};
+
+zone "18.172.in-addr.arpa" IN {
+	type master;
+	file "caching-example/named.local";
+	allow-update { none; };
+};
+
+zone "19.172.in-addr.arpa" IN {
+	type master;
+	file "caching-example/named.local";
+	allow-update { none; };
+};
+
+zone "20.172.in-addr.arpa" IN {
+	type master;
+	file "caching-example/named.local";
+	allow-update { none; };
+};
+
+zone "21.172.in-addr.arpa" IN {
+	type master;
+	file "caching-example/named.local";
+	allow-update { none; };
+};
+
+zone "22.172.in-addr.arpa" IN {
+	type master;
+	file "caching-example/named.local";
+	allow-update { none; };
+};
+
+zone "23.172.in-addr.arpa" IN {
+	type master;
+	file "caching-example/named.local";
+	allow-update { none; };
+};
+
+zone "24.172.in-addr.arpa" IN {
+	type master;
+	file "caching-example/named.local";
+	allow-update { none; };
+};
+
+zone "25.172.in-addr.arpa" IN {
+	type master;
+	file "caching-example/named.local";
+	allow-update { none; };
+};
+
+zone "26.172.in-addr.arpa" IN {
+	type master;
+	file "caching-example/named.local";
+	allow-update { none; };
+};
+
+zone "27.172.in-addr.arpa" IN {
+	type master;
+	file "caching-example/named.local";
+	allow-update { none; };
+};
+
+zone "28.172.in-addr.arpa" IN {
+	type master;
+	file "caching-example/named.local";
+	allow-update { none; };
+};
+
+zone "29.172.in-addr.arpa" IN {
+	type master;
+	file "caching-example/named.local";
+	allow-update { none; };
+};
+
+zone "30.172.in-addr.arpa" IN {
+	type master;
+	file "caching-example/named.local";
+	allow-update { none; };
+};
+
+zone "31.172.in-addr.arpa" IN {
+	type master;
+	file "caching-example/named.local";
+	allow-update { none; };
+};
+
+zone "168.192.in-addr.arpa" IN {
+	type master;
+	file "caching-example/named.local";
+	allow-update { none; };
+};
+
+logging {
+	category edns-disabled { null; };
+};
--- a/network/dnscrypt-proxy/rc.dnscrypt-proxy
+++ b/network/dnscrypt-proxy/rc.dnscrypt-proxy
@ -0,0 +1,175 @@
+#!/bin/bash
+
+CONFIGFILE="/etc/default/dnscrypt-proxy"
+DAEMON="/usr/sbin/dnscrypt-proxy"
+
+. $CONFIGFILE
+
+start_instance() {
+    if [ -z ${PIDFILE[$1]} ]; then
+        echo "No configuration for instance $1 found!"
+        return
+    fi
+    if [ -r ${PIDFILE[$1]} ]; then
+        echo "dnscrypt-proxy (instance $1) already running!"
+        return
+    fi
+
+    # dnscrypt-proxy will work without this, but it drops privileges before
+    # seeding the PRNG. libevent tries to work around a missing /dev/urandom
+    # but it's safer just to make sure it is available in the chroot.
+    if [ -n "${CHROOTDIR[$1]}" ]; then
+        if [ "$(readlink -f ${CHROOTDIR[$1]})" != "/" ]; then
+            if [ ! -d ${CHROOTDIR[$1]} ]; then
+                mkdir -p ${CHROOTDIR[$1]}
+                chmod 755 ${CHROOTDIR[$1]}
+            fi
+            if [ ! -d ${CHROOTDIR[$1]}/dev ]; then
+                mkdir -p ${CHROOTDIR[$1]}/dev
+                chmod 755 ${CHROOTDIR[$1]}/dev
+            fi
+            if [ ! -c ${CHROOTDIR[$1]}/dev/urandom ]; then
+                mknod -m 666 ${CHROOTDIR[$1]}/dev/urandom c 1 9
+            fi
+        fi
+    fi
+
+    OPTIONS="-d"
+    if [ -n "${LOCALADDRESS[$1]}" ]; then
+        OPTIONS="${OPTIONS} --local-address=${LOCALADDRESS[$1]}"
+    fi
+    if [ -n "${PIDFILE[$1]}" ]; then
+        OPTIONS="${OPTIONS} --pidfile=${PIDFILE[$1]}"
+    fi
+    if [ -n "${USER[$1]}" ]; then
+        OPTIONS="${OPTIONS} --user=${USER[$1]}"
+    fi
+    if [ -n "${RESOLVERNAME[$1]}" ]; then
+        OPTIONS="${OPTIONS} --resolver-name=${RESOLVERNAME[$1]}"
+    fi
+    if [ -n "${RESOLVERSLIST[$1]}" ]; then
+        OPTIONS="${OPTIONS} --resolvers-list=${RESOLVERSLIST[$1]}"
+    fi
+    if [ -z "${RESOLVERNAME[$1]}" ] && [ -n "${RESOLVERADDRESS[$1]}" ]; then
+        OPTIONS="${OPTIONS} --resolver-address=${RESOLVERADDRESS[$1]}"
+    fi
+    if [ -z "${RESOLVERNAME[$1]}" ] && [ -n "${PROVIDERNAME[$1]}" ]; then
+        OPTIONS="${OPTIONS} --provider-name=${PROVIDERNAME[$1]}"
+    fi
+    if [ -z "${RESOLVERNAME[$1]}" ] && [ -n "${PROVIDERKEY[$1]}" ]; then
+        OPTIONS="${OPTIONS} --provider-key=${PROVIDERKEY[$1]}"
+    fi
+    if [ -n "${EDNSPAYLOADSIZE[$1]}" ]; then
+        OPTIONS="${OPTIONS} --edns-payload-size=${EDNSPAYLOADSIZE[$1]}"
+    fi
+    if [ -n "${MAXACTIVEREQUESTS[$1]}" ]; then
+        OPTIONS="${OPTIONS} --max-active-requests=${MAXACTIVEREQUESTS[$1]}"
+    fi
+    if [ "${TCPONLY[$1]}" == "yes" ]; then
+        OPTIONS="${OPTIONS} --tcp-only"
+    fi
+    if [ -n "${PLUGINS[$1]}" ]; then
+        for plugin in ${PLUGINS[$1]}
+        do
+            OPTIONS="${OPTIONS} --plugin=${plugin}"
+        done
+    fi
+    if [ -n "${LOGLEVEL[$1]}" ]; then
+        OPTIONS="${OPTIONS} --loglevel=${LOGLEVEL[$1]}"
+    fi
+    if [ -n "${LOGFILE[$1]}" ]; then
+        OPTIONS="${OPTIONS} --logfile=${LOGFILE[$1]}"
+    fi
+    $DAEMON $OPTIONS
+}
+
+stop_instance() {
+    if [ -z ${PIDFILE[$1]} ]; then
+        echo "No configuration for instance $1 found!"
+        return
+    fi
+    if [ ! -r ${PIDFILE[$1]} ]; then
+        echo "dnscrypt-proxy (instance $1) is not running!"
+        return
+    fi
+    echo "Stopping dnscrypt-proxy (instance $1)..."
+    kill $(cat ${PIDFILE[$1]})
+}
+
+status_instance() {
+    if [ -z ${PIDFILE[$1]} ]; then
+        echo "No configuration for instance $1 found!"
+        return
+    fi
+    if [ ! -r ${PIDFILE[$1]} ]; then
+        echo "dnscrypt-proxy (instance $1) is not running."
+        return
+    fi
+    PID=$(cat ${PIDFILE[$1]})
+    if [ -z "$PID" ]; then
+        echo "PID file is empty! dnscrypt-proxy (instance $1) does not appear to be running, but there is a stale PID file."
+    elif kill -0 $PID ; then
+        echo "dnscrypt-proxy (instance $1) is running."
+    else
+        echo "dnscrypt-proxy (instance $1) is not running, but there is a stale PID file."
+    fi
+}
+
+start() {
+    for i in `/usr/bin/seq 0 $((${#PIDFILE[@]}-1))`
+    do
+        start_instance $i
+    done
+}
+
+stop() {
+    for i in `/usr/bin/seq 0 $((${#PIDFILE[@]}-1))`
+    do
+        stop_instance $i
+    done
+}
+
+status() {
+    for i in `/usr/bin/seq 0 $((${#PIDFILE[@]}-1))`
+    do
+        status_instance $i
+    done
+}
+
+case "$1" in
+    'start')
+        start
+        ;;
+    'stop')
+        stop
+        ;;
+    'restart')
+        stop
+        start
+        ;;
+    'status')
+        status
+        ;;
+    *_start)
+        INSTANCE=`echo $1 | /bin/cut -d '_' -f 1`
+        start_instance $INSTANCE
+        ;;
+    *_stop)
+        INSTANCE=`echo $1 | /bin/cut -d '_' -f 1`
+        stop_instance $INSTANCE
+        ;;
+    *_restart)
+        INSTANCE=`echo $1 | /bin/cut -d '_' -f 1`
+        stop_instance $INSTANCE
+        sleep 1
+        start_instance $INSTANCE
+        ;;
+    *_status)
+        INSTANCE=`echo $1 | /bin/cut -d '_' -f 1`
+        status_instance $INSTANCE
+        ;;
+    *)
+        echo "Usage: $0 {start|stop|restart|status|#_start|#_stop|#_restart}"
+        exit 1
+        ;;
+esac